Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch')
-rw-r--r--media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch109
1 files changed, 109 insertions, 0 deletions
diff --git a/media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch b/media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch
new file mode 100644
index 000000000000..a49c50a56da6
--- /dev/null
+++ b/media-libs/libmikmod/files/3.2.0/005_all_CVE-2007-6720.patch
@@ -0,0 +1,109 @@
+--- playercode/mplayer.c
++++ playercode/mplayer.c
+@@ -50,6 +50,8 @@ extern long int random(void);
+ /* The currently playing module */
+ MODULE *pf = NULL;
+
++#define NUMVOICES(mod) (md_sngchn < (mod)->numvoices ? md_sngchn : (mod)->numvoices)
++
+ #define HIGH_OCTAVE 2 /* number of above-range octaves */
+
+ static UWORD oldperiods[OCTAVE*2]={
+@@ -246,14 +248,14 @@ static int MP_FindEmptyChannel(MODULE *m
+ MP_VOICE *a;
+ ULONG t,k,tvol,pp;
+
+- for (t=0;t<md_sngchn;t++)
++ for (t=0;t<NUMVOICES(mod);t++)
+ if (((mod->voice[t].main.kick==KICK_ABSENT)||
+ (mod->voice[t].main.kick==KICK_ENV))&&
+ Voice_Stopped_internal(t))
+ return t;
+
+ tvol=0xffffffUL;t=-1;a=mod->voice;
+- for (k=0;k<md_sngchn;k++,a++) {
++ for (k=0;k<NUMVOICES(mod);k++,a++) {
+ /* allow us to take over a nonexisting sample */
+ if (!a->main.s)
+ return k;
+@@ -2247,12 +2249,12 @@ static void DoNNAEffects(MODULE *mod, MP
+
+ switch (dat) {
+ case 0x0: /* past note cut */
+- for (t=0;t<md_sngchn;t++)
++ for (t=0;t<NUMVOICES(mod);t++)
+ if (mod->voice[t].master==a)
+ mod->voice[t].main.fadevol=0;
+ break;
+ case 0x1: /* past note off */
+- for (t=0;t<md_sngchn;t++)
++ for (t=0;t<NUMVOICES(mod);t++)
+ if (mod->voice[t].master==a) {
+ mod->voice[t].main.keyoff|=KEY_OFF;
+ if ((!(mod->voice[t].venv.flg & EF_ON))||
+@@ -2261,7 +2263,7 @@ static void DoNNAEffects(MODULE *mod, MP
+ }
+ break;
+ case 0x2: /* past note fade */
+- for (t=0;t<md_sngchn;t++)
++ for (t=0;t<NUMVOICES(mod);t++)
+ if (mod->voice[t].master==a)
+ mod->voice[t].main.keyoff|=KEY_FADE;
+ break;
+@@ -2316,7 +2318,7 @@ void pt_UpdateVoices(MODULE *mod, int ma
+ SAMPLE *s;
+
+ mod->totalchn=mod->realchn=0;
+- for (channel=0;channel<pf->numchn;channel++) {
++ for (channel=0;channel<NUMVOICES(mod);channel++) {
+ aout=&mod->voice[channel];
+ i=aout->main.i;
+ s=aout->main.s;
+@@ -2737,7 +2739,7 @@ void pt_NNA(MODULE *mod)
+ if (a->dct!=DCT_OFF) {
+ int t;
+
+- for (t=0;t<md_sngchn;t++)
++ for (t=0;t<NUMVOICES(mod);t++)
+ if ((!Voice_Stopped_internal(t))&&
+ (mod->voice[t].masterchn==channel)&&
+ (a->main.sample==mod->voice[t].main.sample)) {
+@@ -2979,6 +2981,11 @@ BOOL Player_Init(MODULE* mod)
+ if (!(mod->voice=(MP_VOICE*)MikMod_calloc(md_sngchn,sizeof(MP_VOICE))))
+ return 1;
+
++ /* mod->numvoices was used during loading to clamp md_sngchn.
++ After loading it's used to remember how big mod->voice is.
++ */
++ mod->numvoices = md_sngchn;
++
+ Player_Init_internal(mod);
+ return 0;
+ }
+@@ -3087,7 +3094,7 @@ MIKMODAPI void Player_NextPosition(void)
+ pf->patbrk=0;
+ pf->vbtick=pf->sngspd;
+
+- for (t=0;t<pf->numchn;t++) {
++ for (t=0;t<NUMVOICES(pf);t++) {
+ Voice_Stop_internal(t);
+ pf->voice[t].main.i=NULL;
+ pf->voice[t].main.s=NULL;
+@@ -3112,7 +3119,7 @@ MIKMODAPI void Player_PrevPosition(void)
+ pf->patbrk=0;
+ pf->vbtick=pf->sngspd;
+
+- for (t=0;t<pf->numchn;t++) {
++ for (t=0;t<NUMVOICES(pf);t++) {
+ Voice_Stop_internal(t);
+ pf->voice[t].main.i=NULL;
+ pf->voice[t].main.s=NULL;
+@@ -3139,7 +3146,7 @@ MIKMODAPI void Player_SetPosition(UWORD
+ pf->sngpos=pos;
+ pf->vbtick=pf->sngspd;
+
+- for (t=0;t<pf->numchn;t++) {
++ for (t=0;t<NUMVOICES(pf);t++) {
+ Voice_Stop_internal(t);
+ pf->voice[t].main.i=NULL;
+ pf->voice[t].main.s=NULL;