Re: [DVBCUT-user] Supported container formats

Sat, 22 Jul 2006 03:30:09 -0700 

Hi!

Ralph Glasstetter wrote:
Just for completeness... there is another patch from Michael (dvbcut-0.5.3-patch3.diff): 

 [PATCH] buffer overflow in mpgfile::initaudiocodeccontext() from 22-June-06:
http://sourceforge.net/mailarchive/forum.php?thread_id=14666934&forum_id=47012
So, there are 4 patches in total as far as I know... I still miss the patch2 file from Michael... but maybe this is the one from Sven concerning the reading of program streams?
I'm not sure if I published patch2 yet. It fixes some overflows in src/index.h. I'll attach a copy. 

--
Michael "Tired" Riepe <[EMAIL PROTECTED]>
X-Tired: Each morning I get up I die a little

Index: dvbcut/src/index.h
===================================================================
RCS file: /var/cvs/sys/qt3/dvbcut/src/index.h,v
retrieving revision 1.1.1.3
diff -u -r1.1.1.3 index.h
--- dvbcut/src/index.h  11 Dec 2005 20:32:23 -0000      1.1.1.3
+++ dvbcut/src/index.h  23 Mar 2006 23:53:46 -0000
@@ -53,7 +53,7 @@
     picture(filepos_t pos, pts_t _pts, int framerate, int aspectratio,
             int sequencenumber, int picturetype, bool seqheader=false) :
         position( pos ),
-        pts((_pts&0xffffffffffffll) | ((uint64_t)( 
(framerate&0xf)|((aspectratio&0xf)<<4)|
+        pts((_pts&0xffffffffffll) | ((uint64_t)( 
(framerate&0xf)|((aspectratio&0xf)<<4)|
                                        
((sequencenumber&0x3ff)<<8)|((picturetype&0x3)<<18)|(seqheader?0x100000:0) 
)<<40))
       { }
     picture() : position(0), pts(0)
@@ -66,7 +66,7 @@
     pts_t getpts() const
       {
       pts_t l=pts&0xffffffffffll;
-      return (l&0x8000000000ll) ? (l|0xffffff0000000000ll):l;
+      return (l ^ 0x8000000000ll) - 0x8000000000ll;
       }
     int getframerate() const
       {
@@ -136,10 +136,10 @@
     {
     pic+=skipfirst;
     int seq=pic;
-    while (!p[seq].getseqheader())
+    while (seq > 0 && !p[seq].getseqheader())
       --seq;
     pic=pic-seq;
-    while(p[seq].getsequencenumber()!=pic)
+    while(seq < pictures && p[seq].getsequencenumber()!=pic)
       ++seq;
     return seq;
     }

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
DVBCUT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dvbcut-user

Reply via email to