Add patches for security bug #231831. -r3 is -r0 with the patch, stable candidate without swscaler. -r20 is -r2 with the patch, with swscaler.

Package-Manager: portage-2.2_rc1/cvs/Linux 2.6.25.7 x86_64
author: Alexis Ballier <aballier@gentoo.org> 2008-07-17 07:53:58 +0000
committer: Alexis Ballier <aballier@gentoo.org> 2008-07-17 07:53:58 +0000
commit: 616279a63208d767b1805b86361495929018fa6a (patch)
tree: 68bf79ad4b7095484a3fd50d5e14b192bcbd6dbe /media-video
parent: Fix up SRC_URI, upstream calls gnu-classpath by just classpath (diff)
download: historical-616279a63208d767b1805b86361495929018fa6a.tar.gz
historical-616279a63208d767b1805b86361495929018fa6a.tar.bz2
historical-616279a63208d767b1805b86361495929018fa6a.zip
5 files changed, 440 insertions, 2 deletions
diff --git a/media-video/ffmpeg/ChangeLog b/media-video/ffmpeg/ChangeLog
index 95898c319551..5fbc3345e3ee 100644
--- a/media-video/ffmpeg/ChangeLog
+++ b/media-video/ffmpeg/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for media-video/ffmpeg
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-video/ffmpeg/ChangeLog,v 1.220 2008/07/07 20:39:09 loki_val Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-video/ffmpeg/ChangeLog,v 1.221 2008/07/17 07:53:57 aballier Exp $
+
+*ffmpeg-0.4.9_p20070616-r20 (17 Jul 2008)
+*ffmpeg-0.4.9_p20070616-r3 (17 Jul 2008)
+
+  17 Jul 2008; Alexis Ballier <aballier@gentoo.org>
+  +files/CVE-2008-3162.patch, +ffmpeg-0.4.9_p20070616-r3.ebuild,
+  +ffmpeg-0.4.9_p20070616-r20.ebuild:
+  Add patches for security bug #231831. -r3 is -r0 with the patch, stable
+  candidate without swscaler. -r20 is -r2 with the patch, with swscaler.
 
   07 Jul 2008; Peter Alfredsen <loki_val@gentoo.org>
   ffmpeg-0.4.9_p20080326.ebuild:
diff --git a/media-video/ffmpeg/Manifest b/media-video/ffmpeg/Manifest
index cfc4d888f596..1a9d1880f0ed 100644
--- a/media-video/ffmpeg/Manifest
+++ b/media-video/ffmpeg/Manifest
@@ -1,4 +1,8 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
 AUX 0.4.8-gcc3.4-magicF2W.patch 994 RMD160 4192e2537d220d4b63c55bdea36ac7f5532d8a6a SHA1 07c79c6680ebe0b1a695394ba4d24abb503c4b46 SHA256 3d359f8483903dcc876be0ee4ff511d63a8cf57fade26d58f72e4a3ec0694226
+AUX CVE-2008-3162.patch 2936 RMD160 5a4c226d5d43d106cced92b9e80c5cbc9b9fc8e2 SHA1 dcc242a09deba9a2e960621244e42b72dfd9c661 SHA256 1a07075fcfb6c763912cd295a34532a629f3cf1d3fef60fed1c6418c80abda7d
 AUX ffmpeg-0.4.9_p20060302-amr-64bit.patch 1161 RMD160 c3e17a8e8a3e501ae9ce8b8e455063444d1bc15f SHA1 e4f280a2934e238529ca8b0d8d2abec2638d9fb1 SHA256 f993ac1ad11e254d846fbd0b3f73f81043551fce90438fdd196374ca9ece6c9c
 AUX ffmpeg-0.4.9_p20060302-fbsd-flags.patch 366 RMD160 ae6a9b23e3a5cc018563a9f023273be821bab44a SHA1 9bea2c97d2a2a0ca26d6474699ef449948b82d66 SHA256 0af48d342f5001d856ba850b7c8ecc8e46ff809b765b28adbb1c0674b4c2c414
 AUX ffmpeg-0.4.9_p20060530-snow-mmx.patch 10622 RMD160 7c2d6900b9079468d6ab2bc9b619ebe853d7b8fb SHA1 1d2d0f0323f990208ca8927bae5d2f746c5b50d8 SHA256 7df5d4a945d36b582392f671eead16a94bdc75e859ab69c1f2e6c05c34bf8c7b
