OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xine-lib?expand=0&rev=21

2009-02-11 12:00:19 +00:00 · 2009-02-11 12:00:19 +00:00 · 89d90447c0
commit 89d90447c0
parent 4a02404f49
3 changed files with 25 additions and 1 deletions
--- a/xine-lib-TKADV2009-004.diff
+++ b/xine-lib-TKADV2009-004.diff
@ -0,0 +1,15 @@
+Index: xine-lib-1.1.16.1/src/demuxers/demux_4xm.c
+===================================================================
+--- xine-lib-1.1.16.1.orig/src/demuxers/demux_4xm.c
+++ xine-lib-1.1.16.1/src/demuxers/demux_4xm.c
+@@ -190,6 +190,10 @@ static int open_fourxm_file(demux_fourxm
+         return 0;
+       }
+       const uint32_t current_track = _X_LE_32(&header[i + 8]);
+      if(current_track >= UINT_MAX / sizeof(audio_track_t) - 1){
+	free(header);
+	return 0;
+      }
+       if (current_track + 1 > fourxm->track_count) {
+         fourxm->track_count = current_track + 1;
+         fourxm->tracks = realloc(fourxm->tracks,
--- a/xine-lib.changes
+++ b/xine-lib.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue Feb 10 16:45:05 CET 2009 - mhopf@suse.de
+
+- Security fix for 4xm demuxer (TKADV2009-004, bnc#473825)
+
 -------------------------------------------------------------------
 Tue Jan 27 19:27:37 CET 2009 - mhopf@suse.de

--- a/xine-lib.spec
+++ b/xine-lib.spec
@ -94,7 +94,7 @@ BuildRequires:  DirectFB
 BuildRequires:  libmodplug
 %endif
 Version:        1.1.16.1
-Release:        1
+Release:        2
 # XINE_MAJOR.XINE_LT_CURRENT in configure.ac
 %define abiversion 1.25
 # bug437293
@ -116,6 +116,7 @@ Source99:       precheckin_cripple_tarball.sh
 # *** xine-lib: Bugfixes
 Patch26:        xine-lib-doc-fix-X11R6.diff
 Patch28:        xine-lib-1.1.14-ia64-is-not-alpha.diff
+Patch29:        xine-lib-TKADV2009-004.diff
 # *** Addons
 Patch50:        vdr-xine-0.8.2.diff.bz2
 Patch51:        vdr-xine-SUSE.diff
@ -462,6 +463,7 @@ fi
 cd xine-lib-%{version}
 %patch26
 %patch28 -p1
+%patch29 -p1
 %patch50 -p1
 %patch51 -p1
 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am
@ -803,6 +805,8 @@ rm -rf %{buildroot}
 %endif

 %changelog
+* Tue Feb 10 2009 mhopf@suse.de
+- Security fix for 4xm demuxer (TKADV2009-004, bnc#473825)
 * Tue Jan 27 2009 mhopf@suse.de
 - Update to 1.1.16.1:
  * Security fixes: