Dominique Leuenberger 2018-01-13 20:44:44 +00:00 committed by Git OBS Bridge
commit 155dbef8e0
6 changed files with 231 additions and 205 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2417edcb1ad51ca05a817c58aeee610bc6db5442984e8cf28e8a5fd914e8ae05
size 22020384

3
scummvm-2.0.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9784418d555ba75822d229514a05cf226b8ce1a751eec425432e6b7e128fca60
size 21291656

View File

@ -0,0 +1,64 @@
From 7aaac1dfba22d2e70b33b2cf856d7885944d4a6e Mon Sep 17 00:00:00 2001
From: Colin Snover <github.com@zetafleet.com>
Date: Thu, 14 Dec 2017 13:51:04 -0600
Subject: [PATCH] POSIX: Fix CVE-2017-17528
---
backends/platform/sdl/posix/posix.cpp | 28 ++++++++++++++++++++--------
1 file changed, 20 insertions(+), 8 deletions(-)
diff --git a/backends/platform/sdl/posix/posix.cpp b/backends/platform/sdl/posix/posix.cpp
index b805a452cf7..60f85efc2f1 100644
--- a/backends/platform/sdl/posix/posix.cpp
+++ b/backends/platform/sdl/posix/posix.cpp
@@ -49,6 +49,9 @@
#include <sys/wait.h>
#include <unistd.h>
+#include <spawn.h>
+extern char **environ;
+
OSystem_POSIX::OSystem_POSIX(Common::String baseConfigName)
:
_baseConfigName(baseConfigName) {
@@ -279,7 +282,7 @@ bool OSystem_POSIX::openUrl(const Common::String &url) {
// try desktop environment specific tools
if (launchBrowser("gnome-open", url)) // gnome
return true;
- if (launchBrowser("kfmclient openURL", url)) // kde
+ if (launchBrowser("kfmclient", url)) // kde
return true;
if (launchBrowser("exo-open", url)) // xfce
return true;
@@ -302,15 +305,24 @@ bool OSystem_POSIX::openUrl(const Common::String &url) {
return false;
}
-bool OSystem_POSIX::launchBrowser(const Common::String& client, const Common::String &url) {
- // FIXME: system's input must be heavily escaped
- // well, when url's specified by user
- // it's OK now (urls are hardcoded somewhere in GUI)
- Common::String cmd = client + " " + url;
- return (system(cmd.c_str()) != -1);
+bool OSystem_POSIX::launchBrowser(const Common::String &client, const Common::String &url) {
+ pid_t pid;
+ const char *argv[] = {
+ client.c_str(),
+ url.c_str(),
+ NULL,
+ NULL
+ };
+ if (client == "kfmclient") {
+ argv[2] = argv[1];
+ argv[1] = "openURL";
+ }
+ if (posix_spawnp(&pid, client.c_str(), NULL, NULL, const_cast<char **>(argv), environ) != 0) {
+ return false;
+ }
+ return (waitpid(pid, NULL, 0) != -1);
}
-
AudioCDManager *OSystem_POSIX::createAudioCDManager() {
#ifdef USE_LINUXCD
return createLinuxAudioCDManager();