@@ -16,8 +20,17 @@ DIST ffmpeg-0.4.9-p20080206.tar.bz2 2474139 RMD160 0472ed0fa1d69a791328b3c221bdd
 DIST ffmpeg-0.4.9-p20080326.tar.bz2 2505113 RMD160 72e6c77e1d3abad32582e1e226fdfd6139d744b7 SHA1 4b348d8b8d8a1c4073b5f9eab2092eea6188b9a3 SHA256 72684719183fee4ef110b82af3960700470622a756cfb116cfd5c3e3b6ae89d3
 EBUILD ffmpeg-0.4.9_p20070616-r1.ebuild 5689 RMD160 d3098df2faf6ed8bb446c7d23c030a60b3b945c2 SHA1 eb3931cd4a8eca2b0cc77f5dedc6ec02ab2de12d SHA256 29d6116c4af64866f286ee0baade7e05b2b51055aa2f4dfee04dc74a94099209
 EBUILD ffmpeg-0.4.9_p20070616-r2.ebuild 5761 RMD160 8deab60e9301c695dea9c631b69dcb79646ef932 SHA1 825b44d0b32a9e372f3505079455111513ef3a19 SHA256 0eceeb8a2215ccb577e97c4138bbb3285023fc45e49c4b73cac5200a5cab7454
+EBUILD ffmpeg-0.4.9_p20070616-r20.ebuild 5836 RMD160 ec982fa1f8b0823d817a723a4179f21dc73e9a4f SHA1 b1a3ef9ae14e8ca6a6fb70d4077c35592ce35355 SHA256 7ec16882ac8a3bb3e3c7098c3330f6bbc1bcb4c4477b1505aace2321d0bfdc6e
+EBUILD ffmpeg-0.4.9_p20070616-r3.ebuild 5629 RMD160 e30d33d1db34c3afe7d71bd1a457c651267cc3c3 SHA1 cd7008cb61b01db3e2cb17f228b74a00f2cc5d4a SHA256 26131184082662775c39a6fb63ec9c5b2d77042f7d18eff23c656e1721bebe54
 EBUILD ffmpeg-0.4.9_p20070616.ebuild 5544 RMD160 988fc4648a3d3f1f97299ecf487ade95e851d230 SHA1 5851bdf4449ee383236d668205b06baf746dcd70 SHA256 002663f87e8281bbd7395ce56e97fe24db99ab8273faae65fa601b9bb737d083
 EBUILD ffmpeg-0.4.9_p20080206.ebuild 5209 RMD160 be8038158c780b31842f0054c7bed3148922350e SHA1 0ac4ef0f819d8e9e75794a3ed01c24f6b86d967e SHA256 e5be2b691b44145a32206a4724c6db47cb79bd7de1ae0f1d7fafff0442bfe61b
 EBUILD ffmpeg-0.4.9_p20080326.ebuild 5246 RMD160 a52a5cf821b2026f7dcd09c452c97b90bf58496c SHA1 735aefd0a3c019246a532ed14210ca33834200e4 SHA256 91cf06581bcfd9137dfce8c9d68ab7cf62f35959d257754b2aeaf6359fa1e580
-MISC ChangeLog 33651 RMD160 80046502121e375c7d37d486bad46129ec2f8400 SHA1 7d66ec61cde9aea4bad3e992707a2d332a3f00e1 SHA256 faa7064ad0aa4f8b28d3a8814aa1da47572a84b7b05bbdb968750276a1204b0d
+MISC ChangeLog 34038 RMD160 f50c90c3dac9edde1225e1046b43ed6e3a963fbc SHA1 3c7336c667060ce022c5334ef3934c03f47f89eb SHA256 e73e03e79b127f40cbe422c1b580cf72439cfeda7de967e361c14d234b36c2a5
 MISC metadata.xml 223 RMD160 86b42c49b694db39ddb3fdc60b98a3ad1a0c3392 SHA1 ea8c387229caaf4b0d3c9fbef9143b70dcae0b0d SHA256 dd48e823ec9a151bc3611121402ed26ee24eb3304aa62870b1e875a8fa0ac812
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.9 (GNU/Linux)
+
+iEYEARECAAYFAkh++p0ACgkQvFcC4BYPU0rxkQCfTbMeD8xjlmNRZsSDLqVN6mLW
+kC0An1lP+J9XpsnbDBVT+bEUr/XxHU3e
+=UeW5
+-----END PGP SIGNATURE-----
diff --git a/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r20.ebuild b/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r20.ebuild
new file mode 100644
index 000000000000..df75af2d69b8
--- /dev/null
+++ b/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r20.ebuild
@@ -0,0 +1,181 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r20.ebuild,v 1.1 2008/07/17 07:53:57 aballier Exp $
+
+inherit eutils flag-o-matic multilib toolchain-funcs
+
+DESCRIPTION="Complete solution to record, convert and stream audio and video.
