aboutsummaryrefslogtreecommitdiff
This patch was downloaded from https://sourceforge.net/p/mpg321/bugs/51/ and
fixes CVE-2019-14247.

Description: Handle illegal bitrate value
Author: Chrysostomos Nanakos <cnanakos@debian.org>
Bug-Debian: https://bugs.debian.org/870406
Bug-Debian: https://bugs.debian.org/887057

--- mpg321-0.3.2.orig/mad.c
+++ mpg321-0.3.2/mad.c
@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len,
 
     if (!is_vbr)
     {
+	if (header.bitrate <= 0)                                                
+        {                                                                       
+            fprintf(stderr, "Illegal bit allocation value\n");                                                                              
+            return;                                                             
+        }    
+
         double time = (len * 8.0) / (header.bitrate); /* time in seconds */
         double timefrac = (double)time - ((long)(time));
         long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */
generated by cgit
les....For adding modules, trytond uses entry-points, anyhow relying on the modules being named "trytond.modules.xxx" and being placed in the same filesystem path as "trytond.modules". The package "trytond.modules" is not a namespace module, anyhow trytond modules must be sub-modules of "trytond.modules". This works well if all packages are installed into the same filesystem path "…/trytond/modules": The Python importer will find all sub_modules at this place. Anyhow, in Guix, modules don't share the same filesystem path and the Python importer will not find them. Solution is to add all trytond module's locations to "trytond.modules._path__". This will make "trytond.module" behave much like a namespace module and the importer pick up the module. * gnu/packages/patches/trytond-add-egg-modules-to-path.patch: New file. * gnu/packages/tryton.scm (trytond): Use it. * gnu/local.mk (dist_patch_DATA): Add it Hartmut Goebel