termux-packages/packages/timidity++/CVE-2017-11546.patch

32 lines
1005 B
Diff
Raw Normal View History

2022-04-18 00:34:09 +02:00
From 2386ec2c745f6c5075e53ea051da211336b44b84 Mon Sep 17 00:00:00 2001
From: Takashi Iwai <tiwai@suse.de>
Date: Tue, 26 Jun 2018 22:31:27 +0200
Subject: readmidi: Fix division by zero
References: CVE-2017-11546
An adhoc fix for division by zero in insert_note_steps().
Signed-off-by: Takashi Iwai <tiwai@suse.de>
bug-debian: https://bugs.debian.org/870338
bug-suse: https://bugzilla.suse.com/show_bug.cgi?id=1081694
bug: https://bugzilla.suse.com/show_bug.cgi?id=1081694
origin: https://bugzilla.suse.com/attachment.cgi?id=760825
---
timidity/readmidi.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/timidity/readmidi.c b/timidity/readmidi.c
index 158388a..341777e 100644
--- a/timidity/readmidi.c
+++ b/timidity/readmidi.c
@@ -4585,6 +4585,8 @@ static void insert_note_steps(void)
if (beat != 0)
meas++, beat = 0;
num = timesig[n].a, denom = timesig[n].b, n++;
+ if (!denom)
+ denom = 1;
}
a = (meas + 1) & 0xff;
b = (((meas + 1) >> 8) & 0x0f) + ((beat + 1) << 4);