diff options
| author |   Sergei Trofimovich <slyfox@gentoo.org> | 2012-02-06 21:46:32 +0000 |
|---|---|---|
| committer | Sergei Trofimovich <slyfox@gentoo.org> | 2012-02-06 21:46:32 +0000 |
| commit | 4011ea6f15fcdb7e2494791ae06e861811228ce3 (patch) | |
| tree | 016f93cf4330ac0e38e92b1c637a0cd1cd44441b /media-libs/libmikmod | |
| parent | Version bump. (diff) | |
| download | gentoo-2-4011ea6f15fcdb7e2494791ae06e861811228ce3.tar.gz gentoo-2-4011ea6f15fcdb7e2494791ae06e861811228ce3.tar.bz2 gentoo-2-4011ea6f15fcdb7e2494791ae06e861811228ce3.zip | |
Fixed sdl-mixer crash (bug #300525 reported by A.C.Heron and fixed by pva).
Fixed CVE-2009-3995, CVE-2009-3996 CVE-2010-2546 CVE-2010-2971 (security
bug #335892 by Stefan Behte fixes are pulled from upstream, redhat and suse).
Added workaround to avoid crash when libmikmod ran under padsp pulseaudio wrapper.
(Portage version: 2.2.0_alpha85/cvs/Linux x86_64)
Diffstat (limited to 'media-libs/libmikmod')
8 files changed, 255 insertions, 1 deletions
diff --git a/media-libs/libmikmod/ChangeLog b/media-libs/libmikmod/ChangeLog index edb82acc115a..c2c03363447a 100644 --- a/media-libs/libmikmod/ChangeLog +++ b/media-libs/libmikmod/ChangeLog @@ -1,6 +1,22 @@ # ChangeLog for media-libs/libmikmod # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/libmikmod/ChangeLog,v 1.75 2012/01/21 16:23:07 phajdan.jr Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/libmikmod/ChangeLog,v 1.76 2012/02/06 21:46:32 slyfox Exp $ + +*libmikmod-3.1.12-r1 (06 Feb 2012) +*libmikmod-3.2.0_beta2-r3 (06 Feb 2012) + + 06 Feb 2012; Sergei Trofimovich <slyfox@gentoo.org> + +files/libmikmod-3.2.0_beta2-CVE-2009-3995-3996.patch, + +files/libmikmod-3.2.0_beta2-CVE-2010-2546-2971.patch, + +files/libmikmod-3.2.0_beta2-fix-unload-crash.patch, + +files/libmikmod-3.2.0_beta2-fix-vol-crash.patch, + +files/libmikmod-3.2.0_beta2-pa-workaround.patch, +libmikmod-3.1.12-r1.ebuild, + +libmikmod-3.2.0_beta2-r3.ebuild: + Fixed sdl-mixer crash (bug #300525 reported by A.C.Heron and fixed by pva). + Fixed CVE-2009-3995, CVE-2009-3996 CVE-2010-2546 CVE-2010-2971 (security bug + #335892 by Stefan Behte fixes are pulled from upstream, redhat and suse). + Added workaround to avoid crash when libmikmod ran under padsp pulseaudio + wrapper. 21 Jan 2012; Pawel Hajdan jr <phajdan.jr@gentoo.org> libmikmod-3.1.12.ebuild: x86 stable wrt bug #384713 diff --git a/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2009-3995-3996.patch b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2009-3995-3996.patch new file mode 100644 index 000000000000..1161e898e20d --- /dev/null +++ b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2009-3995-3996.patch @@ -0,0 +1,35 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## CVE-2009-3995f.dpatch by <aw@linux.de> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Patch for CVE-2009-3995 and CVE-2009-3996 + +@DPATCH@ + +diff -Ndurp libmikmod-3.1.11/loaders/load_it.c libmikmod-3.1.11-fixed/loaders/load_it.c +--- libmikmod-3.1.11/loaders/load_it.c 2010-05-31 14:10:34.000000000 +0200 ++++ libmikmod-3.1.11-fixed/loaders/load_it.c 2010-05-31 14:10:10.000000000 +0200 +@@ -862,6 +862,10 @@ BOOL IT_Load(BOOL curious) + #endif + + IT_ProcessEnvelope(vol); ++ /* fix for CVE-2009-3995 - snatched from SuSe's fix -- AW */ ++ if (ih.volpts>= ENVPOINTS) ++ ih.volpts = ENVPOINTS-1; ++ + for(u=0;u<ih.volpts;u++) + d->volenv[u].val=(ih.volnode[u]<<2); + +diff -Ndurp libmikmod-3.1.11/loaders/load_ult.c libmikmod-3.1.11-fixed/loaders/load_ult.c +--- libmikmod-3.1.11/loaders/load_ult.c 2010-05-31 14:10:34.000000000 +0200 ++++ libmikmod-3.1.11-fixed/loaders/load_ult.c 2010-05-31 14:10:10.000000000 +0200 +@@ -224,6 +224,9 @@ BOOL ULT_Load(BOOL curious) + for(u=0;u<of.numchn;u++) + for(t=0;t<of.numpat;t++) + of.patterns[(t*of.numchn)+u]=tracks++; ++ /* fix for CVE-2009-3996 - snatched from SuSe's fix -- AW */ ++ if (of.numchn>=UF_MAXCHAN) ++ of.numchn=UF_MAXCHAN - 1; + + /* read pan position table for v1.5 and higher */ + if(mh.id[14]>='3') { diff --git a/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2010-2546-2971.patch b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2010-2546-2971.patch new file mode 100644 index 000000000000..7e3bff18b25b --- /dev/null +++ b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-CVE-2010-2546-2971.patch @@ -0,0 +1,33 @@ +Related: https://bugzilla.redhat.com/show_bug.cgi?id=614643#c6 +Gentoo-bug: http://bugs.gentoo.org/335892 +--- loaders/load_it.c.orig 2010-07-22 16:02:16.000000000 +0200 ++++ loaders/load_it.c 2010-07-22 16:07:48.000000000 +0200 +@@ -743,6 +743,8 @@ BOOL IT_Load(BOOL curious) + #define IT_LoadEnvelope(name,type) \ + ih. name##flg =_mm_read_UBYTE(modreader); \ + ih. name##pts =_mm_read_UBYTE(modreader); \ ++ if (ih. name##pts > ITENVCNT) \ ++ ih. name##pts = ITENVCNT; \ + ih. name##beg =_mm_read_UBYTE(modreader); \ + ih. name##end =_mm_read_UBYTE(modreader); \ + ih. name##susbeg=_mm_read_UBYTE(modreader); \ +@@ -756,6 +758,8 @@ BOOL IT_Load(BOOL curious) + #define IT_LoadEnvelope(name,type) \ + ih. name/**/flg =_mm_read_UBYTE(modreader); \ + ih. name/**/pts =_mm_read_UBYTE(modreader); \ ++ if (ih. name/**/pts > ITENVCNT) \ ++ ih. name/**/pts = ITENVCNT; \ + ih. name/**/beg =_mm_read_UBYTE(modreader); \ + ih. name/**/end =_mm_read_UBYTE(modreader); \ + ih. name/**/susbeg=_mm_read_UBYTE(modreader); \ +@@ -862,10 +866,6 @@ BOOL IT_Load(BOOL curious) + #endif + + IT_ProcessEnvelope(vol); +- /* fix for CVE-2009-3995 - snatched from SuSe's fix -- AW */ +- if (ih.volpts>= ENVPOINTS) +- ih.volpts = ENVPOINTS-1; +- + for(u=0;u<ih.volpts;u++) + d->volenv[u].val=(ih.volnode[u]<<2); + diff --git a/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-unload-crash.patch b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-unload-crash.patch new file mode 100644 index 000000000000..90d2a3bd2ac5 --- /dev/null +++ b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-unload-crash.patch @@ -0,0 +1,22 @@ +Date: 15 Apr 2002 11:01:19 +0200 +From: Guillaume Cottenceau <gc@mandrakesoft.com> + +Unfortunately, I should have double checked that the following +fix (authored by Dave Goehrig <dave@cthulhu-burger.org>, not me), +was really in the CVS... it's not, as of stable 1.2.3 at least. +Please include