From 1090dcccf50e21419f3010cd40bec9c5e6698c10 Mon Sep 17 00:00:00 2001
From: Jerome Duval <jerome.duval@gmail.com>
Date: Sun, 25 Apr 2021 21:39:31 +0200
Subject: [PATCH] sdl2_mixer: upstream patch

---
 .../patches/sdl2_mixer-2.0.4.patchset         | 30 +++++++++++++++++++
 media-libs/sdl2_mixer/sdl2_mixer-2.0.4.recipe |  7 +++--
 2 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 media-libs/sdl2_mixer/patches/sdl2_mixer-2.0.4.patchset

diff --git a/media-libs/sdl2_mixer/patches/sdl2_mixer-2.0.4.patchset b/media-libs/sdl2_mixer/patches/sdl2_mixer-2.0.4.patchset
new file mode 100644
index 000000000..4f0679491
--- /dev/null
+++ b/media-libs/sdl2_mixer/patches/sdl2_mixer-2.0.4.patchset
@@ -0,0 +1,30 @@
+From 6160668079f91d57a5d7bf0b40ffdd843be70daf Mon Sep 17 00:00:00 2001
+From: Sam Lantinga <slouken@libsdl.org>
+Date: Wed, 20 Jan 2021 10:17:10 -0800
+Subject: [PATCH] Fixed use-after-free in music_fluidsynth.c
+
+Tom M.
+
+There is a dangerous use-after-free in FLUIDSYNTH_Delete(): the settings object is deleted **before** the synth. Since the settings have been created first to initialize the synth, you must first delete the synth and then delete the settings. This currently crashes all applications that use fluidsynth 2.1.6 and SDL2_mixer. Please apply the attached patch and release a bug fix release.
+
+Originally reported at https://github.com/FluidSynth/fluidsynth/issues/748
+
+diff --git a/music_fluidsynth.c b/music_fluidsynth.c
+index f5346a4..e72e2ca 100644
+--- a/music_fluidsynth.c
++++ b/music_fluidsynth.c
+@@ -273,9 +273,10 @@ static void FLUIDSYNTH_Stop(void *context)
+ static void FLUIDSYNTH_Delete(void *context)
+ {
+     FLUIDSYNTH_Music *music = (FLUIDSYNTH_Music *)context;
++    fluid_settings_t *settings = fluidsynth.fluid_synth_get_settings(music->synth);
+     fluidsynth.delete_fluid_player(music->player);
+-    fluidsynth.delete_fluid_settings(fluidsynth.fluid_synth_get_settings(music->synth));
+     fluidsynth.delete_fluid_synth(music->synth);
++    fluidsynth.delete_fluid_settings(settings);
+     SDL_free(music);
+ }
+ 
+-- 
+2.30.0
+
diff --git a/media-libs/sdl2_mixer/sdl2_mixer-2.0.4.recipe b/media-libs/sdl2_mixer/sdl2_mixer-2.0.4.recipe
index 20c2386fe..a1681314a 100644
--- a/media-libs/sdl2_mixer/sdl2_mixer-2.0.4.recipe
+++ b/media-libs/sdl2_mixer/sdl2_mixer-2.0.4.recipe
@@ -4,13 +4,14 @@ sdl2_mixer is a simple multi-channel audio mixer library. It supports any \
 number of simultaneously playing channels of 16 bit stereo audio, plus a \
 single channel of music, mixed by the popular FLAC, MikMoD MOD, Timidity MIDI, \
 Ogg Vorbis, and SMPEG MP3 libraries."
-HOMEPAGE="http://www.libsdl.org/projects/SDL_mixer/"
+HOMEPAGE="https://www.libsdl.org/projects/SDL_mixer/"
 COPYRIGHT="1997-2012 Sam Lantinga"
 LICENSE="Zlib"
-REVISION="2"
-SOURCE_URI="http://www.libsdl.org/projects/SDL_mixer/release/SDL2_mixer-$portVersion.tar.gz"
+REVISION="3"
+SOURCE_URI="https://www.libsdl.org/projects/SDL_mixer/release/SDL2_mixer-$portVersion.tar.gz"
 CHECKSUM_SHA256="b4cf5a382c061cd75081cf246c2aa2f9df8db04bdda8dcdc6b6cca55bede2419"
 SOURCE_DIR="SDL2_mixer-$portVersion"
+PATCHES="sdl2_mixer-$portVersion.patchset"
 
 ARCHITECTURES="x86_gcc2 x86 x86_64"
 SECONDARY_ARCHITECTURES="x86_gcc2 x86"