[xmms/f15] fix CVE-2007-0653 (better late than never, huh?), fix alsa output plugin loop, fix desktop file
Tom Callaway
spot at fedoraproject.org
Fri Jul 15 20:17:58 UTC 2011
commit 0105ac7c78c0954383a6befa34d1cc2a50f83b8f
Author: Tom "spot" Callaway <tcallawa at redhat.com>
Date: Fri Jul 15 16:17:47 2011 -0400
fix CVE-2007-0653 (better late than never, huh?), fix alsa output plugin loop, fix desktop file
xmms-1.2.10-ubuntu-CVE-2007-0653.patch | 44 +++++++++++++++++++
xmms-alsa-fix-loop.patch | 72 ++++++++++++++++++++++++++++++++
xmms.desktop | 2 +-
xmms.spec | 33 +++++++++------
4 files changed, 137 insertions(+), 14 deletions(-)
---
diff --git a/xmms-1.2.10-ubuntu-CVE-2007-0653.patch b/xmms-1.2.10-ubuntu-CVE-2007-0653.patch
new file mode 100644
index 0000000..d5c7185
--- /dev/null
+++ b/xmms-1.2.10-ubuntu-CVE-2007-0653.patch
@@ -0,0 +1,44 @@
+diff -up xmms-1.2.11-20071117cvs/xmms/bmp.c.CVE-2007-0653 xmms-1.2.11-20071117cvs/xmms/bmp.c
+--- xmms-1.2.11-20071117cvs/xmms/bmp.c.CVE-2007-0653 2006-07-10 17:45:11.000000000 -0400
++++ xmms-1.2.11-20071117cvs/xmms/bmp.c 2011-07-14 15:54:02.497834489 -0400
+@@ -19,6 +19,12 @@
+ */
+ #include "xmms.h"
+
++#if HAVE_STDINT_H
++#include <stdint.h>
++#elif !defined(UINT32_MAX)
++#define UINT32_MAX 0xffffffffU
++#endif
++
+ struct rgb_quad
+ {
+ guchar rgbBlue;
+@@ -183,7 +189,7 @@ GdkPixmap *read_bmp(gchar * filename)
+ }
+ else if (bitcount != 24 && bitcount != 16 && bitcount != 32)
+ {
+- gint ncols, i;
++ guint32 ncols, i;
+
+ ncols = offset - headSize - 14;
+ if (headSize == 12)
+@@ -201,9 +207,17 @@ GdkPixmap *read_bmp(gchar * filename)
+ }
+ }
+ fseek(file, offset, SEEK_SET);
++ /* verify buffer size */
++ if (!h || !w ||
++ w > (((UINT32_MAX - 3) / 3) / h) ||
++ h > (((UINT32_MAX - 3) / 3) / w)) {
++ g_warning("read_bmp(): width(%u)*height(%u) too large", w, h);
++ fclose(file);
++ return NULL;
++ }
++ data = g_malloc0((w * 3 * h) + 3); /* +3 is just for safety */
+ buffer = g_malloc(imgsize);
+ fread(buffer, imgsize, 1, file);
+- data = g_malloc0((w * 3 * h) + 3); /* +3 is just for safety */
+
+ if (bitcount == 1)
+ read_1b_rgb(buffer, imgsize, data, w, h, rgb_quads);
diff --git a/xmms-alsa-fix-loop.patch b/xmms-alsa-fix-loop.patch
new file mode 100644
index 0000000..716fdaa
--- /dev/null
+++ b/xmms-alsa-fix-loop.patch
@@ -0,0 +1,72 @@
+diff -up xmms-1.2.11-20071117cvs/Output/alsa/audio.c.fix-loop xmms-1.2.11-20071117cvs/Output/alsa/audio.c
+--- xmms-1.2.11-20071117cvs/Output/alsa/audio.c.fix-loop 2006-07-25 17:45:08.000000000 -0400
++++ xmms-1.2.11-20071117cvs/Output/alsa/audio.c 2011-07-15 16:05:55.805328775 -0400
+@@ -807,7 +807,7 @@ static void *alsa_loop(void *arg)
+ unsigned short *revents;
+
+ if (npfds <= 0)
+- goto _error;
++ goto _cleanup;
+ pfds = alloca(sizeof(*pfds) * npfds);
+ revents = alloca(sizeof(*revents) * npfds);
+ while (going && alsa_pcm)
+@@ -828,16 +828,34 @@ static void *alsa_loop(void *arg)
+ int i;
+ snd_pcm_poll_descriptors_revents(alsa_pcm, pfds,
+ npfds, revents);
+- for (i = 0; i < npfds; i++)
++ for (i = 0; i < npfds; i++)
++ {
+ if (revents[i] & POLLOUT)
+ {
++ debug("calling alsa_write_out_thread_data()");
+ alsa_write_out_thread_data();
++ debug("done with alsa_write_out_thread_data, break!");
+ break;
+- }
++ }
++ debug("Still in the for loop");
++ }
++ debug("Out of the for loop, but still in the if poll.");
+ }
++ debug("Still in the not-paused not-prebuffer conditional");
+ }
+ else
+- xmms_usleep(10000);
++ {
++ if (paused)
++ debug("Sorry, I'm paused. Taking a little nap.");
++ if (prebuffer)
++ debug("Buffering like Real Player.");
++ if (paused || prebuffer) {
++ xmms_usleep(10000);
++ } else {
++ debug("All done!");
++ goto _cleanup;
++ }
++ }
+
+ if (pause_request != paused)
+ alsa_do_pause(pause_request);
+@@ -850,11 +868,12 @@ static void *alsa_loop(void *arg)
+ }
+ }
+
+- _error:
++ _cleanup:
+ alsa_close_pcm();
