Sophie

Sophie

distrib > Mandriva > 2010.1 > x86_64 > media > main-updates-src > by-pkgid > 397764f175378802720d3d96747d68ed > files > 4

libmikmod-3.2.0-0.beta2.7.1mdv2010.1.src.rpm

diff -Naurp libmikmod-3.1.11/loaders/load_it.c libmikmod-3.1.11.oden/loaders/load_it.c
--- libmikmod-3.1.11/loaders/load_it.c	2010-08-12 12:34:21.000000000 -0400
+++ libmikmod-3.1.11.oden/loaders/load_it.c	2010-08-12 12:34:34.000000000 -0400
@@ -743,6 +743,8 @@ BOOL IT_Load(BOOL curious)
 #define IT_LoadEnvelope(name,type) 										\
 				ih. name##flg   =_mm_read_UBYTE(modreader);				\
 				ih. name##pts   =_mm_read_UBYTE(modreader);				\
+				if (ih. name##pts > ITENVCNT)							\
+					ih. name##pts = ITENVCNT;							\
 				ih. name##beg   =_mm_read_UBYTE(modreader);				\
 				ih. name##end   =_mm_read_UBYTE(modreader);				\
 				ih. name##susbeg=_mm_read_UBYTE(modreader);				\
@@ -756,6 +758,8 @@ BOOL IT_Load(BOOL curious)
 #define IT_LoadEnvelope(name,type) 										\
 				ih. name/**/flg   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/pts   =_mm_read_UBYTE(modreader);			\
+				if (ih. name/**/pts > ITENVCNT)							\
+					ih. name/**/pts = ITENVCNT;							\
 				ih. name/**/beg   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/end   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/susbeg=_mm_read_UBYTE(modreader);			\
@@ -862,10 +866,6 @@ BOOL IT_Load(BOOL curious)
 #endif
 
 				IT_ProcessEnvelope(vol);
-				/* fix for CVE-2009-3995 - snatched from SuSe's fix -- AW */
-				if (ih.volpts>= ENVPOINTS)
-					ih.volpts = ENVPOINTS-1;
-
 				for(u=0;u<ih.volpts;u++)
 					d->volenv[u].val=(ih.volnode[u]<<2);

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional