[gentoo-commits] repo/gentoo:master commit in: media-sound/wavpack/files/, media-sound/wavpack/
commit: d089c8ab350c044944bb61dcafea23699f66a1f8 Author: Miroslav Šulc gentoo org> AuthorDate: Thu Apr 29 05:02:54 2021 + Commit: Miroslav Šulc gentoo org> CommitDate: Thu Apr 29 06:45:23 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d089c8ab media-sound/wavpack: removed obsolete 5.3.2-r1 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Miroslav Šulc gentoo.org> media-sound/wavpack/Manifest | 1 - .../files/wavpack-5.3.2-fix-overflows.patch| 52 -- media-sound/wavpack/wavpack-5.3.2-r1.ebuild| 49 3 files changed, 102 deletions(-) diff --git a/media-sound/wavpack/Manifest b/media-sound/wavpack/Manifest index 1d072a23457..8b255329468 100644 --- a/media-sound/wavpack/Manifest +++ b/media-sound/wavpack/Manifest @@ -1,2 +1 @@ -DIST wavpack-5.3.2.tar.gz 2047344 BLAKE2B 621414f580ef0c6f71ec411cafba5e9d3f971c9ed3fa901d92083b803fb337ad5455c8f488cc985d2203fde56572adcd2899e5a5d6e07365248ef6bfd59b591b SHA512 cff46e000c2edf0124e2f4c9577611d029f124c235bf7811a58dbd5d87a02827d25f7bd0e28d2f05fd413ee9997ba48390acfc2a91ebb53885eb2a0423994a7b DIST wavpack-5.4.0.tar.xz 769764 BLAKE2B d35eefccf3402388d88d370daae41dc0e4f21808474e668f92a9dcee978ae71b96ae167de098a0924fcbaaa75f9b07270280e7c3b16cc8699ffaa7d2eddd0de5 SHA512 de4e75539c9b949d22f39ab73721c8a4ee7c38ff08835aa28b1d56bea08c332bcb601a54998efe520f3653a2e29c73dcfd716ad19707bb2815403786d9ed9c11 diff --git a/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch b/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch deleted file mode 100644 index fbbd40ba8bd..000 --- a/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 89df160596132e3bd666322e1c20b2ebd4b92cd0 Mon Sep 17 00:00:00 2001 -From: David Bryant -Date: Tue, 29 Dec 2020 20:47:19 -0800 -Subject: [PATCH] issue #91: fix integer overflows resulting in buffer overruns - and sanitize a few more encoding parameters for clarity - - src/pack_utils.c | 15 ++- - 1 file changed, 10 insertions(+), 5 deletions(-) - -diff --git a/src/pack_utils.c b/src/pack_utils.c -index 17d9381..480ab90 100644 a/src/pack_utils.c -+++ b/src/pack_utils.c -@@ -200,8 +200,13 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64 - return FALSE; - } - --if (!num_chans) { --strcpy (wpc->error_message, "channel count cannot be zero!"); -+if (num_chans <= 0 || num_chans > NEW_MAX_STREAMS * 2) { -+strcpy (wpc->error_message, "invalid channel count!"); -+return FALSE; -+} -+ -+if (config->block_samples && (config->block_samples < 16 || config->block_samples > 131072)) { -+strcpy (wpc->error_message, "invalid custom block samples!"); - return FALSE; - } - -@@ -523,7 +528,7 @@ int WavpackPackInit (WavpackContext *wpc) - if (wpc->config.num_channels == 1) - wpc->block_samples *= 2; - --while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 30) -+while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 30) - wpc->block_samples /= 2; - } - else { -@@ -534,10 +539,10 @@ int WavpackPackInit (WavpackContext *wpc) - - wpc->block_samples = wpc->config.sample_rate / divisor; - --while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 75000) -+while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 75000) - wpc->block_samples /= 2; - --while (wpc->block_samples * wpc->config.num_channels < 2) -+while ((int64_t) wpc->block_samples * wpc->config.num_channels < 2) - wpc->block_samples *= 2; - } - diff --git a/media-sound/wavpack/wavpack-5.3.2-r1.ebuild b/media-sound/wavpack/wavpack-5.3.2-r1.ebuild deleted file mode 100644 index c34faa9eee4..000 --- a/media-sound/wavpack/wavpack-5.3.2-r1.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools multilib-minimal - -# Need to fetch a commit because upstream didn't tag the minor release -COMMIT="e4e8d191e8dd74cbdbeaef3232c16a7ef517e68d" - -DESCRIPTION="Hybrid lossless audio compression tools" -HOMEPAGE="https://www.wavpack.com/"; -SRC_URI="https://github.com/dbry/${PN}/archive/${COMMIT}.tar.gz -> ${P}.tar.gz" - -LICENSE="BSD" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 sparc x86 ~amd64-linux ~x86-linux ~x86-solaris" -IUSE="test" -RESTRICT="!test? ( test )" - -RDEPEND=">=virtual/libiconv-0-r1" -DEPEND="${RDEPEND}" - -S="${WORKDIR}/WavPack-${COMMIT}" - -PATCHES=( - "${FILESDIR}/${P}-fix-overflows.patch" -) - -src_prepare() { - default -
[gentoo-commits] repo/gentoo:master commit in: media-sound/wavpack/files/, media-sound/wavpack/
commit: 22ab7121945950659d4325be712f786164699a6c Author: Miroslav Šulc gentoo org> AuthorDate: Sat Jan 2 11:53:18 2021 + Commit: Miroslav Šulc gentoo org> CommitDate: Sat Jan 2 11:53:24 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22ab7121 media-sound/wavpack: fixed out of bound write Bug: https://bugs.gentoo.org/762154 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Miroslav Šulc gentoo.org> .../files/wavpack-5.3.2-fix-overflows.patch| 52 ++ ...avpack-5.3.2.ebuild => wavpack-5.3.2-r1.ebuild} | 6 ++- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch b/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch new file mode 100644 index 000..fbbd40ba8bd --- /dev/null +++ b/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch @@ -0,0 +1,52 @@ +From 89df160596132e3bd666322e1c20b2ebd4b92cd0 Mon Sep 17 00:00:00 2001 +From: David Bryant +Date: Tue, 29 Dec 2020 20:47:19 -0800 +Subject: [PATCH] issue #91: fix integer overflows resulting in buffer overruns + and sanitize a few more encoding parameters for clarity + +--- + src/pack_utils.c | 15 ++- + 1 file changed, 10 insertions(+), 5 deletions(-) + +diff --git a/src/pack_utils.c b/src/pack_utils.c +index 17d9381..480ab90 100644 +--- a/src/pack_utils.c b/src/pack_utils.c +@@ -200,8 +200,13 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64 + return FALSE; + } + +-if (!num_chans) { +-strcpy (wpc->error_message, "channel count cannot be zero!"); ++if (num_chans <= 0 || num_chans > NEW_MAX_STREAMS * 2) { ++strcpy (wpc->error_message, "invalid channel count!"); ++return FALSE; ++} ++ ++if (config->block_samples && (config->block_samples < 16 || config->block_samples > 131072)) { ++strcpy (wpc->error_message, "invalid custom block samples!"); + return FALSE; + } + +@@ -523,7 +528,7 @@ int WavpackPackInit (WavpackContext *wpc) + if (wpc->config.num_channels == 1) + wpc->block_samples *= 2; + +-while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 30) ++while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 30) + wpc->block_samples /= 2; + } + else { +@@ -534,10 +539,10 @@ int WavpackPackInit (WavpackContext *wpc) + + wpc->block_samples = wpc->config.sample_rate / divisor; + +-while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 75000) ++while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 75000) + wpc->block_samples /= 2; + +-while (wpc->block_samples * wpc->config.num_channels < 2) ++while ((int64_t) wpc->block_samples * wpc->config.num_channels < 2) + wpc->block_samples *= 2; + } + diff --git a/media-sound/wavpack/wavpack-5.3.2.ebuild b/media-sound/wavpack/wavpack-5.3.2-r1.ebuild similarity index 91% rename from media-sound/wavpack/wavpack-5.3.2.ebuild rename to media-sound/wavpack/wavpack-5.3.2-r1.ebuild index 33880cc9703..c34faa9eee4 100644 --- a/media-sound/wavpack/wavpack-5.3.2.ebuild +++ b/media-sound/wavpack/wavpack-5.3.2-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -23,6 +23,10 @@ DEPEND="${RDEPEND}" S="${WORKDIR}/WavPack-${COMMIT}" +PATCHES=( + "${FILESDIR}/${P}-fix-overflows.patch" +) + src_prepare() { default eautoreconf
[gentoo-commits] repo/gentoo:master commit in: media-sound/wavpack/files/
commit: 3968b8987a511a73d6d491a411695504167beb08 Author: Michael Mair-Keimberger gmail com> AuthorDate: Tue Jul 28 13:30:09 2020 + Commit: Aaron Bauman gentoo org> CommitDate: Tue Jul 28 18:19:35 2020 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3968b898 media-sound/wavpack: remove unused patch(es) Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: Michael Mair-Keimberger gmail.com> Closes: https://github.com/gentoo/gentoo/pull/16874 Signed-off-by: Aaron Bauman gentoo.org> ...vpack-5.1.0-CVE-2018-10536-CVE-2018-10537.patch | 59 --- ...