[SCM] mplayer packaging branch, etch, updated. 7476e04ba26079b38fc67353c8a73fa9bc612630

siretart at users.alioth.debian.org siretart at users.alioth.debian.org
Fri Apr 17 18:19:22 UTC 2009


The following commit has been merged in the etch branch:
commit 6fa1bc7a4446ce897a17ad9d4c5456ddd8f7031b
Author: Reinhard Tartler <siretart at tauware.de>
Date:   Fri Apr 17 20:02:04 2009 +0200

    update patch for CVE-2009-0385.patch
    
    the first patch candidate had unexplained discrepancy compared to the
    upstream commit.

diff --git a/debian/patches/CVE-2009-0385.patch b/debian/patches/CVE-2009-0385.patch
index de78108..46f1161 100644
--- a/debian/patches/CVE-2009-0385.patch
+++ b/debian/patches/CVE-2009-0385.patch
@@ -14,7 +14,7 @@ Patch AKA CVE-2009-0385
                  return AVERROR_INVALIDDATA;
              }
              current_track = LE_32(&header[i + 8]);
-+            if((unsigned)current_track->track_count >= UINT_MAX / sizeof(AudioTrack - 1))
++            if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack - 1))
 +                return -1;
              if (current_track + 1 > fourxm->track_count) {
                  fourxm->track_count = current_track + 1;
diff --git a/libavformat/4xm.c b/libavformat/4xm.c
index ec9a885..15a4e46 100644
--- a/libavformat/4xm.c
+++ b/libavformat/4xm.c
@@ -161,7 +161,7 @@ static int fourxm_read_header(AVFormatContext *s,
                 return AVERROR_INVALIDDATA;
             }
             current_track = LE_32(&header[i + 8]);
-	    if((unsigned)current_track >= UINT_MAX / sizeof(AudioTrack) - 1)
+	    if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack) - 1)
                 return -1;
             if (current_track + 1 > fourxm->track_count) {
                 fourxm->track_count = current_track + 1;

-- 
mplayer packaging



More information about the pkg-multimedia-commits mailing list