[packages/libmp3splt] - up to 0.9.0 - updated BRs - library renamed to include soname - patch for format security errors
atler
atler at pld-linux.org
Sun Mar 23 12:28:13 CET 2014
commit 46b9ce1e2f69e6320abebdee0a98da9dd7366f47
Author: Jan Palus <jan.palus at gmail.com>
Date: Sun Mar 23 12:23:39 2014 +0100
- up to 0.9.0
- updated BRs
- library renamed to include soname
- patch for format security errors
libmp3splt-format_security.patch | 166 +++++++++++++++++++++++++++++++++++++++
libmp3splt.spec | 40 ++++++----
ltdl.patch | 18 ++---
3 files changed, 201 insertions(+), 23 deletions(-)
---
diff --git a/libmp3splt.spec b/libmp3splt.spec
index 4c3b639..f72befe 100644
--- a/libmp3splt.spec
+++ b/libmp3splt.spec
@@ -6,22 +6,26 @@
Summary: Libraries for the mp3splt project
Summary(pl.UTF-8): Biblioteki do projektu mp3splt
Name: libmp3splt
-Version: 0.6.1a
-Release: 3
+Version: 0.9.0
+Release: 1
License: GPL v2
Group: Libraries
Source0: http://downloads.sourceforge.net/mp3splt/%{name}-%{version}.tar.gz
-# Source0-md5: a6a00d83e49adf27abb7a0cb0ea384a4
+# Source0-md5: b9b9677ababf823e0739e5caff68aa86
Patch0: ltdl.patch
+Patch1: %{name}-format_security.patch
URL: http://mp3splt.sourceforge.net/
-BuildRequires: autoconf
+BuildRequires: autoconf >= 2.62
BuildRequires: automake
-BuildRequires: gettext-devel
+BuildRequires: flac-devel >= 1.2.1
+BuildRequires: gettext-devel >= 0.18.3
BuildRequires: libid3tag-devel
+BuildRequires: libltdl-devel
BuildRequires: libmad-devel
BuildRequires: libtool
-BuildRequires: libltdl-devel
BuildRequires: libvorbis-devel
+BuildRequires: pcre-devel >= 1.0
+BuildRequires: pkgconfig
%if %{with apidocs}
BuildRequires: doxygen
BuildRequires: graphviz
@@ -93,6 +97,7 @@ Dokumentacja API biblioteki libmp3splt.
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
sed -i -e 's/fr_FR/fr/;s/de_DE/de/;' po/LINGUAS
mv po/de_DE.po po/de.po
mv po/fr_FR.po po/fr.po
@@ -105,6 +110,11 @@ mv po/fr_FR.po po/fr.po
%{__autoheader}
%{__automake}
%configure \
+ --enable-flac \
+ --enable-id3tag \
+ --enable-mp3 \
+ --enable-ogg \
+ --enable-pcre \
--with-ltdl-lib=%{_libdir} \
--with-ltdl-include=%{_includedir} \
%{!?with_static_libs:--disable-static}
@@ -120,9 +130,10 @@ rm -rf $RPM_BUILD_ROOT
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
-%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/*.{a,la}
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libmp3splt0/*.{a,la}
+%{__rm} -r $RPM_BUILD_ROOT%{_docdir}
-%find_lang %{name}
+%find_lang libmp3splt0
%clean
rm -rf $RPM_BUILD_ROOT
@@ -130,21 +141,22 @@ rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
-%files -f %{name}.lang
+%files -f libmp3splt0.lang
%defattr(644,root,root,755)
%doc AUTHORS ChangeLog NEWS README TODO
%attr(755,root,root) %{_libdir}/libmp3splt.so.*.*.*
%attr(755,root,root) %ghost %{_libdir}/libmp3splt.so.0
-%dir %{_libdir}/%{name}
-%attr(755,root,root) %{_libdir}/%{name}/libsplt_mp3.so
-%attr(755,root,root) %{_libdir}/%{name}/libsplt_ogg.so
+%dir %{_libdir}/libmp3splt0
+%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_flac.so
+%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_mp3.so
+%attr(755,root,root) %{_libdir}/libmp3splt0/libsplt_ogg.so
%files devel
%defattr(644,root,root,755)
%{_libdir}/libmp3splt.so
%{_libdir}/libmp3splt.la
%{_includedir}/libmp3splt
-%{_aclocaldir}/mp3splt.m4
+%{_pkgconfigdir}/libmp3splt.pc
%if %{with static_libs}
%files static
@@ -155,5 +167,5 @@ rm -rf $RPM_BUILD_ROOT
%if %{with apidocs}
%files apidocs
%defattr(644,root,root,755)
-%doc doc/html/*
+%doc doc/doxygen/*
%endif
diff --git a/libmp3splt-format_security.patch b/libmp3splt-format_security.patch
new file mode 100644
index 0000000..da1196e
--- /dev/null
+++ b/libmp3splt-format_security.patch
@@ -0,0 +1,166 @@
+diff -urN libmp3splt-0.9.0.orig/src/oformat_parser.c libmp3splt-0.9.0/src/oformat_parser.c
+--- libmp3splt-0.9.0.orig/src/oformat_parser.c 2014-03-22 23:25:22.076480090 +0100
++++ libmp3splt-0.9.0/src/oformat_parser.c 2014-03-22 23:30:02.099814984 +0100
+@@ -533,7 +533,7 @@
+ int max_number_of_digits = splt_u_get_requested_num_of_digits(state,
+ state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE);
+
+- snprintf(temp + offset, temp_len, format);