+Includes libavcodec. SVN revision 9330"
+HOMEPAGE="http://ffmpeg.org/"
+MY_P=${P/_/-}
+S=${WORKDIR}/ffmpeg
+
+SRC_URI="mirror://gentoo/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="aac altivec amr debug doc ieee1394 a52 encode imlib ipv6 mmx ogg vorbis
+	oss test theora threads truetype v4l x264 xvid network zlib sdl X"
+
+RDEPEND="imlib? ( media-libs/imlib2 )
+	truetype? ( >=media-libs/freetype-2 )
+	sdl? ( >=media-libs/libsdl-1.2.10 )
+	encode? ( media-sound/lame
+		vorbis? ( media-libs/libvorbis )
+		theora? ( media-libs/libtheora ) )
+	ogg? ( media-libs/libogg )
+	aac? ( media-libs/faad2 media-libs/faac )
+	a52? ( >=media-libs/a52dec-0.7.4-r4 )
+	xvid? ( >=media-libs/xvid-1.1.0 )
+	zlib? ( sys-libs/zlib )
+	ieee1394? ( =media-libs/libdc1394-1*
+				sys-libs/libraw1394 )
+	x264? ( media-libs/x264 )
+	X? ( x11-libs/libX11 x11-libs/libXext )
+	amr? ( media-libs/amrnb media-libs/amrwb )"
+
+DEPEND="${RDEPEND}
+	doc? ( app-text/texi2html )
+	test? ( net-misc/wget )"
+# Make sure the mmx USE flag is unmasked
+# Remove this once default-linux/amd64/2006.1 is deprecated
+DEPEND="${DEPEND} amd64? ( >=sys-apps/portage-2.1.2 )"
+
+src_unpack() {
+	unpack ${A} || die
+	cd "${S}"
+
+	#Append -DBROKEN_RELOCATIONS to build for bug 179872.
+	#Pretty please fix me if you can.
+	append-flags "-DBROKEN_RELOCATIONS"
+
+	#Append -fomit-frame-pointer to avoid some common issues
+	use debug || append-flags "-fomit-frame-pointer"
+
+	# for some reason it tries to #include <X11/Xlib.h>, but doesn't use it
+	sed -i s:\#define\ HAVE_X11:\#define\ HAVE_LINUX: ffplay.c
+
+	# .pc files contain wrong libdir path
+	epatch ${FILESDIR}/${PN}-libdir-2007.patch
+	sed -i -e "s:GENTOOLIBDIR:$(get_libdir):" configure
+
+	# Make it use pic always since we don't need textrels
+	sed -i -e "s:LIBOBJFLAGS=\"\":LIBOBJFLAGS=\'\$\(PIC\)\':" configure
+
+	# To make sure the ffserver test will work
+	sed -i -e "s:-e debug=off::" tests/server-regression.sh
+
+	# Fix building with altivec for bug 183687
+	sed -i -e "s:TARGET_ALTIVEC:HAVE_ALTIVEC:" libswscale/Makefile
+
+	epatch "${FILESDIR}"/${PN}-arm-pld.patch
+	epatch "${FILESDIR}/${PN}-shared-gcc4.1.patch"
+	# disable non pic safe asm, bug #172877, bug #172845 and dupes
+	# epatch "${FILESDIR}/${PN}-0.4.9_p20070330-asmpic.patch"
+
+	# Security fix, bug #231831
+	epatch "${FILESDIR}/CVE-2008-3162.patch"
+}
+
+src_compile() {
+	replace-flags -O0 -O2
+	#x86, what a wonderful arch....
