Date: Tue, 19 Jan 2021 22:33:15 +0000 (UTC) From: Josh Paetzel <jpaetzel@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r562095 - in head/multimedia/libdvdcss: . files Message-ID: <202101192233.10JMXF51046974@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jpaetzel Date: Tue Jan 19 22:33:15 2021 New Revision: 562095 URL: https://svnweb.freebsd.org/changeset/ports/562095 Log: Fix potential buffer overflow. Along the way improve port Makefile PR: 252321 Submitted by: daniel.engberg.lists@pyret.net Added: head/multimedia/libdvdcss/files/ head/multimedia/libdvdcss/files/patch-src_libdvdcss.c (contents, props changed) Modified: head/multimedia/libdvdcss/Makefile Modified: head/multimedia/libdvdcss/Makefile ============================================================================== --- head/multimedia/libdvdcss/Makefile Tue Jan 19 22:32:23 2021 (r562094) +++ head/multimedia/libdvdcss/Makefile Tue Jan 19 22:33:15 2021 (r562095) @@ -2,9 +2,10 @@ # $FreeBSD$ PORTNAME= libdvdcss -PORTVERSION= 1.4.2 +DISTVERSION= 1.4.2 +PORTREVISION= 1 CATEGORIES= multimedia -MASTER_SITES= http://download.videolan.org/pub/${PORTNAME}/${PORTVERSION}/ +MASTER_SITES= https://download.videolan.org/pub/${PORTNAME}/${DISTVERSION}/ MAINTAINER= jpaetzel@FreeBSD.org COMMENT= Portable abstraction library for DVD decryption @@ -12,9 +13,10 @@ COMMENT= Portable abstraction library for DVD decrypti LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/COPYING +USES= libtool pathfix tar:bzip2 + RESTRICTED= CSS code may violate the DMCA -USES= gmake libtool pathfix tar:bzip2 GNU_CONFIGURE= yes USE_LDCONFIG= yes INSTALL_TARGET= install-strip Added: head/multimedia/libdvdcss/files/patch-src_libdvdcss.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/multimedia/libdvdcss/files/patch-src_libdvdcss.c Tue Jan 19 22:33:15 2021 (r562095) @@ -0,0 +1,23 @@ +--- src/libdvdcss.c.orig 2018-03-02 15:44:29 UTC ++++ src/libdvdcss.c +@@ -320,7 +320,19 @@ static int init_cache_dir( dvdcss_t dvdcss ) + return -1; + } + +- sprintf( psz_tagfile, "%s/" CACHE_TAG_NAME, dvdcss->psz_cachefile ); ++ i_ret = snprintf( psz_tagfile, PATH_MAX, "%s/" CACHE_TAG_NAME, ++ dvdcss->psz_cachefile ); ++ if ( i_ret < 0 || i_ret >= PATH_MAX) ++ { ++ if ( i_ret < 0) ++ print_error( dvdcss, "failed to compose cache directory tag path"); ++ else ++ print_error( dvdcss, "cache directory tag path too long: %s/" CACHE_TAG_NAME, ++ dvdcss->psz_cachefile ); ++ dvdcss->psz_cachefile[0] = '\0'; ++ return -1; ++ } ++ + i_fd = open( psz_tagfile, O_RDWR|O_CREAT, 0644 ); + if( i_fd >= 0 ) + {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202101192233.10JMXF51046974>