View File

@ -1,3 +1,162 @@
-------------------------------------------------------------------
Mon Dec 18 09:12:00 UTC 2017 - aloisio@gmx.com
- Added scummvm-fix_CVE-2017-17528.patch to address (boo#1073248)
-------------------------------------------------------------------
Sun Dec 17 19:25:33 UTC 2017 - alarrosa@suse.com
- Update to version 2.0.0
New Games:
* Added support for Full Pipe.
* Added support for Hi-Res Adventure #3: Cranston Manor.
* Added support for Hi-Res Adventure #4: Ulysses and the Golden Fleece.
* Added support for Hi-Res Adventure #5: Time Zone.
* Added support for Hi-Res Adventure #6: The Dark Crystal.
* Added support for Riven.
* Added support for Starship Titanic English & German.
New Games (Sierra SCI2 - SCI3):
* Added support for Gabriel Knight.
* Added support for Gabriel Knight 2.
* Added support for King's Quest VII.
* Added support for King's Questions.
* Added support for Leisure Suit Larry 6 (hires).
* Added support for Leisure Suit Larry 7.
* Added support for Lighthouse.
* Added support for Mixed-Up Mother Goose Deluxe.
* Added support for Phantasmagoria.
* Added support for Phantasmagoria 2.
* Added support for Police Quest 4.
* Added support for RAMA.
* Added support for Shivers.
* Added support for Space Quest 6.
* Added support for Torin's Passage.
General:
* Added bilinear filtering option for SDL2 fullscreen mode.
* Fixed a bug that caused a crash in the options dialog of the GUI.
* Added a command-line option to automatically scan for supported games in
the current or a specified directory.
* Added possibility to apply changes in the options dialog without closing
the dialog.
* Added support for on-the-fly GUI language switching.
* Updated Munt MT-32 emulation code to version 2.0.3.
* Improved handling of joysticks.
* Improved audio latency.
* Improved management of the ScummVM window in games that switch display
modes.
* Fixed list view drawing over text above it (for example in the save dialog).
* Changed location where screenshot are saved. This fixes issues when scummvm
is installed in a read*only directory. Also added setting to allow changing
this location.
* Changed screenshot format to png.
* Fixed multithreading issue that could cause a crash in games using MP3 audio.
ADL:
* Fixed application freeze when reading sign in rocket in Mission Asteroid.
AGI:
* Fixed game script blocking forever after loading a savegame that was saved
while music was playing (this could happen for example in Police Quest 1
poker back room.
* Fixed cursor behaviour in Manhunter.
* Fixed nightclub arcade sequence speed for Manhunter Apple IIgs version.
* Reduced fastest game speed to a maximum of 40 FPS to ensure the games do
not run too fast.
AGOS:
* Fixed subtitle speed setting in the Hebrew version of Simon the Sorcerer 1.
Composer:
* Added save/load from General Main Menu.
* Fixed the detection for the French Gregory.
* Added detection for German Baba Yaga.
Cruise:
* Fixed font rendering.
Drascula:
* Fixed bug that made it impossible to talk to the drunkard more than once in the inn.
* Added handling of the master volume and fix volume synchronization between
the game and ScummVM options.
* Added possibility to load and save games using GMM.
Dreamweb:
* Fixed crash when collecting last stones under church.
* Fixed detection of Italian CD release.
Kyra:
* Fixed a buffer overflow in Lands of Lore.
* Fixed crash due to missing palette data for Legend of Kyrandia floppy version.
MADE:
* Fixed badly distorted sound (bug #9753).
MADS:
* Fixed a bug that caused a crash after starting Rex Nebular and the Cosmic Gender Bender.
* Fix rare crash that can happen when Rex is first locked up
MOHAWK:
* Added patch to the original data files to correct the vault access
instructions in Myst ME.
* Fixed situations where Myst could appear to be unresponsive.
* Reworked sound handling in Myst to be more accurate.
* Fixed crash in Myst piano puzzle.
Neverhood:
* Fixed crash in musical hut in Russian DR version.
* Fixed late game notes crash in Russian DR version.
Pegasus:
* Fixed loading a game from the launcher after returning to the launcher.
* Ignored events occuring while the GUI is visible. This for example fixed an
issue where closing the GMM using Escape would also opens the game's own
menu.
* Fixed several crashes when toggling the shared screen space.
* Improved performances when fading screen.
SAGA:
* Fixed crash when using the give verb on an actor in IHNM.
* Fixed Gorrister invisible and stuck when reloading at mooring ring in IHNM.
* Fixed the conversation panel background color in IHNM.
* Added support French Fan Translation of Inherit the Earth.
SCI:
* Fixed a script bug in Laura Bow 2: Dagger of Amon Ra that made it impossible
to exit the party room with the large golden head inside the museum (room 350).
This bug is also present, when using the original interpreter.
* Improved startup speed when using the MT-32 emulator.
* Improved handling of MT-32 reverb in SCI0 games.
* Improved selection of synthesized sound effects in SCI0 games.
* Improved selection of digital audio in SQ4.
* Improved resource bounds checking.
* Improved error handling of corrupt MIDI data.
* Fixed slow leak of small amounts of data into save games over time.
* Fixed broken day/night cycle in QFG3.
* Fixed a script bug in Police Quest 3 to now grant 10 points when giving the
locket to Marie. Now it's possible to beat the game with a perfect score.
This bug is also present when using the original interpreter.
* Fixed various other script bugs.
* Improved audio volume and settings synchronization.
SCUMM:
* Fixed crash in amiga games.
* Fixed two soundtracks playing at once in Monkey Island 2.
* Fixed Caponians dont disguise after using blue crystal in Zak McKracken.
* Fixed Dr. Fred facing wrong way in lab cutscene in Maniac Mansion.
* Fixed actors being drawn one line too high in V0 and V1 games.
* Fixed Purple Tentacle appears in Lab Entry after being chased out in maniac Mansion.
* Fixed power not turning back on in Maniac Mansion when entering the lab
while Dr. Fred has the power off.
* Fixed actors skipping between certain walk-boxes in Maniac Mansion.
Sherlock:
* Fixed detection for Italian fan translation of Serrated Scalpel.
Sky:
* Fixed collision detection.
Sword1:
* Added thumbnail when saving from in-game dialog.
* Fixed audio and subtitles settings being changed when open the load/save
in*game dialog.
Tinsel:
* Fixed some Discworld 2 text/voice not displaying & playing all the way through
* Fix crash in in-game save menu when all slots are used with long names
TsAGE:
* Fixed regression preventing animations in Return to Ringworld from playing.
* Fixed display issues in Return to Ringworld Demo.
* Fixed loading Return to Ringworld savegames with unreferenced dynamic objects.
* Fixed deadlock in audio code.
* Fixed crash on Return to Launcher.
Voyeur:
* Fixed backgrounds not showing for static rooms.
* Fixed playback of audio events on VCR.
* Fixed exiting game from the VCR screen.
* Added workaround for original game bug using invalid hotspot Ids
- Drop use-getaddrinfo.patch which is already included upstream
- Use libmad to build scummvm by default
-------------------------------------------------------------------
Wed Feb 1 13:19:09 UTC 2017 - aloisio@gmx.com

