commit 46b9ce1e2f69e6320abebdee0a98da9dd7366f47 Author: Jan Palus <jan.pa...@gmail.com> Date: Sun Mar 23 12:23:39 2014 +0100
- up to 0.9.0 - updated BRs - library renamed to include soname - patch for format security errors libmp3splt-format_security.patch | 166 +++++++++++++++++++++++++++++++++++++++ libmp3splt.spec | 40 ++++++---- ltdl.patch | 18 ++--- 3 files changed, 201 insertions(+), 23 deletions(-) --- diff --git a/libmp3splt.spec b/libmp3splt.spec index 4c3b639..f72befe 100644 --- a/libmp3splt.spec +++ b/libmp3splt.spec @@ -6,22 +6,26 @@ Summary: Libraries for the mp3splt project Summary(pl.UTF-8): Biblioteki do projektu mp3splt Name: libmp3splt -Version: 0.6.1a -Release: 3 +Version: 0.9.0 +Release: 1 License: GPL v2 Group: Libraries Source0: http://downloads.sourceforge.net/mp3splt/%{name}-%{version}.tar.gz -# Source0-md5: a6a00d83e49adf27abb7a0cb0ea384a4 +# Source0-md5: b9b9677ababf823e0739e5caff68aa86 Patch0: ltdl.patch +Patch1: %{name}-format_security.patch URL: http://mp3splt.sourceforge.net/ -BuildRequires: autoconf +BuildRequires: autoconf >= 2.62 BuildRequires: automake -BuildRequires: gettext-devel +BuildRequires: flac-devel >= 1.2.1 +BuildRequires: gettext-devel >= 0.18.3 BuildRequires: libid3tag-devel +BuildRequires: libltdl-devel BuildRequires: libmad-devel BuildRequires: libtool -BuildRequires: libltdl-devel BuildRequires: libvorbis-devel +BuildRequires: pcre-devel >= 1.0 +BuildRequires: pkgconfig %if %{with apidocs} BuildRequires: doxygen BuildRequires: graphviz @@ -93,6 +97,7 @@ Dokumentacja API biblioteki libmp3splt. %prep %setup -q %patch0 -p1 +%patch1 -p1 sed -i -e 's/fr_FR/fr/;s/de_DE/de/;' po/LINGUAS mv po/de_DE.po po/de.po mv po/fr_FR.po po/fr.po @@ -105,6 +110,11 @@ mv po/fr_FR.po po/fr.po %{__autoheader} %{__automake} %configure \ + --enable-flac \ + --enable-id3tag \ + --enable-mp3 \ + --enable-ogg \ + --enable-pcre \ --with-ltdl-lib=%{_libdir} \ --with-ltdl-include=%{_includedir} \ %{!?with_static_libs:--disable-static} @@ -120,9 +130,10 @@ rm -rf $RPM_BUILD_ROOT %{__make} install \ DESTDIR=$RPM_BUILD_ROOT -%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/*.{a,la} +%{__rm} $RPM_BUILD_ROOT%{_libdir}/libmp3splt0/*.{a,la} +%{__rm} -r $RPM_BUILD_ROOT%{_docdir} -%find_lang %{name} +%find_lang libmp3splt0 %clean rm -rf $RPM_BUILD_ROOT @@ -130,21 +141,22 @@ rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig -%files -f %{name}.lang +%files -f libmp3splt0.lang %defattr(644,root,root,755) %doc AUTHORS ChangeLog NEWS README TODO %attr(755,root,root) %{_libdir}/libmp3splt.so.*.*.* %attr(755,root,root) %ghost %{_libdir}/libmp3splt.so.0 -%dir %{_libdir}/%{name} -%attr(755,root,root) %{_libdir}/%{name}/libsplt_mp3.so -%attr(755,root,root) %{_libdir}/%{name}/libsplt_ogg.so +%dir %{_libdir}/libmp3splt0 +%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_flac.so +%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_mp3.so +%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_ogg.so %files devel %defattr(644,root,root,755) %{_libdir}/libmp3splt.so %{_libdir}/libmp3splt.la %{_includedir}/libmp3splt -%{_aclocaldir}/mp3splt.m4 +%{_pkgconfigdir}/libmp3splt.pc %if %{with static_libs} %files static @@ -155,5 +167,5 @@ rm -rf $RPM_BUILD_ROOT %if %{with apidocs} %files apidocs %defattr(644,root,root,755) -%doc doc/html/* +%doc doc/doxygen/* %endif diff --git a/libmp3splt-format_security.patch b/libmp3splt-format_security.patch new file mode 100644 index 0000000..da1196e --- /dev/null +++ b/libmp3splt-format_security.patch @@ -0,0 +1,166 @@ +diff -urN libmp3splt-0.9.0.orig/src/oformat_parser.c libmp3splt-0.9.0/src/oformat_parser.c +--- libmp3splt-0.9.0.orig/src/oformat_parser.c 2014-03-22 23:25:22.076480090 +0100 ++++ libmp3splt-0.9.0/src/oformat_parser.c 2014-03-22 23:30:02.099814984 +0100 +@@ -533,7 +533,7 @@ + int max_number_of_digits = splt_u_get_requested_num_of_digits(state, + state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE); + +- snprintf(temp + offset, temp_len, format); ++ snprintf(temp + offset, temp_len, "%s", format); + + fm_length = strlen(temp) + 1 + max_number_of_digits; + if ((fm = malloc(fm_length * sizeof(char))) == NULL) +@@ -563,7 +563,7 @@ + // + if (artist_or_performer != NULL) + { +- snprintf(temp+2,temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); + + int artist_length = 0; + artist_length = strlen(artist_or_performer); +@@ -571,7 +571,7 @@ + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -591,7 +591,7 @@ + } + else + { +- snprintf(fm, fm_length, temp); ++ snprintf(fm, fm_length, "%s", temp); + } + + break; +@@ -608,7 +608,7 @@ + // + if (artist != NULL) + { +- snprintf(temp+2,temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); + + int artist_length = 0; + artist_length = strlen(artist); +@@ -616,7 +616,7 @@ + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -636,7 +636,7 @@ + } + else + { +- snprintf(fm, fm_length, temp); ++ snprintf(fm, fm_length, "%s", temp); + } + break; + case 'b': +@@ -654,13 +654,13 @@ + { + int album_length = 0; + album_length = strlen(album); +- snprintf(temp+2, temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + album_length + 1; + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -698,13 +698,13 @@ + { + int genre_length = 0; + genre_length = strlen(genre); +- snprintf(temp+2, temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + genre_length + 1; + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -742,13 +742,13 @@ + { + int title_length = 0; + title_length = strlen(title); +- snprintf(temp+2, temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + title_length + 1; + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -768,7 +768,7 @@ + } + else + { +- snprintf(fm, fm_length, temp); ++ snprintf(fm, fm_length, "%s", temp); + } + break; + case 'p': +@@ -786,13 +786,13 @@ + { + int performer_length = 0; + performer_length = strlen(performer); +- snprintf(temp+2, temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + performer_length + 1; + } + else + { +- snprintf(temp,temp_len, state->oformat.format[i]+2); ++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); + fm_length = strlen(temp) + 1; + } + +@@ -811,7 +811,7 @@ + } + else + { +- snprintf(fm, fm_length, temp); ++ snprintf(fm, fm_length, "%s", temp); + } + break; + case 'l': +@@ -861,7 +861,7 @@ + const char *format = + splt_u_get_format_ptr(state->oformat.format[i], temp, NULL); + +- snprintf(temp + 4, temp_len, format + 2); ++ snprintf(temp + 4, temp_len, "%s", format + 2); + fm_length = strlen(temp) + 1 + max_num_of_digits; + } + else +@@ -902,7 +902,7 @@ + original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state))); + if (original_filename) + { +- snprintf(temp+2,temp_len, state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); + + splt_su_cut_extension(original_filename); + diff --git a/ltdl.patch b/ltdl.patch index fd32b62..d2f2da1 100644 --- a/ltdl.patch +++ b/ltdl.patch @@ -3,20 +3,20 @@ @@ -103,8 +103,8 @@ static int splt_p_filter_plugin_files(co #ifndef __WIN32__ - //gnu/linux .so.0 -- p_end = strstr(file, ".so.0"); -- if (p_end != NULL && (p_start == p_end) && (*(p_end+5) == '\0')) -+ p_end = strstr(file, ".so"); -+ if (p_end != NULL && (p_start == p_end) && (*(p_end+3) == '\0')) - { - return 1; - } + //gnu/linux .so.0 +- p_end = strstr(file, ".so.0"); +- if (p_end != NULL && (p_start == p_end) && (*(p_end+5) == '\0')) ++ p_end = strstr(file, ".so"); ++ if (p_end != NULL && (p_start == p_end) && (*(p_end+3) == '\0')) + { + return 1; + } --- libmp3splt-0.6.1a/plugins/Makefile.am.wiget 2011-03-15 11:34:11.244527716 +0100 +++ libmp3splt-0.6.1a/plugins/Makefile.am 2011-03-15 11:34:41.346369612 +0100 @@ -5,7 +5,7 @@ plugin_LTLIBRARIES = #ccommon_LDFLAGS = -module -export-dynamic -avoid-version common_CPPFLAGS = -I$(top_srcdir)/include/libmp3splt -I$(top_srcdir)/src - common_LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/lib \ + common_LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs \ - -no-undefined -lm -lmp3splt @LIBINTL@ + -no-undefined -avoid-version -lm -lmp3splt @LIBINTL@ ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/libmp3splt.git/commitdiff/46b9ce1e2f69e6320abebdee0a98da9dd7366f47 _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit