diff --git a/mplayer-asx-parser.patch b/mplayer-asx-parser.patch new file mode 100644 index 0000000..1bd1944 --- /dev/null +++ b/mplayer-asx-parser.patch @@ -0,0 +1,111 @@ +Index: asxparser.c +=================================================================== +--- asxparser.c (wersja 36241) ++++ asxparser.c (wersja 36242) +@@ -388,7 +388,7 @@ + + static void + asx_parse_param(ASX_Parser_t* parser, char** attribs, play_tree_t* pt) { +- char *name,*val; ++ char *name = NULL,*val = NULL; + + name = asx_get_attrib("NAME",attribs); + if(!name) { +@@ -402,9 +402,11 @@ + mp_msg(MSGT_PLAYTREE,MSGL_WARN,"=%s\n",val); + else + mp_msg(MSGT_PLAYTREE,MSGL_WARN,"\n"); +- return; ++ goto err_out; + } +- play_tree_set_param(pt,name,val); ++ mp_msg(MSGT_PLAYTREE, MSGL_ERR, "Support for specifying parameters in playlists has been disabled.\n"); ++// play_tree_set_param(pt,name,val); ++err_out: + free(name); + free(val); + } +Index: DOCS/man/en/mplayer.1 +=================================================================== +--- DOCS/man/en/mplayer.1 (wersja 36241) ++++ DOCS/man/en/mplayer.1 (wersja 36242) +@@ -1259,6 +1259,15 @@ + Play files according to a playlist file (ASX, Winamp, SMIL, or + one-file-per-line format). + .br ++.I WARNING: ++The way MPlayer parses and uses playlist files is not safe against ++maliciously constructed files. ++Such files may trigger harmful actions. ++This has been the case for all MPlayer versions, but unfortunately this ++fact was not well documented earlier, and some people have even misguidedly ++recommended use of -playlist with untrusted sources. ++Do NOT use -playlist with random internet sources or files you don't trust! ++.br + .I NOTE: + This option is considered an entry so options found after it will apply + only to the elements of this playlist. +@@ -1266,6 +1275,13 @@ + FIXME: This needs to be clarified and documented thoroughly. + . + .TP ++.B \-allow-dangerous-playlist-parsing ++This enables parsing any file as a playlist if e.g. a server advertises ++a file as playlist. ++Only enable if you know all servers involved are trustworthy. ++MPlayer's playlist code is not designed to handle malicious playlist files. ++. ++.TP + .B \-rtc\-device + Use the specified device for RTC timing. + . +Index: mplayer.c +=================================================================== +--- mplayer.c (wersja 36241) ++++ mplayer.c (wersja 36242) +@@ -328,6 +328,8 @@ + static int crash_debug; + #endif + ++static int allow_playlist_parsing; ++ + /* This header requires all the global variable declarations. */ + #include "cfg-mplayer.h" + +@@ -3234,8 +3236,12 @@ + current_module = "handle_playlist"; + mp_msg(MSGT_CPLAYER, MSGL_V, "Parsing playlist %s...\n", + filename_recode(filename)); +- entry = parse_playtree(mpctx->stream, use_gui); +- mpctx->eof = playtree_add_playlist(entry); ++ if (allow_playlist_parsing) { ++ entry = parse_playtree(mpctx->stream, use_gui); ++ mpctx->eof = playtree_add_playlist(entry); ++ } else { ++ mp_msg(MSGT_CPLAYER, MSGL_ERR, "Playlist parsing disabled for security reasons. Ignoring file.\n"); ++ } + goto goto_next_file; + } + mpctx->stream->start_pos += seek_to_byte; +Index: cfg-mplayer.h +=================================================================== +--- cfg-mplayer.h (wersja 36241) ++++ cfg-mplayer.h (wersja 36242) +@@ -306,6 +306,8 @@ + + {"noloop", &mpctx_s.loop_times, CONF_TYPE_FLAG, 0, 0, -1, NULL}, + {"loop", &mpctx_s.loop_times, CONF_TYPE_INT, CONF_RANGE, -1, 10000, NULL}, ++ {"allow-dangerous-playlist-parsing", &allow_playlist_parsing, CONF_TYPE_FLAG, 0, 0, 1, NULL}, ++ {"noallow-dangerous-playlist-parsing", &allow_playlist_parsing, CONF_TYPE_FLAG, 0, 1, 0, NULL}, + {"playlist", NULL, CONF_TYPE_STRING, CONF_NOCFG, 0, 0, NULL}, + {"shuffle", NULL, CONF_TYPE_FLAG, CONF_NOCFG, 0, 0, NULL}, + {"noshuffle", NULL, CONF_TYPE_FLAG, CONF_NOCFG, 0, 0, NULL}, +Index: . +=================================================================== +--- . (wersja 36241) ++++ . (wersja 36242) + +Zmiany atrybutów dla: . +___________________________________________________________________ +Added: svn:mergeinfo + Połączono zmiany /trunk:r36238-36241 diff --git a/mplayer.spec b/mplayer.spec index 989f1d8..aa678cc 100644 --- a/mplayer.spec +++ b/mplayer.spec @@ -6,7 +6,7 @@ Name: mplayer Version: 1.1 -Release: 8.%{?pre}%{?dist} +Release: 9.%{?pre}%{?dist} Summary: Movie player playing most video formats and DVDs %if 0%{!?_without_amr:1} @@ -23,6 +23,7 @@ Source0: http://www.mplayerhq.hu/MPlayer/releases/MPlayer-%{version}%{?pr %endif Source1: http://www.mplayerhq.hu/MPlayer/skins/Blue-1.8.tar.bz2 Source10: mplayer-snapshot.sh +Patch0: mplayer-asx-parser.patch # set defaults for Fedora Patch2: %{name}-config.patch # use roff include statements instead of symlinks @@ -221,6 +222,7 @@ This package contains various scripts from MPlayer TOOLS directory. %setup -q -n MPlayer-%{version}%{?pre} rm -rf ffmpeg libdvdcss libdvdnav libdvdread4 %endif +%patch0 -p0 -b .asx-parser %patch2 -p1 -b .config %patch8 -p1 -b .manlinks %patch14 -p1 -b .nodvdcss @@ -380,6 +382,9 @@ update-desktop-database &>/dev/null || : %{_datadir}/mplayer/*.fp %changelog +* Wed May 08 2013 Julian Sikorski - 1.1-9.20130416svn +- Fixed dangerous playlist parsing + * Mon May 06 2013 Julian Sikorski - 1.1-8.20130416svn - Rebuilt for x264-0.130