Date: Friday, February 26, 2021 @ 23:24:42
Author: heftig
Revision: 874489
1.2.12-9: FS#69801 add a patch
Added:
sdl_mixer/trunk/fluidsynth-use-after-free.patch
Modified:
sdl_mixer/trunk/PKGBUILD
---------------------------------+
PKGBUILD | 9 ++++++---
fluidsynth-use-after-free.patch | 37 +++++++++++++++++++++++++++++++++++++
2 files changed, 43 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-02-26 23:08:19 UTC (rev 874488)
+++ PKGBUILD 2021-02-26 23:24:42 UTC (rev 874489)
@@ -5,7 +5,7 @@
pkgname=sdl_mixer
pkgver=1.2.12
-pkgrel=8
+pkgrel=9
pkgdesc="A simple multi-channel audio mixer"
url="https://www.libsdl.org/projects/SDL_mixer/"
arch=(x86_64)
@@ -14,12 +14,14 @@
makedepends=(fluidsynth)
optdepends=('fluidsynth: MIDI software synth, replaces built-in timidity')
source=(https://www.libsdl.org/projects/SDL_mixer/release/SDL_mixer-$pkgver.tar.gz
- mikmod1.patch mikmod2.patch fluidsynth-volume.patch double-free-crash.patch)
+ mikmod1.patch mikmod2.patch fluidsynth-volume.patch double-free-crash.patch
+ fluidsynth-use-after-free.patch)
sha256sums=('1644308279a975799049e4826af2cfc787cad2abb11aa14562e402521f86992a'
'e0d36cd81083a0b033436b8f300cc4f4513a6043e57fea139afbade02dbe0de8'
'a0c5326b4363464159a38dc51badad984b65ce0fa4c3b1dd1ad5f73bc7b6c55e'
'4b6c567debf18c88398d4045a6e4ed0954f0e04cc61162ca907a83ddec17cd70'
- 'b707f5c8d1229d1612cc8a9f4e976f0a3b19ea40d7bd1d5bc1cbd5c9f8bca56d')
+ 'b707f5c8d1229d1612cc8a9f4e976f0a3b19ea40d7bd1d5bc1cbd5c9f8bca56d'
+ '97a9ec5ce455114e3fde862670da468a81ba3a868f9385048ddc45a5a3102d03')
prepare() {
cd SDL_mixer-$pkgver
@@ -28,6 +30,7 @@
patch -Np1 -i ../mikmod2.patch
patch -Np1 -i ../fluidsynth-volume.patch
patch -Np1 -i ../double-free-crash.patch
+ patch -Np1 -i ../fluidsynth-use-after-free.patch
sed -e "/CONFIG_FILE_ETC/s|/etc/timidity.cfg|/etc/timidity++/timidity.cfg|" \
-e "/DEFAULT_PATH/s|/etc/timidity|/etc/timidity++|" \
Added: fluidsynth-use-after-free.patch
===================================================================
--- fluidsynth-use-after-free.patch (rev 0)
+++ fluidsynth-use-after-free.patch 2021-02-26 23:24:42 UTC (rev 874489)
@@ -0,0 +1,37 @@
+From 452a55c5d8cd78621114b8aaa258377403797ea7 Mon Sep 17 00:00:00 2001
+From: Ozkan Sezer <sezeroz at gmail.com>
+Date: Fri, 22 Jan 2021 17:47:01 +0300
+Subject: [PATCH] Fix use-after-free in music_fluidsynth.c (backport from
+ default branch)
+
+Tom M.
+
+There is a dangerous use-after-free in FLUIDSYNTH_Delete(): the settings
+object is deleted **before** the synth. Since the settings have been
+created first to initialize the synth, you must first delete the synth
+and then delete the settings. This currently crashes all applications
+that use fluidsynth 2.1.6 and SDL2_mixer.
+
+Originally reported at https://github.com/FluidSynth/fluidsynth/issues/748
+---
+ fluidsynth.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/fluidsynth.c b/fluidsynth.c
+index 717d8aa..179d79c 100644
+--- a/fluidsynth.c
++++ b/fluidsynth.c
+@@ -152,10 +152,12 @@ FluidSynthMidiSong *fluidsynth_loadsong_RW(SDL_RWops *rw, int freerw)
+
+ void fluidsynth_freesong(FluidSynthMidiSong *song)
+ {
++ fluid_settings_t *settings;
+ if (!song) return;
++ settings = fluidsynth.fluid_synth_get_settings(song->synth);
+ fluidsynth.delete_fluid_player(song->player);
+- fluidsynth.delete_fluid_settings(fluidsynth.fluid_synth_get_settings(song->synth));
+ fluidsynth.delete_fluid_synth(song->synth);
++ fluidsynth.delete_fluid_settings(settings);
+ SDL_free(song);
+ }
+