rpms/libmikmod/F-10 libmikmod-CVE-2007-6720.patch, NONE, 1.1 libmikmod-CVE-2009-0179.patch, NONE, 1.1 libmikmod.spec, 1.7, 1.8

Jindrich Novy jnovy at fedoraproject.org
Fri Aug 28 07:27:30 UTC 2009 

Author: jnovy

Update of /cvs/pkgs/rpms/libmikmod/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11776

Modified Files:
	libmikmod.spec 
Added Files:
	libmikmod-CVE-2007-6720.patch libmikmod-CVE-2009-0179.patch 
Log Message:
* Fri Aug 28 2009 Jindrich Novy <jnovy at redhat.com> 3.2.0-4.beta2
- fix CVE-2007-6720 (#479829)
- fix CVE-2009-0179 (#479833)


libmikmod-CVE-2007-6720.patch:
 mplayer.c |    8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

--- NEW FILE libmikmod-CVE-2007-6720.patch ---
diff -up libmikmod-3.2.0-beta2/playercode/mplayer.c.CVE-2007-6720 libmikmod-3.2.0-beta2/playercode/mplayer.c
--- libmikmod-3.2.0-beta2/playercode/mplayer.c.CVE-2007-6720	2004-01-31 23:40:22.000000000 +0100
+++ libmikmod-3.2.0-beta2/playercode/mplayer.c	2009-08-28 05:06:07.000000000 +0200
@@ -2318,7 +2318,7 @@ void pt_UpdateVoices(MODULE *mod, int ma
 	SAMPLE *s;
 
 	mod->totalchn=mod->realchn=0;
-	for (channel=0;channel<md_sngchn;channel++) {
+	for (channel=0;channel<pf->numchn;channel++) {
 		aout=&mod->voice[channel];
 		i=aout->main.i;
 		s=aout->main.s;
@@ -3089,7 +3089,7 @@ MIKMODAPI void Player_NextPosition(void)
 		pf->patbrk=0;
 		pf->vbtick=pf->sngspd;
 
-		for (t=0;t<md_sngchn;t++) {
+		for (t=0;t<pf->numchn;t++) {
 			Voice_Stop_internal(t);
 			pf->voice[t].main.i=NULL;
 			pf->voice[t].main.s=NULL;
@@ -3114,7 +3114,7 @@ MIKMODAPI void Player_PrevPosition(void)
 		pf->patbrk=0;
 		pf->vbtick=pf->sngspd;
 
-		for (t=0;t<md_sngchn;t++) {
+		for (t=0;t<pf->numchn;t++) {
 			Voice_Stop_internal(t);
 			pf->voice[t].main.i=NULL;
 			pf->voice[t].main.s=NULL;
@@ -3141,7 +3141,7 @@ MIKMODAPI void Player_SetPosition(UWORD 
 		pf->sngpos=pos;
 		pf->vbtick=pf->sngspd;
 
-		for (t=0;t<md_sngchn;t++) {
+		for (t=0;t<pf->numchn;t++) {
 			Voice_Stop_internal(t);
 			pf->voice[t].main.i=NULL;
 			pf->voice[t].main.s=NULL;

libmikmod-CVE-2009-0179.patch:
 loaders/load_xm.c    |    3 ++-
 playercode/mloader.c |   10 ++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

--- NEW FILE libmikmod-CVE-2009-0179.patch ---
diff -ur libmikmod-3.1.11.orig/loaders/load_xm.c libmikmod-3.1.11/loaders/load_xm.c
--- libmikmod-3.1.11.orig/loaders/load_xm.c	2004-01-21 18:43:53.000000000 +0100
+++ libmikmod-3.1.11/loaders/load_xm.c	2008-04-16 04:30:45.000000000 +0200
@@ -622,7 +622,8 @@
 				/* read the remainder of the header */
 				for(u=headend-_mm_ftell(modreader);u;u--) _mm_read_UBYTE(modreader);
 
-				if(_mm_eof(modreader)) {
+				/* last instrument is at the end of file in version 0x0104 */
+				if(_mm_eof(modreader) && (mh->version<0x0104 || t<of.numins-1)) {
 					free(nextwav);free(wh);
 					nextwav=NULL;wh=NULL;
 					_mm_errno = MMERR_LOADING_SAMPLEINFO;
diff -ur libmikmod-3.1.11.orig/playercode/mloader.c libmikmod-3.1.11/playercode/mloader.c
--- libmikmod-3.1.11.orig/playercode/mloader.c	2004-01-21 18:43:53.000000000 +0100
+++ libmikmod-3.1.11/playercode/mloader.c	2008-04-16 04:30:45.000000000 +0200
@@ -450,10 +450,12 @@
 	if (!l->Init || l->Init()) {
 		_mm_rewind(modreader);
 		ok = l->Load(curious);
-		/* propagate inflags=flags for in-module samples */
-		for (t = 0; t < of.numsmp; t++)
-			if (of.samples[t].inflags == 0)
-				of.samples[t].inflags = of.samples[t].flags;
+		if (ok) {
+			/* propagate inflags=flags for in-module samples */
+			for (t = 0; t < of.numsmp; t++)
+				if (of.samples[t].inflags == 0)
+					of.samples[t].inflags = of.samples[t].flags;
+		}
 	} else
 		ok = 0;
 


Index: libmikmod.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libmikmod/F-10/libmikmod.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- libmikmod.spec	18 Feb 2008 21:52:21 -0000	1.7
+++ libmikmod.spec	28 Aug 2009 07:27:30 -0000	1.8
@@ -1,7 +1,7 @@
 Summary: A MOD music file player library
 Name: libmikmod
 Version: 3.2.0
-Release: 3.beta2%{?dist}
+Release: 4.beta2%{?dist}
 License: GPLv2 and LGPLv2+
 Group: Applications/Multimedia
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -14,6 +14,8 @@ Patch2:  libmikmod-strip-lib.patch
 Patch3:  libmikmod-multilib.patch
 Patch4:  libmikmod-autoconf.patch
 Patch5:  libmikmod-info.patch
+Patch6:  libmikmod-CVE-2007-6720.patch
+Patch7:  libmikmod-CVE-2009-0179.patch
 
 %description
 libmikmod is a library used by the mikmod MOD music file player for
@@ -39,6 +41,8 @@ applications for mikmod.
 %patch3 -p1 -b .multilib
 %patch4 -p1 -b .autoconf
 %patch5 -p1 -b .info
+%patch6 -p1 -b .CVE-2007-6720
+%patch7 -p1 -b .CVE-2009-0179
 
 %build
 %configure
@@ -80,6 +84,10 @@ fi
 %{_mandir}/man1/libmikmod-config*
 
 %changelog
+* Fri Aug 28 2009 Jindrich Novy <jnovy at redhat.com> 3.2.0-4.beta2
+- fix CVE-2007-6720 (#479829)
+- fix CVE-2009-0179 (#479833)
+
 * Mon Feb 18 2008 Hans de Goede <j.w.r.degoede at hhs.nl> 3.2.0-3.beta2
 - Fix MikMod_InfoLoader() and MikMod_InfoDriver() functions, fixing mikmod -n
   output

More information about the fedora-extras-commits mailing list