summaryrefslogtreecommitdiff
path: root/media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch')
-rw-r--r--media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch104
1 files changed, 0 insertions, 104 deletions
diff --git a/media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch b/media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch
deleted file mode 100644
index 0560cd2b825b..000000000000
--- a/media-sound/milkytracker/files/milkytracker-1.02.00-CVE-2019-1449x.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-This patch is from upstream:
-https://github.com/milkytracker/MilkyTracker/commit/ea7772a3fae0a9dd0a322e8fec441d15843703b7
-
-commit ea7772a3fae0a9dd0a322e8fec441d15843703b7
-Author: Christopher O'Neill <code@chrisoneill.co.uk>
-Date: Tue Jul 30 18:40:03 2019 +0100
-
- Fixes for buffer overflow issues #182 & #183
-
-diff --git a/src/milkyplay/LoaderXM.cpp b/src/milkyplay/LoaderXM.cpp
-index 108d915..f87f5c1 100644
---- a/src/milkyplay/LoaderXM.cpp
-+++ b/src/milkyplay/LoaderXM.cpp
-@@ -63,8 +63,8 @@ const char* LoaderXM::identifyModule(const mp_ubyte* buffer)
- mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
- {
- mp_ubyte insData[230];
-- mp_sint32 smpReloc[96];
-- mp_ubyte nbu[96];
-+ mp_sint32 smpReloc[MP_MAXINSSAMPS];
-+ mp_ubyte nbu[MP_MAXINSSAMPS];
- mp_uint32 fileSize = 0;
-
- module->cleanUp();
-@@ -117,6 +117,8 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
- memcpy(header->ord, hdrBuff+16, 256);
- if(header->ordnum > MP_MAXORDERS)
- header->ordnum = MP_MAXORDERS;
-+ if(header->insnum > MP_MAXINS)
-+ return MP_LOADER_FAILED;
-
- delete[] hdrBuff;
-
-@@ -143,7 +145,7 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
- f.read(&instr[y].type,1,1);
- mp_uword numSamples = 0;
- f.readWords(&numSamples,1);
-- if(numSamples > 96)
-+ if(numSamples > MP_MAXINSSAMPS)
- return MP_LOADER_FAILED;
- instr[y].samp = numSamples;
-
-@@ -169,8 +171,8 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
- if (instr[y].samp) {
- mp_ubyte* insDataPtr = insData;
-
-- memcpy(nbu, insDataPtr, 96);
-- insDataPtr+=96;
-+ memcpy(nbu, insDataPtr, MP_MAXINSSAMPS);
-+ insDataPtr+=MP_MAXINSSAMPS;
-
- TEnvelope venv;
- TEnvelope penv;
-@@ -285,7 +287,7 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
-
- instr[y].samp = g;
-
-- for (sc = 0; sc < 96; sc++) {
-+ for (sc = 0; sc < MP_MAXINSSAMPS; sc++) {
- if (smpReloc[nbu[sc]] == -1)
- instr[y].snum[sc] = -1;
- else
-@@ -491,6 +493,8 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
- f.read(&instr[y].type,1,1);
- f.readWords(&instr[y].samp,1);
- }
-+ if (instr[y].samp > MP_MAXINSSAMPS)
-+ return MP_LOADER_FAILED;
-
- //printf("%i, %i\n", instr[y].size, instr[y].samp);
-
-@@ -532,8 +536,8 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
-
- //f.read(&nbu,1,96);
-
-- memcpy(nbu, insDataPtr, 96);
-- insDataPtr+=96;
-+ memcpy(nbu, insDataPtr, MP_MAXINSSAMPS);
-+ insDataPtr+=MP_MAXINSSAMPS;
-
- TEnvelope venv;
- TEnvelope penv;
-@@ -650,7 +654,7 @@ mp_sint32 LoaderXM::load(XMFileBase& f, XModule* module)
-
- instr[y].samp = g;
-
-- for (sc = 0; sc < 96; sc++) {
-+ for (sc = 0; sc < MP_MAXINSSAMPS; sc++) {
- if (smpReloc[nbu[sc]] == -1)
- instr[y].snum[sc] = -1;
- else
-diff --git a/src/milkyplay/XModule.h b/src/milkyplay/XModule.h
-index f42d04b..4f04a2d 100644
---- a/src/milkyplay/XModule.h
-+++ b/src/milkyplay/XModule.h
-@@ -40,6 +40,8 @@
-
- #define MP_MAXTEXT 32
- #define MP_MAXORDERS 256
-+#define MP_MAXINS 255
-+#define MP_MAXINSSAMPS 96
-
- struct TXMHeader
- {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 11:42:08 +0000