[cvs] dists/10.4/stable/main/finkinfo/libs id3lib4.patch, NONE, 1.1 id3lib4.info, 1.1, 1.2

Wed, 11 Sep 2013 19:15:22 -0700 

Update of /cvsroot/fink/dists/10.4/stable/main/finkinfo/libs
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv27285

Modified Files:
        id3lib4.info 
Added Files:
        id3lib4.patch 
Log Message:
fix for VBR overflow from upstream CVS and tracker
https://sourceforge.net/p/fink/bugs/1601/
Maintainer OK

--- NEW FILE: id3lib4.patch ---
--- a/src/mp3_parse.cpp 2003-03-02 01:23:00.000000000 +0100
+++ b/src/mp3_parse.cpp 2009-09-27 19:44:18.000000000 +0200
@@ -465,7 +465,7 @@
   // from http://www.xingtech.com/developer/mp3/
 
   const size_t VBR_HEADER_MIN_SIZE = 8;     // "xing" + flags are fixed
-  const size_t VBR_HEADER_MAX_SIZE = 116;   // frames, bytes, toc and scale 
are optional
+  const size_t VBR_HEADER_MAX_SIZE = 120;   // frames, bytes, toc and scale 
are optional
 
   if (mp3size >= vbr_header_offest + VBR_HEADER_MIN_SIZE) 
   {


Index: id3lib4.info
===================================================================
RCS file: /cvsroot/fink/dists/10.4/stable/main/finkinfo/libs/id3lib4.info,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- id3lib4.info        7 Feb 2006 20:47:20 -0000       1.1
+++ id3lib4.info        12 Sep 2013 02:14:28 -0000      1.2
@@ -1,6 +1,6 @@
 Package: id3lib4
 Version: 3.8.3
-Revision: 1014
+Revision: 1015
 Source: mirror:sourceforge:id3lib/id3lib-%v.tar.gz
 Source-MD5: 19f27ddd2dda4b2d26a559a4f0f402a7
 SourceDirectory: id3lib-%v
@@ -9,7 +9,10 @@
 Conflicts: id3lib37, id3lib3.7
 Replaces: id3lib37, id3lib3.7
 GCC: 4.0
+PatchFile: %n.patch
+PatchFile-MD5: 9bc22d5266e846c98dd760f8a9bda455
 PatchScript: <<
+  %{default_script}
   ### Fix relink
   perl -pi.bak -e 's,need_relink=yes,need_relink=no,g' ltmain.sh
   ### Allow two level lib
@@ -62,6 +65,10 @@
 across several platforms, and providing a powerful and feature-rich API with
 a highly stable and efficient implementation.
 <<
+DescPort: <<
+Patch mp3_parse.cpp to avoid a buffer overflow triggered by VBR files.
+Fixed upstream: 
http://id3lib.cvs.sourceforge.net/viewvc/id3lib/id3lib-stable/src/mp3_parse.cpp?r1=1.6&r2=1.7
+<<
 License: GPL
 Maintainer: Chris Zubrzycki <bere...@users.sourceforge.net>
 Homepage: http://id3lib.sourceforge.net/


------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
Fink-commits mailing list
Fink-commits@lists.sourceforge.net
http://news.gmane.org/gmane.os.apple.fink.cvs

Reply via email to