+ g_free(thread_buffer);
+ thread_buffer = NULL;
+ pthread_exit(NULL);
++ return;
+ }
+
+ /* open callback */
+@@ -901,6 +920,7 @@ int alsa_open(AFormat fmt, int rate, int
+ flush_request = -1;
+
+ pthread_create(&audio_thread, NULL, alsa_loop, NULL);
++ debug("Do we get here?");
+ return 1;
+ }
+
diff --git a/xmms.desktop b/xmms.desktop
index aa9b1f8..94c3326 100644
--- a/xmms.desktop
+++ b/xmms.desktop
@@ -69,7 +69,7 @@ Comment[vi]=Chơi tập tin nhạc Ogg Vorbis và các tập tin khác
Comment[zh_CN]=播放 Ogg Vorbis 及其它音频文件
Comment[zh_TW]=播放 Ogg Vorbis 以及其他音效檔案
Comment[zu]=Dlala i- Ogg Vorbis kanye namafayela okuzwa
-Exec=xmms -e %F
+Exec=xmms -e -p %F
Icon=xmms
MimeType=audio/x-mp3;audio/x-mod;audio/x-wav;audio/x-mpegurl;audio/mpegurl;audio/x-scpls;application/x-ogg;application/ogg
GenericName=Audio Player
diff --git a/xmms.spec b/xmms.spec
index a606ad0..b166c59 100644
--- a/xmms.spec
+++ b/xmms.spec
@@ -1,16 +1,16 @@
Name: xmms
Version: 1.2.11
-Release: 12.20071117cvs%{?dist}
+Release: 15.20071117cvs%{?dist}
Epoch: 1
Summary: The X MultiMedia System, a media player
Group: Applications/Multimedia
License: GPLv2+
-URL: http://www.xmms.org/
+URL: http://legacy.xmms2.org/
# http://www.xmms.org/download.php, to recreate the tarball:
-# $ wget http://www.xmms.org/files/1.2.x/xmms-1.2.10.tar.bz2
-# $ tar jx --exclude "mpg123*" -f xmms-1.2.10.tar.bz2
-# $ tar jcf xmms-1.2.10.patched.tar.bz2 xmms-1.2.10
+# $ wget http://legacy.xmms2.org/xmms-1.2.11.tar.bz2
+# $ tar jx --exclude "mpg123*" -f xmms-1.2.11.tar.bz2
+# $ tar jcf xmms-1.2.11.patched.tar.bz2 xmms-1.2.11
Source0: %{name}-%{version}-20071117cvs.patched.tar.bz2
Source1: xmms.sh
Source2: xmms.xpm
@@ -33,7 +33,8 @@ Patch12: %{name}-1.2.11-is_quitting.patch
Patch14: %{name}-1.2.10-configfile-safe-write.patch
Patch15: %{name}-1.2.10-reposition.patch
Patch16: %{name}-1.2.11-dso.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch17: xmms-1.2.10-ubuntu-CVE-2007-0653.patch
+Patch18: xmms-alsa-fix-loop.patch
BuildRequires: gtk+-devel
BuildRequires: esound-devel
@@ -113,6 +114,8 @@ Files needed for building plug-ins for the X MultiMedia System.
%patch15 -p1
%patch9 -p1 -b .playonclick
%patch16 -p1 -b .dso
+%patch17 -p1 -b .CVE-2007-0653
+%patch18 -p1 -b .fix-loop
# Avoid standard rpaths on lib64 archs, --disable-rpath doesn't do it
sed -i -e 's|"/lib /usr/lib"|"/%{_lib} %{_libdir}"|' configure
@@ -138,7 +141,6 @@ make
%install
-rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
install -pm 755 librh_mp3.so %{buildroot}%{_libdir}/xmms/Input
install -dm 755 %{buildroot}%{_datadir}/xmms/Skins
@@ -167,10 +169,6 @@ install -Dpm 644 xmms.pc %{buildroot}%{_libdir}/pkgconfig/xmms.pc
%find_lang %{name}
-%clean
-rm -rf %{buildroot}
-
-
%post
touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
@@ -191,7 +189,6 @@ update-desktop-database &>/dev/null || :
%files -f %{name}.lang
-%defattr(-,root,root,-)
%doc AUTHORS ChangeLog COPYING FAQ NEWS TODO README
%{_bindir}/xmms
%{_bindir}/wmxmms
@@ -203,7 +200,6 @@ update-desktop-database &>/dev/null || :
%{_mandir}/man1/*xmms.1*
%files libs
-%defattr(-,root,root,-)
%doc COPYING
%{_libdir}/libxmms.so.*
%dir %{_libdir}/xmms/
@@ -230,6 +226,17 @@ update-desktop-database &>/dev/null || :
%changelog
+* Fri Jul 15 2011 Tom Callaway <spot at fedoraproject.org> - 1:1.2.11-15.20071117cvs
+- fix alsa plugin loop code to, well, stop looping when the track is done
+- fix desktop file to enqueue and play files
+- add patch from Ubuntu for CVE-2007-0653
+
+* Thu Jul 14 2011 Tom Callaway <spot at fedoraproject.org> - 1:1.2.11-14.20071117cvs
+- fix url (bz 672011)
+
+* Thu Jul 14 2011 Tom Callaway <spot at fedoraproject.org> - 1:1.2.11-13.20071117cvs
+- minor spec cleanup and rebuild
+
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:1.2.11-12.20071117cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
More information about the scm-commits
mailing list