[SCM] mplayer packaging branch, etch, updated. 2d394d9822f2ebddcf0338bc90659bf624074494
siretart at users.alioth.debian.org
siretart at users.alioth.debian.org
Sun Apr 26 18:02:29 UTC 2009
The following commit has been merged in the etch branch:
commit 2d394d9822f2ebddcf0338bc90659bf624074494
Author: Reinhard Tartler <siretart at tauware.de>
Date: Sun Apr 26 19:51:36 2009 +0200
fixup patch for CVE-2009-0385
original upstream patch can be found at
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
thanks to white for finding that mistake
diff --git a/debian/patches/CVE-2009-0385.patch b/debian/patches/CVE-2009-0385.patch
index 46f1161..653825b 100644
--- a/debian/patches/CVE-2009-0385.patch
+++ b/debian/patches/CVE-2009-0385.patch
@@ -14,7 +14,7 @@ Patch AKA CVE-2009-0385
return AVERROR_INVALIDDATA;
}
current_track = LE_32(&header[i + 8]);
-+ if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack - 1))
++ if((unsigned)current_track >= UINT_MAX / sizeof(AudioTrack - 1))
+ return -1;
if (current_track + 1 > fourxm->track_count) {
fourxm->track_count = current_track + 1;
diff --git a/libavformat/4xm.c b/libavformat/4xm.c
index 15a4e46..ec9a885 100644
--- a/libavformat/4xm.c
+++ b/libavformat/4xm.c
@@ -161,7 +161,7 @@ static int fourxm_read_header(AVFormatContext *s,
return AVERROR_INVALIDDATA;
}
current_track = LE_32(&header[i + 8]);
- if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack) - 1)
+ if((unsigned)current_track >= UINT_MAX / sizeof(AudioTrack) - 1)
return -1;
if (current_track + 1 > fourxm->track_count) {
fourxm->track_count = current_track + 1;
--
mplayer packaging
More information about the pkg-multimedia-commits
mailing list