[oe-commits] Chris Larson : libmikmod: apply patch for CVE-2010-2971
git version control
git at git.openembedded.org
Fri Jan 21 18:52:32 UTC 2011
Module: openembedded.git
Branch: master
Commit: 4880cfd0217466c737c14f5fe7687baa0a01c00d
URL: http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=4880cfd0217466c737c14f5fe7687baa0a01c00d
Author: Chris Larson <chris_larson at mentor.com>
Date: Tue Jan 18 12:22:23 2011 -0500
libmikmod: apply patch for CVE-2010-2971
Signed-off-by: Chris Larson <chris_larson at mentor.com>
---
recipes/libmikmod/libmikmod/CVE-2010-2971.patch | 24 +++++++++++++++++++++++
recipes/libmikmod/libmikmod_3.1.12.bb | 3 +-
recipes/libmikmod/libmikmod_3.2.0-beta2.bb | 3 +-
3 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/recipes/libmikmod/libmikmod/CVE-2010-2971.patch b/recipes/libmikmod/libmikmod/CVE-2010-2971.patch
new file mode 100644
index 0000000..94ea8f5
--- /dev/null
+++ b/recipes/libmikmod/libmikmod/CVE-2010-2971.patch
@@ -0,0 +1,24 @@
+---
+ loaders/load_it.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- libmikmod-3.1.12.orig/loaders/load_it.c
++++ libmikmod-3.1.12/loaders/load_it.c
+@@ -743,6 +743,8 @@ BOOL IT_Load(BOOL curious)
+ #define IT_LoadEnvelope(name,type) \
+ ih. name##flg =_mm_read_UBYTE(modreader); \
+ ih. name##pts =_mm_read_UBYTE(modreader); \
++ if (ih. name##pts > ITENVCNT) \
++ ih. name##pts = ITENVCNT; \
+ ih. name##beg =_mm_read_UBYTE(modreader); \
+ ih. name##end =_mm_read_UBYTE(modreader); \
+ ih. name##susbeg=_mm_read_UBYTE(modreader); \
+@@ -756,6 +758,8 @@ BOOL IT_Load(BOOL curious)
+ #define IT_LoadEnvelope(name,type) \
+ ih. name/**/flg =_mm_read_UBYTE(modreader); \
+ ih. name/**/pts =_mm_read_UBYTE(modreader); \
++ if (ih. name/**/pts > ITENVCNT) \
++ ih. name/**/pts = ITENVCNT; \
+ ih. name/**/beg =_mm_read_UBYTE(modreader); \
+ ih. name/**/end =_mm_read_UBYTE(modreader); \
+ ih. name/**/susbeg=_mm_read_UBYTE(modreader); \
diff --git a/recipes/libmikmod/libmikmod_3.1.12.bb b/recipes/libmikmod/libmikmod_3.1.12.bb
index fdc87ce..cf7b0f0 100644
--- a/recipes/libmikmod/libmikmod_3.1.12.bb
+++ b/recipes/libmikmod/libmikmod_3.1.12.bb
@@ -2,13 +2,14 @@ DESCRIPTION = "libmikmod is a module player library supporting many formats, inc
SECTION = "libs"
PRIORITY = "optional"
LICENSE = "LGPL"
-PR = "r3"
+PR = "r4"
SRC_URI = "\
${SOURCEFORGE_MIRROR}/mikmod/libmikmod-${PV}.tar.gz \
file://m4.patch \
file://autofoo.patch \
file://ldflags.patch \
+ file://CVE-2010-2971.patch \
"
inherit autotools binconfig
diff --git a/recipes/libmikmod/libmikmod_3.2.0-beta2.bb b/recipes/libmikmod/libmikmod_3.2.0-beta2.bb
index d692f1a..b54994b 100644
--- a/recipes/libmikmod/libmikmod_3.2.0-beta2.bb
+++ b/recipes/libmikmod/libmikmod_3.2.0-beta2.bb
@@ -3,7 +3,7 @@ SECTION = "libs"
PRIORITY = "optional"
LICENSE = "LGPL"
-PR="r2"
+PR = "r3"
DEFAULT_PREFERENCE = "-1"
@@ -13,6 +13,7 @@ SRC_URI = "\
http://mikmod.raphnet.net/files/libmikmod-${PV}.tar.gz \
file://m4.patch \
file://autofoo.patch \
+ file://CVE-2010-2971.patch \
"
inherit autotools binconfig
More information about the Openembedded-commits
mailing list