[SCM] VLC media player packaging branch, sid, updated. debian/1.1.2-1-5-ga0a985e

xtophe-guest at users.alioth.debian.org xtophe-guest at users.alioth.debian.org
Tue Aug 17 22:14:39 UTC 2010 

The following commit has been merged in the sid branch:
commit 86f8157f878d77cefc35e672353dade8f3e432bd
Author: Benjamin Drung <bdrung at ubuntu.com>
Date:   Tue Aug 17 18:05:51 2010 +0200

    Security: Fix insufficient input validation in TagLib plugin
    
    Patch taken upstream
    CVE-2010-2937, VideoLAN-SA-1004
    
    Thanks: Lukáš Lalinský
    
    Closes: #592669
    LP: #616510
    
    Signed-off-by: Christophe Mutricy <xtophe at videolan.org>

diff --git a/debian/patches/CVE-2010-2937.patch b/debian/patches/CVE-2010-2937.patch
new file mode 100644
index 0000000..eda922e
--- /dev/null
+++ b/debian/patches/CVE-2010-2937.patch
@@ -0,0 +1,43 @@
+From: Lukáš Lalinský <lalinsky at gmail.com>
+Date: Wed, 11 Aug 2010 19:02:30 +0000 (+0300)
+Subject: taglib: fix NULL deferences after dynamic cast
+X-Git-Url: http://git.videolan.org/?p=vlc%2Fvlc-1.0.git;a=commitdiff_plain;h=22a22e356c9d93993086810b2e25b59b55925b3a
+
+taglib: fix NULL deferences after dynamic cast
+
+Reported-by: FortiGuard Lab
+Signed-off-by: Rémi Denis-Courmont <remi at remlab.net>
+(cherry picked from commit 0a3d05b4058fe683e2ef49da8ece9214ade01870)
+---
+
+diff --git a/modules/meta_engine/taglib.cpp b/modules/meta_engine/taglib.cpp
+index 43ac697..9faf922 100644
+--- a/modules/meta_engine/taglib.cpp
++++ b/modules/meta_engine/taglib.cpp
+@@ -120,6 +120,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+     {
+         ID3v2::UniqueFileIdentifierFrame* p_ufid =
+                 dynamic_cast<ID3v2::UniqueFileIdentifierFrame*>(*iter);
++        if( !p_ufid )
++            continue;
+         const char *owner = p_ufid->owner().toCString();
+         if (!strcmp( owner, "http://musicbrainz.org" ))
+         {
+@@ -140,6 +142,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+     {
+         ID3v2::UserTextIdentificationFrame* p_txxx =
+                 dynamic_cast<ID3v2::UserTextIdentificationFrame*>(*iter);
++        if( !p_txxx )
++            continue;
+         vlc_meta_AddExtra( p_meta, p_txxx->description().toCString( true ),
+                            p_txxx->fieldList().toString().toCString( true ) );
+     }
+@@ -196,6 +200,8 @@ static void ReadMetaFromId3v2( ID3v2::Tag* tag, demux_t* p_demux, demux_meta_t*
+     {
+         ID3v2::AttachedPictureFrame* p_apic =
+             dynamic_cast<ID3v2::AttachedPictureFrame*>(*iter);
++        if( !p_apic )
++            continue;
+         input_attachment_t *p_attachment;
+ 
+         const char *psz_mime;
diff --git a/debian/patches/series b/debian/patches/series
index 32e53b2..b319008 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@
 501_decrease_alsa_buffer.diff
 502_xulrunner_191.diff
 503_autoreconf.diff
+CVE-2010-2937.patch

-- 
VLC media player packaging

More information about the pkg-multimedia-commits mailing list