View File

@ -18,9 +18,9 @@
%bcond_with faad
%bcond_with libmpeg2
%bcond_with mad
%bcond_without mad
Name: scummvm
Version: 1.9.0
Version: 2.0.0
Release: 0
Summary: Interpreter for several adventure games
License: GPL-2.0+
@ -28,8 +28,8 @@ Group: Amusements/Games/Other
Url: http://www.scummvm.org/
Source: http://www.scummvm.org/frs/scummvm/%{version}/scummvm-%{version}.tar.xz
Source99: %{name}.changes
# PATCH-FEATURE-UPSTREAM use-getaddrinfo.patch -- https://github.com/scummvm/scummvm/pull/811
Patch1: use-getaddrinfo.patch
# PATCH-FIX-UPSTREAM scummvm-fix_CVE-2017-17528.patch -- backported commit #7aaac1d
Patch0: scummvm-fix_CVE-2017-17528.patch
BuildRequires: desktop-file-utils
BuildRequires: gcc-c++
BuildRequires: hicolor-icon-theme
@ -82,7 +82,7 @@ These engines are in a worse state, but allow to play extra games.
%prep
%setup -q
%patch1 -p1
%patch0 -p1
modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE99}")"
DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
TIME="\"$(date -d "${modified}" "+%%R")\""