+	replace-flags -O1 -O2
+	local myconf="${EXTRA_ECONF}"
+
+	#disable mmx accelerated code if not requested, or if PIC is required
+	# as the provided asm decidedly is not PIC.
+	if ( gcc-specs-pie || ! use mmx ) ; then
+		myconf="${myconf} --disable-mmx"
+	fi
+
+	# enabled by default
+	use altivec || myconf="${myconf} --disable-altivec"
+	use debug || myconf="${myconf} --disable-debug"
+	use oss || myconf="${myconf} --disable-audio-oss"
+	use v4l || myconf="${myconf} --disable-v4l --disable-v4l2"
+	use ieee1394 || myconf="${myconf} --disable-dv1394"
+	use zlib || myconf="${myconf} --disable-zlib"
+	use sdl || myconf="${myconf} --disable-ffplay"
+
+	if use network; then
+		use ipv6 || myconf="${myconf} --disable-ipv6"
+	else
+		myconf="${myconf} --disable-network"
+	fi
+
+	myconf="${myconf} --disable-opts"
+
+	# disabled by default
+	if use encode
+	then
+		myconf="${myconf} --enable-libmp3lame"
+		use vorbis && myconf="${myconf} --enable-libvorbis --enable-libogg"
+		use theora && myconf="${myconf} --enable-libtheora --enable-libogg"
+	fi
+	use a52 && myconf="${myconf} --enable-liba52"
+	use ieee1394 && myconf="${myconf} --enable-dc1394"
+	use threads && myconf="${myconf} --enable-pthreads"
+	use xvid && myconf="${myconf} --enable-libxvid"
+	use X && myconf="${myconf} --enable-x11grab"
+	use ogg && myconf="${myconf} --enable-libogg"
+	use x264 && myconf="${myconf} --enable-libx264"
+	use aac && myconf="${myconf} --enable-libfaad --enable-libfaac"
+	use amr && myconf="${myconf} --enable-libamr-nb --enable-libamr-wb"
+
+	myconf="${myconf} --enable-gpl --enable-pp \
+			--enable-swscaler --disable-strip"
+
+	tc-is-cross-compiler && myconf="${myconf} --cross-compile --arch=$(tc-arch-kernel)"
+
+	# Specific workarounds for too-few-registers arch...
+	if [[ $(tc-arch) == "x86" ]]; then
+		filter-flags -fforce-addr -momit-leaf-frame-pointer
+		append-flags -fomit-frame-pointer
+		is-flag -O? || append-flags -O2
+		if (use debug); then
+			# no need to warn about debug if not using debug flag
+			ewarn ""
+			ewarn "Debug information will be almost useless as the frame pointer is omitted."
+			ewarn "This makes debugging harder, so crashes that has no fixed behavior are"
+			ewarn "difficult to fix. Please have that in mind."
+			ewarn ""
+		fi
+	fi
+
+	cd ${S}
+	./configure \
+		--prefix=/usr \
+		--libdir=/usr/$(get_libdir) \
+		--shlibdir=/usr/$(get_libdir) \
+		--mandir=/usr/share/man \
+		--enable-static --enable-shared \
+		"--cc=$(tc-getCC)" \
+		${myconf} || die "configure failed"
+
+	emake -j1 depend || die "depend failed"
+	emake || die "make failed"
+}
+
+src_install() {
+	emake -j1 LDCONFIG=true DESTDIR=${D} install || die "Install Failed"
+
+	use doc && emake -j1 documentation
+	dodoc Changelog README INSTALL
+	dodoc doc/*
+}
+
+# Never die for now...
