From ff61002dd7ccf013b84623b4d01a3cafefb5fe78 Mon Sep 17 00:00:00 2001
From: Rex Dieter <rdieter@fedoraproject.org>
Date: Thu, 24 Apr 2008 11:57:31 +0000
Subject: [PATCH] * Thu Apr 24 2008 Rex Dieter <rdieter@fedoraproject.org> -
 1.1.12-2 - CVE-2008-1878 (#443056)

---
 xine-lib-1.1.12-CVE-2008-1878.patch | 16 ++++++++++++++++
 xine-lib.spec                       |  7 ++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 xine-lib-1.1.12-CVE-2008-1878.patch

diff --git a/xine-lib-1.1.12-CVE-2008-1878.patch b/xine-lib-1.1.12-CVE-2008-1878.patch
new file mode 100644
index 0000000..b51f875
--- /dev/null
+++ b/xine-lib-1.1.12-CVE-2008-1878.patch
@@ -0,0 +1,16 @@
+diff -up xine-lib-1.1.12/src/demuxers/demux_nsf.c.CVE-2008-1878 xine-lib-1.1.12/src/demuxers/demux_nsf.c
+--- xine-lib-1.1.12/src/demuxers/demux_nsf.c.CVE-2008-1878	2008-03-28 09:24:50.000000000 -0500
++++ xine-lib-1.1.12/src/demuxers/demux_nsf.c	2008-04-24 06:52:45.000000000 -0500
+@@ -106,9 +106,9 @@ static int open_nsf_file(demux_nsf_t *th
+ 
+   this->total_songs = header[6];
+   this->current_song = header[7];
+-  this->title = strdup(&header[0x0E]);
+-  this->artist = strdup(&header[0x2E]);
+-  this->copyright = strdup(&header[0x4E]);
++  this->title = strndup((char*)&header[0x0E], 0x20);
++  this->artist = strndup((char*)&header[0x2E], 0x20);
++  this->copyright = strndup((char*)&header[0x4E], 0x20); 
+ 
+   this->filesize = this->input->get_length(this->input);
+ 
diff --git a/xine-lib.spec b/xine-lib.spec
index a1a11c8..68e9eb2 100644
--- a/xine-lib.spec
+++ b/xine-lib.spec
@@ -32,7 +32,7 @@
 Summary:        Xine library
 Name:           xine-lib
 Version:        1.1.12
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        GPLv2+
 Group:          System Environment/Libraries
 URL:            http://xinehq.de/
@@ -46,6 +46,7 @@ Source2:        %{name}-mk-autotools-patch.sh
 Patch0:         %{name}-%{version}-autotools.patch.bz2
 Patch1:         %{name}-1.1.4-optflags.patch
 Patch6:         %{name}-1.1.1-deepbind-939.patch
+Patch7:         %{name}-1.1.12-CVE-2008-1878.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Provides:       xine-lib(plugin-abi) = %{abiver}
@@ -176,6 +177,7 @@ touch -r m4/optimizations.m4 m4/optimizations.m4.stamp
 touch -r m4/optimizations.m4.stamp m4/optimizations.m4
 # Patch6 needed at least when compiling with external ffmpeg, #939.
 %patch6 -p1 -b .deepbind
+%patch7 -p1 -b .CVE-2008-1878
 
 # Avoid standard rpaths on lib64 archs:
 sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure
@@ -400,6 +402,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Thu Apr 24 2008 Rex Dieter <rdieter@fedoraproject.org> - 1.1.12-2
+- CVE-2008-1878 (#443056)
+
 * Wed Apr 16 2008 Ville Skyttä <ville.skytta at iki.fi> - 1.1.12-1
 - 1.1.12 (plugin ABI 1.21); qt, mkv, and pulseaudio patches applied upstream.