--- a/open-src/lib/libXvMC/CVE-2013-1990.patch Fri May 24 11:40:22 2013 -0700
+++ b/open-src/lib/libXvMC/CVE-2013-1990.patch Fri May 24 15:50:17 2013 -0700
@@ -327,3 +327,42 @@
--
1.7.9.2
+From 8c164524d229adb6141fdac8336b3823e7fe1a5d Mon Sep 17 00:00:00 2001
+From: Dave Airlie <[email protected]>
+Date: Fri, 24 May 2013 14:47:30 +1000
+Subject: [PATCH:libXvMC] Multiple unvalidated patches in CVE-2013-1999
+
+Al Viro pointed out that Debian started segfaulting in Xine for him,
+
+Reported-by: Al Viro
+Signed-off-by: Dave Airlie <[email protected]>
+---
+ src/XvMC.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/XvMC.c b/src/XvMC.c
+index cb42487..74c8b85 100644
+--- a/src/XvMC.c
++++ b/src/XvMC.c
+@@ -585,15 +585,15 @@ Status XvMCGetDRInfo(Display *dpy, XvPortID port,
+ if (*name && *busID && tmpBuf) {
+ _XRead(dpy, tmpBuf, realSize);
+ strncpy(*name,tmpBuf,rep.nameLen);
+- name[rep.nameLen - 1] = '\0';
++ (*name)[rep.nameLen - 1] = '\0';
+ strncpy(*busID,tmpBuf+rep.nameLen,rep.busIDLen);
+- busID[rep.busIDLen - 1] = '\0';
++ (*busID)[rep.busIDLen - 1] = '\0';
+ XFree(tmpBuf);
+ } else {
+ XFree(*name);
+ *name = NULL;
+ XFree(*busID);
+- *name = NULL;
++ *busID = NULL;
+ XFree(tmpBuf);
+
+ _XEatDataWords(dpy, rep.length);
+--
+1.7.9.2
+