++ snprintf(temp + offset, temp_len, "%s", format);
+
+ fm_length = strlen(temp) + 1 + max_number_of_digits;
+ if ((fm = malloc(fm_length * sizeof(char))) == NULL)
+@@ -563,7 +563,7 @@
+ //
+ if (artist_or_performer != NULL)
+ {
+- snprintf(temp+2,temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
+
+ int artist_length = 0;
+ artist_length = strlen(artist_or_performer);
+@@ -571,7 +571,7 @@
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -591,7 +591,7 @@
+ }
+ else
+ {
+- snprintf(fm, fm_length, temp);
++ snprintf(fm, fm_length, "%s", temp);
+ }
+
+ break;
+@@ -608,7 +608,7 @@
+ //
+ if (artist != NULL)
+ {
+- snprintf(temp+2,temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
+
+ int artist_length = 0;
+ artist_length = strlen(artist);
+@@ -616,7 +616,7 @@
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -636,7 +636,7 @@
+ }
+ else
+ {
+- snprintf(fm, fm_length, temp);
++ snprintf(fm, fm_length, "%s", temp);
+ }
+ break;
+ case 'b':
+@@ -654,13 +654,13 @@
+ {
+ int album_length = 0;
+ album_length = strlen(album);
+- snprintf(temp+2, temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + album_length + 1;
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -698,13 +698,13 @@
+ {
+ int genre_length = 0;
+ genre_length = strlen(genre);
+- snprintf(temp+2, temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + genre_length + 1;
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -742,13 +742,13 @@
+ {
+ int title_length = 0;
+ title_length = strlen(title);
+- snprintf(temp+2, temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + title_length + 1;
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -768,7 +768,7 @@
+ }
+ else
+ {
+- snprintf(fm, fm_length, temp);
++ snprintf(fm, fm_length, "%s", temp);
+ }
+ break;
+ case 'p':
+@@ -786,13 +786,13 @@
+ {
+ int performer_length = 0;
+ performer_length = strlen(performer);
+- snprintf(temp+2, temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + performer_length + 1;
+ }
+ else
+ {
+- snprintf(temp,temp_len, state->oformat.format[i]+2);
++ snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
+ fm_length = strlen(temp) + 1;
+ }
+
+@@ -811,7 +811,7 @@
+ }
+ else
+ {
+- snprintf(fm, fm_length, temp);
++ snprintf(fm, fm_length, "%s", temp);
+ }
+ break;
+ case 'l':
+@@ -861,7 +861,7 @@
+ const char *format =
+ splt_u_get_format_ptr(state->oformat.format[i], temp, NULL);
+
+- snprintf(temp + 4, temp_len, format + 2);
++ snprintf(temp + 4, temp_len, "%s", format + 2);
+ fm_length = strlen(temp) + 1 + max_num_of_digits;
+ }
+ else
+@@ -902,7 +902,7 @@
+ original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state)));
+ if (original_filename)
+ {
+- snprintf(temp+2,temp_len, state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
+
+ splt_su_cut_extension(original_filename);
+
diff --git a/ltdl.patch b/ltdl.patch
index fd32b62..d2f2da1 100644
--- a/ltdl.patch
+++ b/ltdl.patch
@@ -3,20 +3,20 @@
@@ -103,8 +103,8 @@ static int splt_p_filter_plugin_files(co
#ifndef __WIN32__
- //gnu/linux .so.0
-- p_end = strstr(file, ".so.0");
-- if (p_end != NULL && (p_start == p_end) && (*(p_end+5) == '\0'))
-+ p_end = strstr(file, ".so");
-+ if (p_end != NULL && (p_start == p_end) && (*(p_end+3) == '\0'))
- {
- return 1;
- }
+ //gnu/linux .so.0
+- p_end = strstr(file, ".so.0");
+- if (p_end != NULL && (p_start == p_end) && (*(p_end+5) == '\0'))
++ p_end = strstr(file, ".so");
++ if (p_end != NULL && (p_start == p_end) && (*(p_end+3) == '\0'))
+ {
+ return 1;
+ }
--- libmp3splt-0.6.1a/plugins/Makefile.am.wiget 2011-03-15 11:34:11.244527716 +0100
+++ libmp3splt-0.6.1a/plugins/Makefile.am 2011-03-15 11:34:41.346369612 +0100
@@ -5,7 +5,7 @@ plugin_LTLIBRARIES =
#ccommon_LDFLAGS = -module -export-dynamic -avoid-version
common_CPPFLAGS = -I$(top_srcdir)/include/libmp3splt -I$(top_srcdir)/src
- common_LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/lib \
+ common_LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs \
- -no-undefined -lm -lmp3splt @LIBINTL@
+ -no-undefined -avoid-version -lm -lmp3splt @LIBINTL@
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/libmp3splt.git/commitdiff/46b9ce1e2f69e6320abebdee0a98da9dd7366f47
More information about the pld-cvs-commit
mailing list