+src_test() {
+	cd ${S}/tests
+	for t in "codectest libavtest test-server" ; do
+		make ${t} || ewarn "Some tests in ${t} failed"
+	done
+}
+
+pkg_postinst() {
+	ewarn "ffmpeg may have had ABI changes, if ffmpeg based programs"
+	ewarn "like xine-lib or vlc stop working as expected please"
+	ewarn "rebuild them."
+}
diff --git a/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r3.ebuild b/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r3.ebuild
new file mode 100644
index 000000000000..60f048bc4df1
--- /dev/null
+++ b/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r3.ebuild
@@ -0,0 +1,172 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-video/ffmpeg/ffmpeg-0.4.9_p20070616-r3.ebuild,v 1.1 2008/07/17 07:53:57 aballier Exp $
+
+inherit eutils flag-o-matic multilib toolchain-funcs
+
+DESCRIPTION="Complete solution to record, convert and stream audio and video.
+Includes libavcodec. SVN revision 9330"
+HOMEPAGE="http://ffmpeg.org/"
+MY_P=${P/_/-}
+S=${WORKDIR}/ffmpeg
+
+SRC_URI="mirror://gentoo/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="aac altivec amr debug doc ieee1394 a52 encode imlib mmx ogg vorbis oss
+	test theora threads truetype v4l x264 xvid network zlib sdl X"
+
+RDEPEND="imlib? ( media-libs/imlib2 )
+	truetype? ( >=media-libs/freetype-2 )
+	sdl? ( >=media-libs/libsdl-1.2.10 )
+	encode? ( media-sound/lame
+		vorbis? ( media-libs/libvorbis )
+		theora? ( media-libs/libtheora ) )
+	ogg? ( media-libs/libogg )
+	aac? ( media-libs/faad2 media-libs/faac )
+	a52? ( >=media-libs/a52dec-0.7.4-r4 )
+	xvid? ( >=media-libs/xvid-1.1.0 )
+	zlib? ( sys-libs/zlib )
+	ieee1394? ( =media-libs/libdc1394-1*
+				sys-libs/libraw1394 )
+	x264? ( media-libs/x264 )
+	X? ( x11-libs/libX11 x11-libs/libXext )
+	amr? ( media-libs/amrnb media-libs/amrwb )"
+
+DEPEND="${RDEPEND}
+	doc? ( app-text/texi2html )
+	test? ( net-misc/wget )"
+# Make sure the mmx USE flag is unmasked
+# Remove this once default-linux/amd64/2006.1 is deprecated
+DEPEND="${DEPEND} amd64? ( >=sys-apps/portage-2.1.2 )"
+
+src_unpack() {
+	unpack ${A} || die
+	cd ${S}
+
+	#Append -DBROKEN_RELOCATIONS to build for bug 179872.
+	#Pretty please fix me if you can.
+	append-flags "-DBROKEN_RELOCATIONS"
+
+	#Append -fomit-frame-pointer to avoid some common issues
+	use debug || append-flags "-fomit-frame-pointer"
+
+	# for some reason it tries to #include <X11/Xlib.h>, but doesn't use it
+	sed -i s:\#define\ HAVE_X11:\#define\ HAVE_LINUX: ffplay.c
+
+	# .pc files contain wrong libdir path
+	epatch ${FILESDIR}/${PN}-libdir-2007.patch
+	sed -i -e "s:GENTOOLIBDIR:$(get_libdir):" configure
+
+	# Make it use pic always since we don't need textrels
+	sed -i -e "s:LIBOBJFLAGS=\"\":LIBOBJFLAGS=\'\$\(PIC\)\':" configure
+
+	# To make sure the ffserver test will work
+	sed -i -e "s:-e debug=off::" tests/server-regression.sh
+
+	epatch "${FILESDIR}"/${PN}-arm-pld.patch
+	epatch "${FILESDIR}/${PN}-shared-gcc4.1.patch"
+	# disable non pic safe asm, bug #172877, bug #172845 and dupes
+	# epatch "${FILESDIR}/${PN}-0.4.9_p20070330-asmpic.patch"
+
+	# Security fix, bug #231831
+	epatch "${FILESDIR}/CVE-2008-3162.patch"
+}
+
+src_compile() {
+	replace-flags -O0 -O2
+	#x86, what a wonderful arch....
