subject:"\[gentoo\-commits\] repo\/gentoo\:master commit in\: media\-sound\/mp3gain\/files\/, media\-sound\/mp3gain\/"

[gentoo-commits] repo/gentoo:master commit in: media-sound/mp3gain/files/, media-sound/mp3gain/

2020-08-28 Thread Sam James

commit: 78ad7877efb30b4599320e7f81a15cb2527acdfe
Author: Sam James  gentoo  org>
AuthorDate: Sat Aug 29 00:26:26 2020 +
Commit: Sam James  gentoo  org>
CommitDate: Sat Aug 29 00:26:26 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78ad7877

media-sound/mp3gain: security cleanup

Closes: https://bugs.gentoo.org/717940
Package-Manager: Portage-3.0.4, Repoman-3.0.1
Signed-off-by: Sam James  gentoo.org>

 media-sound/mp3gain/Manifest   |  1 -
 .../files/mp3gain-1.6.1-CVE-2017-12911.patch   | 77 --
 media-sound/mp3gain/mp3gain-1.6.1.ebuild   | 34 --
 3 files changed, 112 deletions(-)

diff --git a/media-sound/mp3gain/Manifest b/media-sound/mp3gain/Manifest
index f6771ab442c..e76bdaa6317 100644
--- a/media-sound/mp3gain/Manifest
+++ b/media-sound/mp3gain/Manifest
@@ -1,2 +1 @@
-DIST mp3gain-1_6_1-src.zip 68932 BLAKE2B 
8c1ed35123f1613e189ec7bd74ee9f6176404a1b79c660f8f1a6df461cdfd3c6bb505daa09b8cc4756e1755d0923fe473a45c3ae171fcf35df22daaa08a7717a
 SHA512 
6d26a7716a1901c80caff9d7fb03a454a452c06c6a57a7a921d5979727e112ba139690d8a287dde7a6e5a09b022d3c6f57193b4756a9c25caa177cef65f9e375
 DIST mp3gain-1_6_2-src.zip 71246 BLAKE2B 
5172c2103bb2267bf819f36180e9cd7a9d57df6f7ddc29900e9063f97c4513972053bb0c3f1f69f7ddd12ec0cf4251e93e1b6920389a8246bfdd5650176a90d2
 SHA512 
ec9de6c755120480ccb72b34a0042aea7546ef923090ab04e420d5b189523b4504e29952a3d695d3c42c74348f5c3c9123ff090bcc671e43375711e085d67480