it, it fixes a segfault on exiting a program which +disabled MOD music during its execution. + +Gentoo-bug: http://bugs.gentoo.org/300525 +diff -ru libmikmod-3.1.12.orig/playercode/virtch_common.c libmikmod-3.1.12/playercode/virtch_common.c +--- libmikmod-3.1.12.orig/playercode/virtch_common.c 2007-12-15 01:26:53.000000000 -0800 ++++ libmikmod-3.1.12/playercode/virtch_common.c 2009-10-05 00:37:12.000000000 -0700 +@@ -347,7 +347,7 @@ + + void VC1_SampleUnload(SWORD handle) + { +- if (handle<MAXSAMPLEHANDLES) { ++ if (Samples && handle<MAXSAMPLEHANDLES) { + if (Samples[handle]) + free(Samples[handle]); + Samples[handle]=NULL; diff --git a/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-vol-crash.patch b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-vol-crash.patch new file mode 100644 index 000000000000..7e05b2fb4aca --- /dev/null +++ b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-fix-vol-crash.patch @@ -0,0 +1,16 @@ +Yi-Huang Han - Wed Oct 24 21:55:47 PDT 2001 + * Fixed MOD music volume when looping + +Gentoo-bug: http://bugs.gentoo.org/300525 +diff -ru libmikmod-3.1.12.orig/playercode/mplayer.c libmikmod-3.1.12/playercode/mplayer.c +--- libmikmod-3.1.12.orig/playercode/mplayer.c 2009-10-05 00:19:59.000000000 -0700 ++++ libmikmod-3.1.12/playercode/mplayer.c 2009-10-05 00:44:35.000000000 -0700 +@@ -3019,7 +3019,7 @@ + { + MUTEX_LOCK(vars); + if (pf) +- pf->volume=(volume<0)?0:(volume>128)?128:volume; ++ pf->volume=pf->initvolume=(volume<0)?0:(volume>128)?128:volume; + MUTEX_UNLOCK(vars); + } + diff --git a/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-pa-workaround.patch b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-pa-workaround.patch new file mode 100644 index 000000000000..6e35912e6513 --- /dev/null +++ b/media-libs/libmikmod/files/libmikmod-3.2.0_beta2-pa-workaround.patch @@ -0,0 +1,20 @@ +Under padsp wrapper mikmod returns + buffinf.fragments = -1; buffinf.bytes = -65535. +Buggy oss emulation layer in pulseaudio. +More details in upstream report: + +Gentoo-bug: http://bugs.gentoo.org/300525 +Upstream-bug: https://bugs.freedesktop.org/show_bug.cgi?id=45643 +diff --git a/drivers/drv_oss.c b/drivers/drv_oss.c +index 27766f2..74864c2 100644 +--- a/drivers/drv_oss.c ++++ b/drivers/drv_oss.c +@@ -327,7 +327,7 @@ static void OSS_Update(void) + buffinf.fragments--; + buffinf.fragsize = buffinf.bytes = buffersize; + } +- if(!buffinf.fragments) ++ if(buffinf.fragments < 1) + break; + done=VC_WriteBytes(audiobuffer,buffinf.fragsize>buffinf.bytes? + buffinf.bytes:buffinf.fragsize); diff --git a/media-libs/libmikmod/libmikmod-3.1.12-r1.ebuild b/media-libs/libmikmod/libmikmod-3.1.12-r1.ebuild new file mode 100644 index 000000000000..ebddc4f49339 --- /dev/null +++ b/media-libs/libmikmod/libmikmod-3.1.12-r1.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/libmikmod/libmikmod-3.1.12-r1.ebuild,v 1.1 2012/02/06 21:46:32 slyfox Exp $ + +# this ebuild is only for the libmikmod.so.2 SONAME for ABI compat + +EAPI=2 +inherit autotools eutils flag-o-matic multilib + +DESCRIPTION="A library to play a wide range of module formats" +HOMEPAGE="http://mikmod.raphnet.net/" +SRC_URI="mirror://sourceforge/mikmod/${P}.tar.gz" + +LICENSE="|| ( LGPL-2.1 LGPL-2 )" +SLOT="2" +KEYWORDS="~amd64 ~x86" +IUSE="+oss raw" + +src_prepare() { + epatch "${FILESDIR}"/${P}-64bit.patch \ + "${FILESDIR}"/${P}-autotools.