-2018-10538-CVE-2018-10539-CVE-2018-10540.patch | 70 - .../files/wavpack-5.1.0-CVE-2018-6767.patch| 111 - .../files/wavpack-5.1.0-CVE-2018-7253.patch| 31 -- .../files/wavpack-5.1.0-CVE-2018-7254.patch| 64 .../wavpack/files/wavpack-5.1.0-armv7.patch| 19 .../wavpack/files/wavpack-5.1.0-memleaks.patch | 32 -- 7 files changed, 386 deletions(-) diff --git a/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10536-CVE-2018-10537.patch b/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10536-CVE-2018-10537.patch deleted file mode 100644 index d8ac3552ddd..000 --- a/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10536-CVE-2018-10537.patch +++ /dev/null @@ -1,59 +0,0 @@ -From: David Bryant -Date: Tue, 24 Apr 2018 22:18:07 -0700 -Subject: issue #30 issue #31 issue #32: no multiple format chunks in WAV or - W64 - - cli/riff.c | 7 ++- - cli/wave64.c | 6 ++ - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/cli/riff.c b/cli/riff.c -index 7bddf63..5d6452e 100644 a/cli/riff.c -+++ b/cli/riff.c -@@ -53,7 +53,7 @@ extern int debug_logging_mode; - - int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackContext *wpc, WavpackConfig *config) - { --int is_rf64 = !strncmp (fourcc, "RF64", 4), got_ds64 = 0; -+int is_rf64 = !strncmp (fourcc, "RF64", 4), got_ds64 = 0, format_chunk = 0; - int64_t total_samples = 0, infilesize; - RiffChunkHeader riff_chunk_header; - ChunkHeader chunk_header; -@@ -140,6 +140,11 @@ int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack - else if (!strncmp (chunk_header.ckID, "fmt ", 4)) { // if it's the format chunk, we want to get some info out of there and - int supported = TRUE, format;// make sure it's a .wav file we can handle - -+if (format_chunk++) { -+error_line ("%s is not a valid .WAV file!", infilename); -+return WAVPACK_SOFT_ERROR; -+} -+ - if (chunk_header.ckSize < 16 || chunk_header.ckSize > sizeof (WaveHeader) || - !DoReadFile (infile, &WaveHeader, chunk_header.ckSize, &bcount) || - bcount != chunk_header.ckSize) { -diff --git a/cli/wave64.c b/cli/wave64.c -index fa928a0..0388dc7 100644 a/cli/wave64.c -+++ b/cli/wave64.c -@@ -53,6 +53,7 @@ int ParseWave64HeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa - Wave64ChunkHeader chunk_header; - Wave64FileHeader filehdr; - WaveHeader WaveHeader; -+int format_chunk = 0; - uint32_t bcount; - - infilesize = DoGetFileSize (infile); -@@ -104,6 +105,11 @@ int ParseWave64HeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa - if (!memcmp (chunk_header.ckID, fmt_guid, sizeof (fmt_guid))) { - int supported = TRUE, format; - -+if (format_chunk++) { -+error_line ("%s is not a valid .W64 file!", infilename); -+return WAVPACK_SOFT_ERROR; -+} -+ - chunk_header.ckSize = (chunk_header.ckSize + 7) & ~7L; - - if (chunk_header.ckSize < 16 || chunk_header.ckSize > sizeof (WaveHeader) || diff --git a/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10538-CVE-2018-10539-CVE-2018-10540.patch b/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10538-CVE-2018-10539-CVE-2018-10540.patch deleted file mode 100644 index d924bb624bd..000 --- a/media-sound/wavpack/files/wavpack-5.1.0-CVE-2018-10538-CVE-2018-10539-CVE-2018-10540.patch +++ /dev/null @@ -1,70 +0,0 @@ -From: David Bryant -Date: Tue, 24 Apr 2018 17:27:01 -0700 -Subject: issue #33, sanitize size of unknown chunks before malloc() - - cli/dsdiff.c | 9 - - cli/riff.c | 9 - - cli/wave64.c | 9 - - 3 files changed, 24 insertions(+), 3 deletions(-) - -diff --git a/cli/dsdiff.c b/cli/dsdiff.c -index c016df9..fa56bbb 100644 a/cli/dsdiff.c -+++ b/cli/dsdiff.c -@@ -279,7 +279,14 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa - else { // just copy unknown chunks to output file - - int bytes_to_copy = (int)(((dff_chunk_header.ckDataSize) + 1) & ~(int64_t)1); --c
[gentoo-commits] repo/gentoo:master commit in: media-sound/wavpack/files/
commit: db12ac3a9c3cb6d724133b02af0cda8c1bbdb64e Author: Alexis Ballier gentoo org> AuthorDate: Sat Feb 18 14:47:16 2017 + Commit: Alexis Ballier gentoo org> CommitDate: Sat Feb 18 14:47:33 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db12ac3a media-sound/wavpack: Add link to upstream PR in the armv7 patch metadata. Package-Manager: Portage-2.3.3, Repoman-2.3.1 media-sound/wavpack/files/wavpack-5.1.0-armv7.patch | 3 +++ 1 file changed, 3 insertions(+) diff --git a/media-sound/wavpack/files/wavpack-5.1.0-armv7.patch b/media-sound/wavpack/files/wavpack-5.1.0-armv7.patch index 80da2bffc0..f6e6f66280 100644 --- a/media-sound/wavpack/files/wavpack-5.1.0-armv7.patch +++ b/media-sound/wavpack/files/wavpack-5.1.0-armv7.patch @@ -1,6 +1,9 @@ ARM asm is armv7 only in wavpack. Restrict based on host cpu. https://bugs.gentoo.org/show_bug.cgi?id=609168 +Upstream PR: +https://github.com/dbry/WavPack/pull/20 + Index: wavpack-5.1.0/configure.ac === --- wavpack-5.1.0.orig/configure.ac