diff --git a/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch 
b/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch
deleted file mode 100644
index 0b5a3228096..000
--- a/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch
+++ /dev/null
@@ -1,77 +0,0 @@
 a/apetag.c
-+++ b/apetag.c
-@@ -49,6 +49,12 @@
- 
- static int Lyrics3GetNumber6 ( const unsigned char* string )
- {
-+  if (string[0] < '0' || string[0] > '9') return 0;
-+  if (string[1] < '0' || string[1] > '9') return 0;
-+  if (string[2] < '0' || string[2] > '9') return 0;
-+  if (string[3] < '0' || string[3] > '9') return 0;
-+  if (string[4] < '0' || string[4] > '9') return 0;
-+  if (string[5] < '0' || string[5] > '9') return 0;
-   return ( string[0] - '0') * 10 +
-  ( string[1] - '0') * 1 +
-  ( string[2] - '0') * 1000 +
-@@ -86,12 +92,14 @@
-   free(*id3tagbuff);
-   *id3tagbuff = (unsigned char *)malloc(128);
- memcpy(*id3tagbuff,tmpid3,128);
-+  if ( *tag_offset < (128 + (long)(sizeof(T))) ) return 0;
- if ( fseek (fp, *tag_offset - 128 - sizeof (T), SEEK_SET) ) return 0;
- if ( fread (, 1, sizeof (T), fp) != sizeof (T) ) return 0;
- // check for lyrics3 v2.00 tag
- if ( memcmp (T.ID, "LYRICS200", sizeof (T.ID)) ) return 0;
-   len = Lyrics3GetNumber6 (T.Length);
--  if ( fseek (fp, *tag_offset - 128 - (int)sizeof (T) - len, SEEK_SET) ) 
return 0;
-+  if (*tag_offset < (128 + (long)(sizeof(T)) + len)) return 0;
-+  if ( fseek (fp, *tag_offset - 128 - (long)sizeof (T) - len, SEEK_SET) ) 
return 0;
- if ( fread  (tmp, 1, 11, fp) != 11 ) return 0;
- if ( memcmp (tmp, "LYRICSBEGIN", 11) ) return 0;
- 
-@@ -167,6 +175,7 @@
- Ver = Read_LE_Uint32 (T.Version);
- if ( (Ver != 1000) && (Ver != 2000) ) return 0;
- if ( (TagLen = Read_LE_Uint32 (T.Length)) < sizeof (T) ) return 0;
-+  if (*tag_offset < TagLen) return 0;
- if ( fseek (fp, *tag_offset - TagLen, SEEK_SET) ) return 0;
- buff = (char *)malloc (TagLen);
- if ( fread (buff, 1, TagLen - sizeof (T), fp) != (TagLen - sizeof (T)) ) {
-@@ -285,6 +294,7 @@
-   (*apeTag)->originalTagSize = TagLen;
- 
- if ( Read_LE_Uint32 (T.Flags) & (1<<31) ) {  // Tag contains header
-+  if (*tag_offset < (long)(sizeof(T))) return 0;
- *tag_offset -= sizeof (T);
- 
-   fseek (fp, *tag_offset, SEEK_SET);
-@@ -355,14 +365,14 @@
-  */
- int ReadMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct 
FileTagsStruct *fileTags) {
- FILE *fi;
--long tag_offset, offs_bk;
-+long tag_offset, offs_bk, file_size;
- 
- fi = fopen(filename, "rb");
- if (fi == NULL)
-   return 0;
-   
-   fseek(fi, 0, SEEK_END);
--tag_offset = ftell(fi);
-+tag_offset = file_size = ftell(fi);
-   
-   fileTags->lyrics3TagSize = 0;
- 
-@@ -373,7 +383,11 @@
-   ReadMP3ID3v1Tag ( fi, &(fileTags->id31tag), _offset );
-   } while ( offs_bk != tag_offset );
- 
--  fileTags->tagOffset = tag_offset;
-+  if (tag_offset >= 0 && tag_offset <= file_size) {
-+  fileTags->tagOffset = tag_offset;
-+  } else { //Corrupt tag information, simply default to end-of-file
-+  fileTags->tagOffset = file_size;
-+  }
- 
- fclose(fi);
- 
\ No newline at end of file

diff --git a/media-sound/mp3gain/mp3gain-1.6.1.ebuild

[gentoo-commits] repo/gentoo:master commit in: media-sound/mp3gain/files/, media-sound/mp3gain/

2020-08-02 Thread Sam James

commit: 36f8689f7903548f5d89827a6e7bdf70a9882cee
Author: Sam James  gentoo  org>
AuthorDate: Mon Aug  3 05:11:12 2020 +
Commit: Sam James  gentoo  org>
CommitDate: Mon Aug  3 05:12:45 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36f8689f

media-sound/mp3gain: bump to 1.6.2 (+ CVE patch)

Bump to 1.6.2, which includes an upstreamed patch
for a previous CVE, and include openSUSE's patch
for CVE-2019-18359 (and others).

Bug: https://bugs.gentoo.org/717940
Package-Manager: Portage-3.0.1, Repoman-2.3.23
Signed-off-by: Sam James  gentoo.org>

 media-sound/mp3gain/Manifest   |   1 +
 .../files/mp3gain-1.6.2-CVE-2019-18359-plus.patch  | 183 +
 media-sound/mp3gain/mp3gain-1.6.2.ebuild   |  33 
 3 files changed, 217 insertions(+)

diff --git a/media-sound/mp3gain/Manifest b/media-sound/mp3gain/Manifest
index 796440a5be0..f6771ab442c 100644
--- a/media-sound/mp3gain/Manifest
+++ b/media-sound/mp3gain/Manifest
@@ -1 +1,2 @@
 DIST mp3gain-1_6_1-src.zip 68932 BLAKE2B 
8c1ed35123f1613e189ec7bd74ee9f6176404a1b79c660f8f1a6df461cdfd3c6bb505daa09b8cc4756e1755d0923fe473a45c3ae171fcf35df22daaa08a7717a
 SHA512 
6d26a7716a1901c80caff9d7fb03a454a452c06c6a57a7a921d5979727e112ba139690d8a287dde7a6e5a09b022d3c6f57193b4756a9c25caa177cef65f9e375
+DIST mp3gain-1_6_2-src.zip 71246 BLAKE2B 
5172c2103bb2267bf819f36180e9cd7a9d57df6f7ddc29900e9063f97c4513972053bb0c3f1f69f7ddd12ec0cf4251e93e1b6920389a8246bfdd5650176a90d2
 SHA512 
ec9de6c755120480ccb72b34a0042aea7546ef923090ab04e420d5b189523b4504e29952a3d695d3c42c74348f5c3c9123ff090bcc671e43375711e085d67480

