Date: Saturday, May 16, 2020 @ 11:17:03
Author: felixonmars
Revision: 384278
archrelease: copy trunk to staging-x86_64
Added:
libid3tag/repos/staging-x86_64/
libid3tag/repos/staging-x86_64/10_utf16.diff
(from rev 384277, libid3tag/trunk/10_utf16.diff)
libid3tag/repos/staging-x86_64/11_unknown_encoding.diff
(from rev 384277, libid3tag/trunk/11_unknown_encoding.diff)
libid3tag/repos/staging-x86_64/CVE-2008-2109.patch
(from rev 384277, libid3tag/trunk/CVE-2008-2109.patch)
libid3tag/repos/staging-x86_64/PKGBUILD
(from rev 384277, libid3tag/trunk/PKGBUILD)
libid3tag/repos/staging-x86_64/id3tag.pc
(from rev 384277, libid3tag/trunk/id3tag.pc)
libid3tag/repos/staging-x86_64/libid3tag-gperf.patch
(from rev 384277, libid3tag/trunk/libid3tag-gperf.patch)
--------------------------+
10_utf16.diff | 48 +++++++++++++++++++++++++++++++++++++++++++++
11_unknown_encoding.diff | 37 ++++++++++++++++++++++++++++++++++
CVE-2008-2109.patch | 11 ++++++++++
PKGBUILD | 46 +++++++++++++++++++++++++++++++++++++++++++
id3tag.pc | 10 +++++++++
libid3tag-gperf.patch | 26 ++++++++++++++++++++++++
6 files changed, 178 insertions(+)
Copied: libid3tag/repos/staging-x86_64/10_utf16.diff (from rev 384277,
libid3tag/trunk/10_utf16.diff)
===================================================================
--- staging-x86_64/10_utf16.diff (rev 0)
+++ staging-x86_64/10_utf16.diff 2020-05-16 11:17:03 UTC (rev 384278)
@@ -0,0 +1,48 @@
+#! /bin/sh -e
+## 10_utf16.dpatch by <[email protected]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Handle bogus UTF16 sequences that have a length that is not
+## DP: an even number of 8 bit characters.
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p1 ${patch_opts} < $0;;
+ -unpatch) patch -R -p1 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+diff -urNad libid3tag-0.15.1b/utf16.c
/tmp/dpep.tKvO7a/libid3tag-0.15.1b/utf16.c
+--- libid3tag-0.15.1b/utf16.c 2006-01-13 15:26:29.000000000 +0100
++++ /tmp/dpep.tKvO7a/libid3tag-0.15.1b/utf16.c 2006-01-13 15:27:19.000000000
+0100
+@@ -282,5 +282,18 @@
+
+ free(utf16);
+
++ if (end == *ptr && length % 2 != 0)
++ {
++ /* We were called with a bogus length. It should always
++ * be an even number. We can deal with this in a few ways:
++ * - Always give an error.
++ * - Try and parse as much as we can and
++ * - return an error if we're called again when we
++ * already tried to parse everything we can.
++ * - tell that we parsed it, which is what we do here.
++ */
++ (*ptr)++;
++ }
++
+ return ucs4;
+ }
Copied: libid3tag/repos/staging-x86_64/11_unknown_encoding.diff (from rev
384277, libid3tag/trunk/11_unknown_encoding.diff)
===================================================================
--- staging-x86_64/11_unknown_encoding.diff (rev 0)
+++ staging-x86_64/11_unknown_encoding.diff 2020-05-16 11:17:03 UTC (rev
384278)
@@ -0,0 +1,37 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 11_unknown_encoding.dpatch by Andreas Henriksson <[email protected]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: In case of an unknown/invalid encoding, id3_parse_string() will
+## DP: return NULL, but the return value wasn't checked resulting
+## DP: in segfault in id3_ucs4_length(). This is the only place
+## DP: the return value wasn't checked.
