Package: mplayer Version: 2:1.0~rc3+svn20100502-3+b1 Severity: normal Tags: upstream
It is easily possible to crash mplayer through specially-crafted playlist files. Instead of crashing, the application should return with a proper exit code. $ cat _cassé.pls [playlist] numberofentries=0 Version=2 $ mplayer -playlist _cassé.pls Unknown entry type Version=2 Speicherzugriffsfehler # where Speicherzugriffsfehler means segfault -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mplayer depends on: ii libaa1 1.4p5-38 ascii art library ii libasound2 1.0.23-1 shared library for ALSA applicatio ii libaudio2 1.9.2-3 Network Audio System - shared libr ii libavcodec52 4:0.5.2-1 ffmpeg codec library ii libavformat52 4:0.5.2-1 ffmpeg file format library ii libavutil49 4:0.5.2-1 ffmpeg utility library ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libcaca0 0.99.beta17-1 colour ASCII art library ii libcdparanoia0 3.10.2+debian-9 audio extraction tool for sampling ii libdirectfb-1.2-9 1.2.10.0-4 direct frame buffer graphics - sha ii libdvdread4 4.1.3-10 library for reading DVDs ii libenca0 1.13-3 Extremely Naive Charset Analyser - ii libesd0 0.2.41-7 Enlightened Sound Daemon - Shared ii libfontconfig1 2.8.0-2.1 generic font configuration library ii libfreetype6 2.4.0-2 FreeType 2 font engine, shared lib ii libfribidi0 0.19.2-1 Free Implementation of the Unicode ii libgcc1 1:4.4.4-7 GCC support library ii libgif4 4.1.6-9 library for GIF images (library) ii libgl1-mesa-glx [libgl 7.7.1-4 A free implementation of the OpenG ii libjack0 [libjack-0.11 1:0.118+svn3796-7 JACK Audio Connection Kit (librari ii libjpeg62 6b1-1 The Independent JPEG Group's JPEG ii liblircclient0 0.8.3-5 infra-red remote control support - ii liblzo2-2 2.03-2 data compression library ii libncurses5 5.7+20100313-2 shared libraries for terminal hand ii libogg0 1.2.0~dfsg-1 Ogg bitstream library ii libopenal1 1:1.12.854-2 Software implementation of the Ope ii libpng12-0 1.2.44-1 PNG library - runtime ii libpostproc51 4:0.5.2-1 ffmpeg video postprocessing librar ii libpulse0 0.9.21-3+b1 PulseAudio client libraries ii libsdl1.2debian 1.2.14-6 Simple DirectMedia Layer ii libsmbclient 2:3.4.8~dfsg-2 shared library for communication w ii libspeex1 1.2~rc1-1 The Speex codec runtime library ii libstdc++6 4.4.4-7 The GNU Standard C++ Library v3 ii libsvga1 1:1.4.3-29 console SVGA display libraries ii libswscale0 4:0.5.2-1 ffmpeg video scaling library ii libtheora0 1.1.1+dfsg.1-3 The Theora Video Compression Codec ii libx11-6 2:1.3.3-3 X11 client-side library ii libxext6 2:1.1.2-1 X11 miscellaneous extension librar ii libxinerama1 2:1.1-3 X11 Xinerama extension library ii libxt6 1:1.0.7-1 X11 toolkit intrinsics library ii libxv1 2:1.0.5-1 X11 Video extension library ii libxvmc1 2:1.0.5-1 X11 Video extension library ii libxxf86dga1 2:1.1.1-2 X11 Direct Graphics Access extensi ii libxxf86vm1 1:1.1.0-2 X11 XFree86 video mode extension l ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime mplayer recommends no packages. Versions of packages mplayer suggests: ii bzip2 1.0.5-4 high-quality block-sorting file co ii fontconfig 2.8.0-2.1 generic font configuration library pn mplayer-doc <none> (no description available) pn netselect | fping <none> (no description available) ii ttf-freefont 20090104-7 Freefont Serif, Sans and Mono True -- no debconf information _______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
