-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libid3tag: modernize build and pull patches from Debian, Fedora, Gentoo.
Consider moving to upstream fork https://codeberg.org/tenacityteam/libid3tag which is used by Fedora and Gentoo. Need to wait for SONAME fix first: https://codeberg.org/tenacityteam/libid3tag/issues/5 Should fix #998
- Loading branch information
Showing
2 changed files
with
98 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,20 +1,40 @@ | ||
| Package: libid3tag | ||
| Version: 0.15.1b | ||
| Revision: 5 | ||
| Revision: 6 | ||
| Depends: %N-shlibs (= %v-%r) | ||
| BuildDepends: libgettext8-dev, gettext-bin, gettext-tools, fink (>= 0.24.12) | ||
| BuildDepends: << | ||
| autoconf2.6, | ||
| fink (>= 0.32), | ||
| fink-package-precedence, | ||
| gettext-bin, | ||
| gettext-tools, | ||
| libgettext8-dev, | ||
| libtool2 | ||
| << | ||
| Replaces: mad | ||
| Maintainer: None <[email protected]> | ||
| Source: mirror:sourceforge:mad/%n-%v.tar.gz | ||
| Source-Checksum: SHA256(63da4f6e7997278f8a3fef4c6a372d342f705051d1eeb6a46a86b03610e26151) | ||
| Source2: mirror:debian:pool/main/libi/libid3tag/libid3tag_%v-14.debian.tar.xz | ||
| Source2-Checksum: SHA256(f174cafe02bef25a9ad8cb7f9ce80119147297a7036f50878e85ac0d7ae09c62) | ||
| UpdateConfigGuess: true | ||
| PatchFile: %n.patch | ||
| PatchFile-MD5: d6a8f96f7d17df32197d9fda168f653f | ||
| PatchFile-MD5: 2ce6285f81f4e693039c10ecff4e9e51 | ||
| SetCFLAGS: -MD | ||
| PatchScript: << | ||
| %{default_script} | ||
| perl -pi.bak -e 's,-flat_namespace -undefined suppress,-twolevel_namespace -undefined error,g' configure && perl -pi.bak -e 's,FINK_PREFIX,%p,g' id3tag.pc | ||
| %{default_script} | ||
| patch -p1 < ../debian/patches/10_a_capella.dpatch | ||
| patch -p1 < ../debian/patches/10_utf16.dpatch | ||
| patch -p1 < ../debian/patches/11_unknown_encoding.dpatch | ||
| patch -p1 < ../debian/patches/add-m4-directory.patch | ||
| patch -p1 < ../debian/patches/gperf_size_t.patch | ||
| autoreconf -vfi | ||
| perl -pi.bak -e 's,FINK_PREFIX,%p,g' id3tag.pc | ||
| << | ||
| InstallScript: << | ||
| make install DESTDIR=%d && mkdir -p %i/lib/pkgconfig && mv id3tag.pc %i/lib/pkgconfig/ | ||
| fink-package-precedence --prohibit-bdep %n . | ||
| make install DESTDIR=%d | ||
| mkdir -p %i/lib/pkgconfig && mv id3tag.pc %i/lib/pkgconfig/ | ||
| << | ||
|
|
||
| DocFiles: CHANGES COPYING COPYRIGHT CREDITS README TODO VERSION | ||
|
|
@@ -33,5 +53,15 @@ DescDetail: << | |
| libid3tag is a library for reading and (eventually) writing | ||
| ID3 tags, both ID3v1 and the various versions of ID3v2. | ||
| << | ||
| DescPackaging: << | ||
| * Use Debian's patches. | ||
| * Gentoo's patch from possible revived 'upstream' for CVE-2017-11550, CVE-2017-11551 | ||
| causes a conflicting types error in compat.c generated files, so only use part of it. | ||
| https://bugs.gentoo.org/626698 | ||
| https://codeberg.org/tenacityteam/libid3tag/pulls/7 | ||
| * 'Upstream' patch for CVE2008-05-05 | ||
| * Fedora patches not already in Debian's list | ||
| https://src.fedoraproject.org/rpms/libid3tag/tree/f37 | ||
| << | ||
| License: GPL | ||
| Homepage: http://www.underbit.com/products/mad/ | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -13,3 +13,65 @@ diff -Naur libid3tag-0.15.0b-old/id3tag.pc libid3tag-0.15.0b/id3tag.pc | |
| +Version: 0.15.0b | ||
| +Libs: -L${libdir} -lid3tag -lm | ||
| +Cflags: -I${includedir} | ||
| From 8bfecd7e1ec8919cad3c7fe08ef83a2c9cbd1f92 Mon Sep 17 00:00:00 2001 | ||
| From: Michael Moon <[email protected]> | ||
| Date: Thu, 7 Oct 2021 12:29:53 +0800 | ||
| Subject: [PATCH 2/2] Add a sanity check to id3_ucs4_length. Issue #6 | ||
|
|
||
| Signed-off-by: Michael Moon <[email protected]> | ||
| --- | ||
| ucs4.c | 3 +++ | ||
| 1 file changed, 3 insertions(+) | ||
|
|
||
| diff --git a/ucs4.c b/ucs4.c | ||
| index f55f159..9d2e02b 100644 | ||
| --- a/ucs4.c | ||
| +++ b/ucs4.c | ||
| @@ -37,6 +37,9 @@ id3_ucs4_t const id3_ucs4_empty[] = { 0 }; | ||
| */ | ||
| id3_length_t id3_ucs4_length(id3_ucs4_t const *ucs4) | ||
| { | ||
| + if (!ucs4) | ||
| + return 0; | ||
| + | ||
| id3_ucs4_t const *ptr = ucs4; | ||
|
|
||
| while (*ptr) | ||
| -- | ||
| 2.30.8 | ||
|
|
||
| From 468a863f1da1d5b48e18bb409eb932d765dfcd68 Mon Sep 17 00:00:00 2001 | ||
| From: Be <[email protected]> | ||
| Date: Thu, 12 Aug 2021 12:10:42 -0500 | ||
| Subject: [PATCH] apply patch for CVE 2008-05-05 | ||
|
|
||
| --- | ||
| field.c | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/field.c b/field.c | ||
| index f2ecc0f..24856c6 100644 | ||
| --- a/field.c | ||
| +++ b/field.c | ||
| @@ -291,7 +291,7 @@ int id3_field_parse(union id3_field *field, id3_byte_t const **ptr, | ||
|
|
||
| end = *ptr + length; | ||
|
|
||
| - while (end - *ptr > 0) { | ||
| + while (end - *ptr > 0 && **ptr != '\0') { | ||
| ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0); | ||
| if (ucs4 == 0) | ||
| goto fail; | ||
|
|
||
| From Fedora libid3tag-0.15.1b-id3v2-endless-loop.patch | ||
| --- a/utf16.c 2005-01-07 12:35:28.622883237 +0100 | ||
| +++ b/utf16.c 2005-01-07 12:35:36.603673548 +0100 | ||
| @@ -250,6 +250,8 @@ | ||
| id3_ucs4_t *ucs4; | ||
|
|
||
| end = *ptr + (length & ~1); | ||
| + if (end == *ptr) | ||
| + return 0; | ||
|
|
||
| utf16 = malloc((length / 2 + 1) * sizeof(*utf16)); | ||
| if (utf16 == 0) | ||