From: Wolfram Sang <w.sang@pengutronix.de>
Date: Wed, 21 Nov 2012 18:59:12 +0100
Subject: [PATCH] libmikmod: apply patch for CVE-2010-2971

Signed-off-by: Chris Larson <chris_larson@mentor.com>

Taken from OpenEmbedded (4880cfd0217466c737c14f5fe7687baa0a01c00d)

Signed-off-by: Wolfram Sang <w.sang@pengutronix.de>
---
 loaders/load_it.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/loaders/load_it.c b/loaders/load_it.c
index de40bb6..ca82613 100644
--- a/loaders/load_it.c
+++ b/loaders/load_it.c
@@ -743,6 +743,8 @@ BOOL IT_Load(BOOL curious)
 #define IT_LoadEnvelope(name,type) 										\
 				ih. name##flg   =_mm_read_UBYTE(modreader);				\
 				ih. name##pts   =_mm_read_UBYTE(modreader);				\
+				if (ih. name##pts > ITENVCNT)							\
+					ih. name##pts = ITENVCNT;							\
 				ih. name##beg   =_mm_read_UBYTE(modreader);				\
 				ih. name##end   =_mm_read_UBYTE(modreader);				\
 				ih. name##susbeg=_mm_read_UBYTE(modreader);				\
@@ -756,6 +758,8 @@ BOOL IT_Load(BOOL curious)
 #define IT_LoadEnvelope(name,type) 										\
 				ih. name/**/flg   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/pts   =_mm_read_UBYTE(modreader);			\
+				if (ih. name/**/pts > ITENVCNT)							\
+					ih. name/**/pts = ITENVCNT;							\
 				ih. name/**/beg   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/end   =_mm_read_UBYTE(modreader);			\
 				ih. name/**/susbeg=_mm_read_UBYTE(modreader);			\