Codebase list libsdl2-mixer / db4e6db
Improve patch metadata Simon McVittie 2 years ago
1 changed file(s) with 14 addition(s) and 7 deletion(s). Raw diff Collapse all Expand all
+14
-7
debian/patches/0199-Fixed-use-after-free-in-music_fluidsynth.c.patch less more
0 From 6160668079f91d57a5d7bf0b40ffdd843be70daf Mon Sep 17 00:00:00 2001
10 From: Sam Lantinga <slouken@libsdl.org>
21 Date: Wed, 20 Jan 2021 10:17:10 -0800
3 Subject: [PATCH 199/199] Fixed use-after-free in music_fluidsynth.c
2 Subject: Fixed use-after-free in music_fluidsynth.c
43
5 Tom M.
6
7 There is a dangerous use-after-free in FLUIDSYNTH_Delete(): the settings object is deleted **before** the synth. Since the settings have been created first to initialize the synth, you must first delete the synth and then delete the settings. This currently crashes all applications that use fluidsynth 2.1.6 and SDL2_mixer. Please apply the attached patch and release a bug fix release.
4 There is a dangerous use-after-free in FLUIDSYNTH_Delete(): the settings
5 object is deleted **before** the synth. Since the settings have been
6 created first to initialize the synth, you must first delete the synth
7 and then delete the settings. This currently crashes all applications
8 that use fluidsynth 2.1.6 and SDL2_mixer. Please apply the attached
9 patch and release a bug fix release.
810
911 Originally reported at https://github.com/FluidSynth/fluidsynth/issues/748
12
13 Co-authored-by: Tom M.
14 Origin: upstream, 2.0.6, commit:https://github.com/libsdl-org/SDL_mixer/commit/6160668079f91d57a5d7bf0b40ffdd843be70daf
1015 ---
11 src/codecs/music_fluidsynth.c | 3 ++-
16 music_fluidsynth.c | 3 ++-
1217 1 file changed, 2 insertions(+), 1 deletion(-)
1318
19 diff --git a/music_fluidsynth.c b/music_fluidsynth.c
20 index f5346a4..e72e2ca 100644
1421 --- a/music_fluidsynth.c
1522 +++ b/music_fluidsynth.c
16 @@ -273,9 +273,10 @@ static void FLUIDSYNTH_Stop(void *contex
23 @@ -273,9 +273,10 @@ static void FLUIDSYNTH_Stop(void *context)
1724 static void FLUIDSYNTH_Delete(void *context)
1825 {
1926 FLUIDSYNTH_Music *music = (FLUIDSYNTH_Music *)context;