View File

@ -1,197 +0,0 @@
diff --git a/backends/midi/timidity.cpp b/backends/midi/timidity.cpp
index 4971388..1ff4ed9 100644
--- a/backends/midi/timidity.cpp
+++ b/backends/midi/timidity.cpp
@@ -52,24 +52,18 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/param.h>
-#include <netdb.h> /* for gethostbyname */
+#include <netdb.h> /* for getaddrinfo */
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdarg.h>
#include <stdlib.h>
#include <errno.h>
-// WORKAROUND bug #1870304: Solaris does not provide INADDR_NONE.
-#ifndef INADDR_NONE
-#define INADDR_NONE 0xffffffff
-#endif
-
// BeOS BONE uses snooze (x/1000) in place of usleep(x)
#ifdef __BEOS__
#define usleep(v) snooze(v/1000)
#endif
-
#define SEQ_MIDIPUTC 5
#define TIMIDITY_LOW_DELAY
@@ -84,7 +78,7 @@
/* default host & port */
#define DEFAULT_TIMIDITY_HOST "127.0.0.1"
-#define DEFAULT_TIMIDITY_PORT 7777
+#define DEFAULT_TIMIDITY_PORT "7777"
class MidiDriver_TIMIDITY : public MidiDriver_MPU401 {
public:
@@ -97,11 +91,8 @@ public:
void sysEx(const byte *msg, uint16 length);
private:
- /* standart routine to extract ip address from a string */
- in_addr_t host_to_addr(const char* address);
-
/* creates a tcp connection to TiMidity server, returns filedesc (like open()) */
- int connect_to_server(const char* hostname, unsigned short tcp_port);
+ int connect_to_server(const char* hostname, const char* tcp_port);
/* send command to the server; printf-like; returns reply string */
char *timidity_ctl_command(const char *fmt, ...) GCC_PRINTF(2, 3);
@@ -150,7 +141,8 @@ MidiDriver_TIMIDITY::MidiDriver_TIMIDITY() {
int MidiDriver_TIMIDITY::open() {
char *res;
char timidity_host[NI_MAXHOST];
- int timidity_port, data_port, i;
+ char timidity_port[6], data_port[6];
+ int num;
/* count ourselves open */
if (_isOpen)
@@ -166,16 +158,16 @@ int MidiDriver_TIMIDITY::open() {
/* extract control port */
if ((res = strrchr(timidity_host, ':')) != NULL) {
*res++ = '\0';
- timidity_port = atoi(res);
+ Common::strlcpy(timidity_port, res, sizeof(timidity_port));
} else {
- timidity_port = DEFAULT_TIMIDITY_PORT;
+ Common::strlcpy(timidity_port, DEFAULT_TIMIDITY_PORT, sizeof(timidity_port));
}
/*
* create control connection to the server
*/
if ((_control_fd = connect_to_server(timidity_host, timidity_port)) < 0) {
- warning("TiMidity: can't open control connection (host=%s, port=%d)", timidity_host, timidity_port);
+ warning("TiMidity: can't open control connection (host=%s, port=%s)", timidity_host, timidity_port);
return -1;
}
@@ -183,7 +175,7 @@ int MidiDriver_TIMIDITY::open() {
* "220 TiMidity++ v2.13.2 ready)" */
res = timidity_ctl_command(NULL);
if (atoi(res) != 220) {
- warning("TiMidity: bad response from server (host=%s, port=%d): %s", timidity_host, timidity_port, res);
+ warning("TiMidity: bad response from server (host=%s, port=%s): %s", timidity_host, timidity_port, res);
close_all();
return -1;
}
@@ -198,13 +190,11 @@ int MidiDriver_TIMIDITY::open() {
/* should read something like "200 63017 is ready acceptable",
* where 63017 is port for data connection */
- // FIXME: The following looks like a cheap endian test. If this is true, then
- // it should be replaced by suitable #ifdef SCUMM_LITTLE_ENDIAN.
- i = 1;
- if (*(char *)&i == 1)
- res = timidity_ctl_command("OPEN lsb");
- else
- res = timidity_ctl_command("OPEN msb");
+#ifdef SCUMM_LITTLE_ENDIAN
+ res = timidity_ctl_command("OPEN lsb");
+#else
+ res = timidity_ctl_command("OPEN msb");
+#endif
if (atoi(res) != 200) {
warning("TiMidity: bad reply for OPEN command: %s", res);
@@ -215,9 +205,15 @@ int MidiDriver_TIMIDITY::open() {
/*
* open data connection
*/
- data_port = atoi(res + 4);
+ num = atoi(res + 4);
+ if (num > 65535) {
+ warning("TiMidity: Invalid port %d given.\n", num);
+ close_all();
+ return -1;
+ }
+ snprintf(data_port, sizeof(data_port), "%d", num);
if ((_data_fd = connect_to_server(timidity_host, data_port)) < 0) {
- warning("TiMidity: can't open data connection (host=%s, port=%d)", timidity_host, data_port);
+ warning("TiMidity: can't open data connection (host=%s, port=%s)", timidity_host, data_port);
close_all();
return -1;
}
@@ -277,46 +273,33 @@ void MidiDriver_TIMIDITY::teardown() {
close_all();
}
-in_addr_t MidiDriver_TIMIDITY::host_to_addr(const char* address) {
- in_addr_t addr;
- struct hostent *hp;
-
- /* first check if IP address is given (like 127.0.0.1)*/
- if ((addr = inet_addr(address)) != INADDR_NONE)
- return addr;
-
- /* if not, try to resolve a hostname */
- if ((hp = gethostbyname(address)) == NULL) {
- warning("TiMidity: unknown hostname: %s", address);
- return INADDR_NONE;
- }
-
- memcpy(&addr, hp->h_addr, (int)sizeof(in_addr_t) <= hp->h_length ? sizeof(in_addr_t) : hp->h_length);
-
- return addr;
-}
-
-int MidiDriver_TIMIDITY::connect_to_server(const char* hostname, unsigned short tcp_port) {
+int MidiDriver_TIMIDITY::connect_to_server(const char* hostname, const char* tcp_port) {
int fd;
- struct sockaddr_in in;
- unsigned int addr;
-
- /* create socket */
- if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
- warning("TiMidity: socket(): %s", strerror(errno));
+ struct addrinfo hints;
+ struct addrinfo *result, *rp;
+
+ /* get all address(es) matching host and port */
+ memset(&hints, 0, sizeof(struct addrinfo));
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */
+ if (getaddrinfo(hostname, tcp_port, &hints, &result) != 0) {
+ warning("TiMidity: getaddrinfo: %s\n", strerror(errno));
return -1;
}
- /* connect */
- memset(&in, 0, sizeof(in));
- in.sin_family = AF_INET;
- in.sin_port = htons(tcp_port);
- addr = host_to_addr(hostname);
- memcpy(&in.sin_addr, &addr, 4);
-
- if (connect(fd, (struct sockaddr *)&in, sizeof(in)) < 0) {
- warning("TiMidity: connect(): %s", strerror(errno));
+ /* Try all address structures we have got previously */
+ for (rp = result; rp != NULL; rp = rp->ai_next) {
+ if ((fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) == -1)
+ continue;
+ if (connect(fd, rp->ai_addr, rp->ai_addrlen) != -1)
+ break;
::close(fd);
+ }
+
+ freeaddrinfo(result);
+
+ if (rp == NULL) {
+ warning("TiMidity: Could not connect\n");
return -1;
}