+
+@DPATCH@
+diff -urNad libid3tag-0.15.1b~/compat.gperf libid3tag-0.15.1b/compat.gperf
+--- libid3tag-0.15.1b~/compat.gperf 2004-01-23 09:41:32.000000000 +0000
++++ libid3tag-0.15.1b/compat.gperf 2007-01-14 14:36:53.000000000 +0000
+@@ -236,6 +236,10 @@
+
+ encoding = id3_parse_uint(&data, 1);
+ string = id3_parse_string(&data, end - data, encoding, 0);
++ if (!string)
++ {
++ continue;
++ }
+
+ if (id3_ucs4_length(string) < 4) {
+ free(string);
+diff -urNad libid3tag-0.15.1b~/parse.c libid3tag-0.15.1b/parse.c
+--- libid3tag-0.15.1b~/parse.c 2004-01-23 09:41:32.000000000 +0000
++++ libid3tag-0.15.1b/parse.c 2007-01-14 14:37:34.000000000 +0000
+@@ -165,6 +165,9 @@
+ case ID3_FIELD_TEXTENCODING_UTF_8:
+ ucs4 = id3_utf8_deserialize(ptr, length);
+ break;
++ default:
++ /* FIXME: Unknown encoding! Print warning? */
++ return NULL;
+ }
+
+ if (ucs4 && !full) {
Copied: libid3tag/repos/staging-x86_64/CVE-2008-2109.patch (from rev 384277,
libid3tag/trunk/CVE-2008-2109.patch)
===================================================================
--- staging-x86_64/CVE-2008-2109.patch (rev 0)
+++ staging-x86_64/CVE-2008-2109.patch 2020-05-16 11:17:03 UTC (rev 384278)
@@ -0,0 +1,11 @@
+--- field.c.orig 2008-05-05 09:49:15.000000000 -0400
++++ field.c 2008-05-05 09:49:25.000000000 -0400
+@@ -291,7 +291,7 @@
+
+ end = *ptr + length;
+
+- while (end - *ptr > 0) {
++ while (end - *ptr > 0 && **ptr != '\0') {
+ ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0);
+ if (ucs4 == 0)
+ goto fail;
Copied: libid3tag/repos/staging-x86_64/PKGBUILD (from rev 384277,
libid3tag/trunk/PKGBUILD)
===================================================================
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2020-05-16 11:17:03 UTC (rev 384278)
@@ -0,0 +1,46 @@
+# Maintainer: Lukas Fleischer <[email protected]>
+# Contributor: dorphell <[email protected]>
+
+pkgname=libid3tag
+pkgver=0.15.1b
+pkgrel=10
+pkgdesc="library for id3 tagging"
+arch=('x86_64')
+url="https://www.underbit.com/products/mad/";
+license=('GPL')
+depends=('zlib')
+makedepends=('gperf')
+source=("ftp://ftp.mars.org/pub/mpeg/${pkgname}-${pkgver}.tar.gz";
+ 'id3tag.pc'
+ '10_utf16.diff' '11_unknown_encoding.diff' 'CVE-2008-2109.patch'
libid3tag-gperf.patch)
+md5sums=('e5808ad997ba32c498803822078748c3'
+ '8bb41fd814fafcc37ec8bc88f5545a4a'
+ '4f9df4011e6a8c23240fff5de2d05f6e'
+ '3ca856b97924d48a0fdfeff0bd83ce7d'
+ 'c51822ea6301b1ca469975f0c9ee8e34'
+ '85502349069e61eaeea4610b1ea6cb56')
+
+prepare() {
+ cd "$pkgname-$pkgver"
+
+ patch -p1 -i "${srcdir}"/10_utf16.diff
+ patch -p1 -i "${srcdir}"/11_unknown_encoding.diff
+ patch -Np0 -i "${srcdir}/"CVE-2008-2109.patch
+ patch -p1 -i ../libid3tag-gperf.patch # Fedora patch
+
+ rm compat.c frametype.c # regenerate them from gperf sources
+}
+
+build() {
+ cd "${pkgname}-${pkgver}"
+
+ ./configure --prefix=/usr
+ make
+}
+
+package() {
+ cd "${pkgname}-${pkgver}"
+
+ make DESTDIR="${pkgdir}" install
+ install -D -m644 "${srcdir}/id3tag.pc"
"${pkgdir}/usr/lib/pkgconfig/id3tag.pc"
+}
Copied: libid3tag/repos/staging-x86_64/id3tag.pc (from rev 384277,
libid3tag/trunk/id3tag.pc)
===================================================================
--- staging-x86_64/id3tag.pc (rev 0)
+++ staging-x86_64/id3tag.pc 2020-05-16 11:17:03 UTC (rev 384278)
@@ -0,0 +1,10 @@
+prefix=/usr
+exec_prefix=/usr/bin
+libdir=/usr/lib
+includedir=/usr/include
+
+Name: ID3TAG
+Description: libid3tag - ID3 tag manipulation library
+Version: 0.15.0b
+Libs: -L${libdir} -lid3tag -lz
+Cflags:
Copied: libid3tag/repos/staging-x86_64/libid3tag-gperf.patch (from rev 384277,
libid3tag/trunk/libid3tag-gperf.patch)
===================================================================
--- staging-x86_64/libid3tag-gperf.patch (rev 0)
+++ staging-x86_64/libid3tag-gperf.patch 2020-05-16 11:17:03 UTC (rev
384278)
@@ -0,0 +1,26 @@
+Index: libid3tag-0.15.1b/frametype.h
+===================================================================
+--- libid3tag-0.15.1b.orig/frametype.h
++++ libid3tag-0.15.1b/frametype.h
+@@ -37,6 +37,6 @@ extern struct id3_frametype const id3_fr
+ extern struct id3_frametype const id3_frametype_obsolete;
+
+ struct id3_frametype const *id3_frametype_lookup(register char const *,
+- register unsigned int);
++ register size_t);
+
+ # endif
+Index: libid3tag-0.15.1b/compat.h
+===================================================================
+--- libid3tag-0.15.1b.orig/compat.h
++++ libid3tag-0.15.1b/compat.h
+@@ -34,7 +34,7 @@ struct id3_compat {
+ };
+
+ struct id3_compat const *id3_compat_lookup(register char const *,
+- register unsigned int);
++ register size_t);
+
+ int id3_compat_fixup(struct id3_tag *);
+
+