+	replace-flags -O1 -O2
+	local myconf="${EXTRA_ECONF}"
+
+	#disable mmx accelerated code if not requested, or if PIC is required
+	# as the provided asm decidedly is not PIC.
+	if ( gcc-specs-pie || ! use mmx ) ; then
+		myconf="${myconf} --disable-mmx"
+	fi
+
+	# enabled by default
+	use altivec || myconf="${myconf} --disable-altivec"
+	use debug || myconf="${myconf} --disable-debug"
+	use oss || myconf="${myconf} --disable-audio-oss"
+	use v4l || myconf="${myconf} --disable-v4l --disable-v4l2"
+	use ieee1394 || myconf="${myconf} --disable-dv1394"
+	use network || myconf="${myconf} --disable-network"
+	use zlib || myconf="${myconf} --disable-zlib"
+	use sdl || myconf="${myconf} --disable-ffplay"
+
+	myconf="${myconf} --disable-opts"
+
+	# disabled by default
+	if use encode
+	then
+		myconf="${myconf} --enable-libmp3lame"
+		use vorbis && myconf="${myconf} --enable-libvorbis --enable-libogg"
+		use theora && myconf="${myconf} --enable-libtheora --enable-libogg"
+	fi
+	use a52 && myconf="${myconf} --enable-liba52"
+	use ieee1394 && myconf="${myconf} --enable-dc1394"
+	use threads && myconf="${myconf} --enable-pthreads"
+	use xvid && myconf="${myconf} --enable-libxvid"
+	use X && myconf="${myconf} --enable-x11grab"
+	use ogg && myconf="${myconf} --enable-libogg"
+	use x264 && myconf="${myconf} --enable-libx264"
+	use aac && myconf="${myconf} --enable-libfaad --enable-libfaac"
+	use amr && myconf="${myconf} --enable-libamr-nb --enable-libamr-wb"
+
+	myconf="${myconf} --enable-gpl --enable-pp --disable-strip"
+
+	tc-is-cross-compiler && myconf="${myconf} --cross-compile --arch=$(tc-arch-kernel)"
+
+	# Specific workarounds for too-few-registers arch...
+	if [[ $(tc-arch) == "x86" ]]; then
+		filter-flags -fforce-addr -momit-leaf-frame-pointer
+		append-flags -fomit-frame-pointer
+		is-flag -O? || append-flags -O2
+		if (use debug); then
+			# no need to warn about debug if not using debug flag
+			ewarn ""
+			ewarn "Debug information will be almost useless as the frame pointer is omitted."
+			ewarn "This makes debugging harder, so crashes that has no fixed behavior are"
+			ewarn "difficult to fix. Please have that in mind."
+			ewarn ""
+		fi
+	fi
+
+	cd ${S}
+	./configure \
+		--prefix=/usr \
+		--libdir=/usr/$(get_libdir) \
+		--shlibdir=/usr/$(get_libdir) \
+		--mandir=/usr/share/man \
+		--enable-static --enable-shared \
+		"--cc=$(tc-getCC)" \
+		${myconf} || die "configure failed"
+
+	emake -j1 depend || die "depend failed"
+	emake || die "make failed"
+}
+
+src_install() {
+	emake -j1 LDCONFIG=true DESTDIR=${D} install || die "Install Failed"
+
+	use doc && emake -j1 documentation
+	dodoc Changelog README INSTALL
+	dodoc doc/*
+}
+
+# Never die for now...
+src_test() {
+	cd ${S}/tests
+	for t in "codectest libavtest test-server" ; do
+		make ${t} || ewarn "Some tests in ${t} failed"
+	done
+}
+
+pkg_postinst() {
+	ewarn "ffmpeg may have had ABI changes, if ffmpeg based programs"
+	ewarn "like xine-lib or vlc stop working as expected please"
+	ewarn "rebuild them."
