[SCM] libgig/master: debian/patches/CVE-2017-12952.diff: fix some crashes
piem at users.alioth.debian.org
piem at users.alioth.debian.org
Tue Aug 29 13:29:48 UTC 2017
The following commit has been merged in the master branch:
commit 7ca6d2ad105ac7d100354d0917c8a3e1fec4f1a6
Author: Paul Brossier <piem at piem.org>
Date: Tue Aug 29 15:14:40 2017 +0200
debian/patches/CVE-2017-12952.diff: fix some crashes
diff --git a/debian/patches/CVE-2017-12952.diff b/debian/patches/CVE-2017-12952.diff
new file mode 100644
index 0000000..0c34d44
--- /dev/null
+++ b/debian/patches/CVE-2017-12952.diff
@@ -0,0 +1,35 @@
+--- a/src/gig.cpp
++++ b/src/gig.cpp
+@@ -2967,7 +2967,7 @@
+ if (file->GetAutoLoad()) {
+ for (uint i = 0; i < DimensionRegions; i++) {
+ uint32_t wavepoolindex = _3lnk->ReadUint32();
+- if (file->pWavePoolTable) pDimensionRegions[i]->pSample = GetSampleFromWavePool(wavepoolindex);
++ if (file->pWavePoolTable && pDimensionRegions[i]) pDimensionRegions[i]->pSample = GetSampleFromWavePool(wavepoolindex);
+ }
+ GetSample(); // load global region sample reference
+ }
+@@ -4441,7 +4441,9 @@
+ RegionList::iterator end = pRegions->end();
+ for (; iter != end; ++iter) {
+ gig::Region* pRegion = static_cast<gig::Region*>(*iter);
+- for (int iKey = pRegion->KeyRange.low; iKey <= pRegion->KeyRange.high; iKey++) {
++ int low = pRegion->KeyRange.low > 0 ? pRegion->KeyRange.low : 0;
++ int high = pRegion->KeyRange.high > 127 ? 127 : pRegion->KeyRange.high;
++ for (int iKey = low; iKey <= high; iKey++) {
+ RegionKeyTable[iKey] = pRegion;
+ }
+ }
+--- a/src/helper.h
++++ b/src/helper.h
+@@ -142,6 +142,10 @@
+ inline void LoadString(RIFF::Chunk* ck, std::string& s) {
+ if (ck) {
+ const char* str = (char*)ck->LoadChunkData();
++ if (str == NULL) {
++ ck->ReleaseChunkData();
++ return;
++ }
+ int size = ck->GetSize();
+ int len;
+ for (len = 0 ; len < size ; len++)
diff --git a/debian/patches/series b/debian/patches/series
index fba3f90..4078684 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@
02-manpages.patch
04-spelling.patch
05-fix-libdir.patch
+CVE-2017-12952.diff
--
libgig packaging
More information about the pkg-multimedia-commits
mailing list