[cvs] dists/10.7/stable/main/finkinfo/libs id3lib4.info, 1.1, 1.2 id3lib4.patch, 1.1, 1.2

Wed, 11 Sep 2013 19:22:27 -0700 

Update of /cvsroot/fink/dists/10.7/stable/main/finkinfo/libs
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv27528

Modified Files:
        id3lib4.info id3lib4.patch 
Log Message:
sync VBR overflow patch from 10.6

Index: id3lib4.patch
===================================================================
RCS file: /cvsroot/fink/dists/10.7/stable/main/finkinfo/libs/id3lib4.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- id3lib4.patch       27 Jul 2011 21:37:04 -0000      1.1
+++ id3lib4.patch       12 Sep 2013 02:21:12 -0000      1.2
@@ -127,3 +127,14 @@
    -export-dynamic
  
  subdir = src
+--- a/src/mp3_parse.cpp        2003-03-02 01:23:00.000000000 +0100
++++ b/src/mp3_parse.cpp        2009-09-27 19:44:18.000000000 +0200
+@@ -465,7 +465,7 @@
+   // from http://www.xingtech.com/developer/mp3/
+ 
+   const size_t VBR_HEADER_MIN_SIZE = 8;     // "xing" + flags are fixed
+-  const size_t VBR_HEADER_MAX_SIZE = 116;   // frames, bytes, toc and scale 
are optional
++  const size_t VBR_HEADER_MAX_SIZE = 120;   // frames, bytes, toc and scale 
are optional
+ 
+   if (mp3size >= vbr_header_offest + VBR_HEADER_MIN_SIZE) 
+   {

Index: id3lib4.info
===================================================================
RCS file: /cvsroot/fink/dists/10.7/stable/main/finkinfo/libs/id3lib4.info,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- id3lib4.info        27 Jul 2011 21:37:04 -0000      1.1
+++ id3lib4.info        12 Sep 2013 02:21:12 -0000      1.2
@@ -1,6 +1,6 @@
 Package: id3lib4
 Version: 3.8.3
-Revision: 2001
+Revision: 2002
 Source: mirror:sourceforge:id3lib/id3lib-%v.tar.gz
 Source-MD5: 19f27ddd2dda4b2d26a559a4f0f402a7
 SourceDirectory: id3lib-%v
@@ -11,7 +11,7 @@
 Depends: %N-shlibs (>= %v-%r), libiconv
 GCC: 4.0
 PatchFile: %n.patch
-PatchFile-MD5: 7b830be1ef203512938f3d80bff9f47d
+PatchFile-MD5: bf1df56618f0a491c5e16c91e36b0bde
 NoSetLDFLAGS: true
 SetLIBS: -L%p/lib -lz
 ConfigureParams: --with-pic --enable-shared --disable-static 
--mandir=%i/share/man --infodir=%p/share/info --libexecdir=%p/lib
@@ -59,6 +59,10 @@
 across several platforms, and providing a powerful and feature-rich API with
 a highly stable and efficient implementation.
 <<
+DescPort: <<
+Patch mp3_parse.cpp to avoid a buffer overflow triggered by VBR files.
+Fixed upstream: 
http://id3lib.cvs.sourceforge.net/viewvc/id3lib/id3lib-stable/src/mp3_parse.cpp?r1=1.6&r2=1.7
+<<
 License: GPL
 Maintainer: Chris Zubrzycki <bere...@users.sourceforge.net>
 Homepage: http://id3lib.sourceforge.net/


------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
Fink-commits mailing list
Fink-commits@lists.sourceforge.net
http://news.gmane.org/gmane.os.apple.fink.cvs

Reply via email to