+}
diff --git a/media-video/ffmpeg/files/CVE-2008-3162.patch b/media-video/ffmpeg/files/CVE-2008-3162.patch
new file mode 100644
index 000000000000..032a3e7016b3
--- /dev/null
+++ b/media-video/ffmpeg/files/CVE-2008-3162.patch
@@ -0,0 +1,63 @@
+CVE-2008-3162:
+Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c
+in FFmpeg before r13993 allows remote attackers to cause a denial of service 
+(application crash) or execute arbitrary code via a crafted STR file that interleaves
+audio and video sectors.
+
+Patch from
+http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993
+
+Index: ffmpeg/libavformat/psxstr.c
+===================================================================
+--- ffmpeg.orig/libavformat/psxstr.c
++++ ffmpeg/libavformat/psxstr.c
+@@ -276,12 +276,23 @@ static int str_read_packet(AVFormatConte
+                 int current_sector = AV_RL16(&sector[0x1C]);
+                 int sector_count   = AV_RL16(&sector[0x1E]);
+                 int frame_size = AV_RL32(&sector[0x24]);
+-                int bytes_to_copy;
++
++                if(!(   frame_size>=0
++                     && current_sector < sector_count
++                     && sector_count*VIDEO_DATA_CHUNK_SIZE >=frame_size)){
++                    av_log(s, AV_LOG_ERROR, "Invalid parameters %d %d %d\n", current_sector, sector_count, frame_size);
++                    return AVERROR_INVALIDDATA;
++                }
++
+ //        printf("%d %d %d\n",current_sector,sector_count,frame_size);
+                 /* if this is the first sector of the frame, allocate a pkt */
+                 pkt = &str->tmp_pkt;
+-                if (current_sector == 0) {
+-                    if (av_new_packet(pkt, frame_size))
++
++                if(pkt->size != sector_count*VIDEO_DATA_CHUNK_SIZE){
++                    if(pkt->data)
++                        av_log(s, AV_LOG_ERROR, "missmatching sector_count\n");
++                    av_free_packet(pkt);
++                    if (av_new_packet(pkt, sector_count*VIDEO_DATA_CHUNK_SIZE))
+                         return AVERROR_IO;
+ 
+                     pkt->pos= url_ftell(pb) - RAW_CD_SECTOR_SIZE;
+@@ -295,15 +306,15 @@ static int str_read_packet(AVFormatConte
+                        str->pts += (90000 / 15);
+                 }
+ 
+-                /* load all the constituent chunks in the video packet */
+-                bytes_to_copy = frame_size - current_sector*VIDEO_DATA_CHUNK_SIZE;
+-                if (bytes_to_copy>0) {
+-                    if (bytes_to_copy>VIDEO_DATA_CHUNK_SIZE) bytes_to_copy=VIDEO_DATA_CHUNK_SIZE;
+-                    memcpy(pkt->data + current_sector*VIDEO_DATA_CHUNK_SIZE,
+-                        sector + VIDEO_DATA_HEADER_SIZE, bytes_to_copy);
+-                }
++                memcpy(pkt->data + current_sector*VIDEO_DATA_CHUNK_SIZE,
++                       sector + VIDEO_DATA_HEADER_SIZE,
++                       VIDEO_DATA_CHUNK_SIZE);
++
+                 if (current_sector == sector_count-1) {
++                    pkt->size= frame_size;
+                     *ret_pkt = *pkt;
++                    pkt->data= NULL;
++                    pkt->size= -1;
+                     return 0;
+                 }
+
author	Alexis Ballier <aballier@gentoo.org>	2008-07-17 07:53:58 +0000
committer	Alexis Ballier <aballier@gentoo.org>	2008-07-17 07:53:58 +0000
commit	616279a63208d767b1805b86361495929018fa6a (patch)
tree	68bf79ad4b7095484a3fd50d5e14b192bcbd6dbe /media-video
parent	Fix up SRC_URI, upstream calls gnu-classpath by just classpath (diff)
download	historical-616279a63208d767b1805b86361495929018fa6a.tar.gz historical-616279a63208d767b1805b86361495929018fa6a.tar.bz2 historical-616279a63208d767b1805b86361495929018fa6a.zip