diff --git a/dvgrab-3.1-bad-timecode-handling.patch b/dvgrab-3.1-bad-timecode-handling.patch new file mode 100644 index 0000000..45dc12b --- /dev/null +++ b/dvgrab-3.1-bad-timecode-handling.patch @@ -0,0 +1,48 @@ +Date: 2008-04-13 18:42 +From: Patrick Mansfield +Subject: fix segfault when timecodes are bad + +Hi - + +I am also hitting bug 1865787 "dvgrab-3.x -autosplit segfaults', this: + +http://sourceforge.net/tracker/index.php?func=detail&aid=1865787&group_id=14103&atid=114103 + +Large timecode values are causing a stack overflow in DVgrab::sendCaptureStatus, +the printf precision for integers specifies the minimum number of digits, +not the maximum, so the tc_str can be longer than 32 bytes. + +I don't know WHY the timecodes are so large, but at least it doesn't +segfault with this patch. + +With the fix (or while debugging), I am seeing status lines like this: + +"again-2003.12.24_09-06-53.avi": 36.91 MiB 322 frames timecode 00:07:56.14 date 2003.12.24 09:07:04 +"again-2003.12.24_09-08-20.avi": 74.57 MiB 651 frames timecode 167058900:-1319513512:-1291087864.163713312 date 2008.04.13 11:23:17 +"again-2004.01.14_11-32-20.avi": 10.02 MiB 87 frames timecode 00:00:03.15 date 2004.01.14 11:32:23 + +Without the fix, we segfault before the second line above can be output. + +I have a test file if someone wants it, but it is 200Mb in size. + +The strings should fit into 47 and 77 bytes respectively, but the fix +allows for some extra space and uses 64 and 128 bytes for the strings in +DVgrab::sendCaptureStatus (even though it is the timecode that was causing +the segfault, we should be safe and increase the size of both strings). + +Index: dvgrab/dvgrab.cc +=================================================================== +RCS file: /cvsroot/kino/dvgrab/dvgrab.cc,v +retrieving revision 1.61 +diff -u -r1.61 dvgrab.cc +--- dvgrab/dvgrab.cc 27 Feb 2008 05:09:48 -0000 1.61 ++++ dvgrab/dvgrab.cc 13 Apr 2008 18:27:11 -0000 +@@ -779,7 +779,7 @@ + + void DVgrab::sendCaptureStatus( const char *name, float size, int frames, TimeCode *tc, struct tm *rd, bool newline ) + { +- char tc_str[32], rd_str[32]; ++ char tc_str[64], rd_str[128]; + + if ( tc ) + sprintf( tc_str, "%2.2d:%2.2d:%2.2d.%2.2d", diff --git a/dvgrab.spec b/dvgrab.spec index 2bdcfd4..b990a29 100644 --- a/dvgrab.spec +++ b/dvgrab.spec @@ -1,12 +1,13 @@ Summary: Utility to capture video from a DV camera Name: dvgrab Version: 3.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Group: Applications/Multimedia URL: http://www.kinodv.org/ Source: http://dl.sf.net/kino/dvgrab-%{version}.tar.gz -Patch: dvgrab-3.1-gcc43-fix.patch +Patch1: dvgrab-3.1-gcc43-fix.patch +Patch2: dvgrab-3.1-bad-timecode-handling.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libraw1394-devel libavc1394-devel libdv-devel BuildRequires: libiec61883-devel libjpeg-devel @@ -18,7 +19,8 @@ The dvgrab utility will capture digital video from a DV source on the firewire %prep %setup -q -%patch -p1 +%patch1 -p1 +%patch2 -p1 %build %configure @@ -38,6 +40,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/dvgrab.1* %changelog +* Tue Jun 24 2008 Jarod Wilson - 3.1-3 +- Fix segfault when we get bogus timecodes (#370931) + * Wed Feb 13 2008 Jarod Wilson - 3.1-2 - Fix build with gcc 4.3