diff --git a/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch 
b/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch
new file mode 100644
index 000..5f05fc1bf27
--- /dev/null
+++ b/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch
@@ -0,0 +1,183 @@
+openSUSE patch: 
https://build.opensuse.org/package/view_file/openSUSE:Factory/mp3gain/0001-fix-security-bugs.patch?expand=1
+Gentoo bug: https://bugs.gentoo.org/717940
+
+From: Jason Craig 
+Date: Mon, 30 Mar 2020 12:43:20 -0600
+Subject: [PATCH] Fix various security issues including CVE-2019-18359
+References: boo#1154971
+Upstream: dead
+
+Multiple POCs at https://github.com/zjuchenyuan/fuzzpoc were fixed.
+--- a/apetag.c
 b/apetag.c
+@@ -16,6 +16,13 @@
+ #define _stricmp strcasecmp
+ #endif /* WIN32 */
+ 
++// Min and max values for gain and peak in order to fit in allotted space in 
the APE tags. For gain that is nine chars,
++// including a + or -. For peak that is eight chars, including a - but no +. 
Both will always have six precision digits.
++#define MIN_GAIN -9.99
++#define MAX_GAIN 9.99
++#define MIN_PEAK -9.9
++#define MAX_PEAK 9.99
++
+ int ReadMP3ID3v1Tag(FILE *fi, unsigned char **tagbuff, long *tag_offset) {
+ char tmp[128];
+ 
+@@ -102,9 +109,9 @@ static int ReadMP3Lyrics3v2Tag ( FILE *fp, unsigned char 
**tagbuff, unsigned lon
+   if ( fseek (fp, *tag_offset - 128 - (long)sizeof (T) - len, SEEK_SET) ) 
return 0;
+ if ( fread  (tmp, 1, 11, fp) != 11 ) return 0;
+ if ( memcmp (tmp, "LYRICSBEGIN", 11) ) return 0;
+-
++
+ taglen = 128 + Lyrics3GetNumber6(T.Length) + sizeof(T);
+-
++
+ *tag_offset -= taglen;
+ if (*tagbuff != NULL) {
+ free(*tagbuff);
+@@ -142,7 +149,7 @@ enum {
+ 
+ unsigned long strlen_max(const char * ptr, unsigned long max) {
+   unsigned long n = 0;
+-  while (ptr[n] && n < max) n++;
++  while (n < max && ptr[n]) n++;
+   return n;
+ }
+ 
+@@ -234,6 +241,14 @@ int ReadMP3APETag ( FILE *fp,  struct MP3GainTagInfo 
*info, struct APETagStruct
+ info->albumPeak = atof(value);
+ } else if (!_stricmp(name,"MP3GAIN_UNDO")) {
+   /* value should be something like "+003,+003,W" 
*/
++  /* If the file didn't specify enough bytes for 
the value (at least 11...see above), skip the tag. */
++  if(vsize < 11)
++  {
++  free(value);
++  free(name);
++  p += isize + 1 + vsize;
++  continue;
++  }
+ info->haveUndo = !0;
+ vp = value;
+   memcpy(tmpString,vp,4);
+@@ -251,6 +266,14 @@ int ReadMP3APETag ( FILE *fp,  struct MP3GainTagInfo 
*info, struct APETagStruct
+ }
+ } else if (!_stricmp(name,"MP3GAIN_MINMAX")) {
+   /* value should be something like "001,153" */
++  /* If the file didn't specify enough bytes for 
the value (at least 7...see above), skip the tag. */
++  if(vsize < 7)
++

[gentoo-commits] repo/gentoo:master commit in: media-sound/mp3gain/files/, media-sound/mp3gain/

[gentoo-commits] repo/gentoo:master commit in: media-sound/mp3gain/files/, media-sound/mp3gain/

2 matches

Site Navigation

Mail list logo

Footer information