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-info.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-doubleRegister.patch \ + "${FILESDIR}"/${PN}-CVE-2007-6720.patch \ + "${FILESDIR}"/${PN}-CVE-2009-0179.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-no-drv_raw.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-fix-vol-crash.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-fix-unload-crash.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-CVE-2009-3995-3996.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-CVE-2010-2546-2971.patch \ + "${FILESDIR}"/${PN}-3.2.0_beta2-pa-workaround.patch + + AT_M4DIR=${S} eautoreconf +} + +src_configure() { + use raw && append-flags -DDRV_RAW + + econf \ + --disable-af \ + --disable-alsa \ + --disable-esd \ + $(use_enable oss) \ + --disable-static +} + +src_install() { + exeinto /usr/$(get_libdir) + newexe ${PN}/.libs/${PN}.so.2.0.4 ${PN}.so.2 || die +} + +pkg_postinst() { + use oss || ewarn "No audio output will be available because of USE=\"-oss\"." +} diff --git a/media-libs/libmikmod/libmikmod-3.2.0_beta2-r3.ebuild b/media-libs/libmikmod/libmikmod-3.2.0_beta2-r3.ebuild new file mode 100644 index 000000000000..cac7c46b3397 --- /dev/null +++ b/media-libs/libmikmod/libmikmod-3.2.0_beta2-r3.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/libmikmod/libmikmod-3.2.0_beta2-r3.ebuild,v 1.1 2012/02/06 21:46:32 slyfox Exp $ + +EAPI=2 +MY_P=${P/_/-} +inherit autotools eutils flag-o-matic + +DESCRIPTION="A library to play a wide range of module formats" +HOMEPAGE="http://mikmod.raphnet.net/" +SRC_URI="http://mikmod.raphnet.net/files/${MY_P}.tar.gz" + +LICENSE="|| ( LGPL-2.1 LGPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos" +# Enable OSS by default since ALSA support isn't available, look below +IUSE="+oss raw" + +S=${WORKDIR}/${MY_P} + +src_prepare() { + epatch "${FILESDIR}"/${P}-64bit.patch \ + "${FILESDIR}"/${P}-autotools.patch \ + "${FILESDIR}"/${P}-info.patch \ + "${FILESDIR}"/${P}-doubleRegister.patch \ + "${FILESDIR}"/${PN}-CVE-2007-6720.patch \ + "${FILESDIR}"/${PN}-CVE-2009-0179.patch \ + "${FILESDIR}"/${P}-no-drv_raw.patch \ + "${FILESDIR}"/${P}-fix-vol-crash.patch \ + "${FILESDIR}"/${P}-fix-unload-crash.patch \ + "${FILESDIR}"/${P}-CVE-2009-3995-3996.patch \ + "${FILESDIR}"/${P}-CVE-2010-2546-2971.patch \ + "${FILESDIR}"/${P}-pa-workaround.patch + + AT_M4DIR=${S} eautoreconf +} + +src_configure() { + use raw && append-flags -DDRV_RAW + + # * af is something called AF/AFlib.h and -lAF, not audiofile in tree + # * alsa support is for deprecated API and doesn't work + econf \ + --disable-af \ + --disable-alsa \ + --disable-esd \ + $(use_enable oss) +} + +src_install() { + emake DESTDIR="${D}" install || die + dodoc AUTHORS NEWS README TODO + dohtml docs/*.html +} + +pkg_postinst() { + use oss || ewarn "No audio output will be available because of USE=\"-oss\"." +} |