packages: mpg123/mpg123.spec, mpg123/mpg123-nul-overrun.patch (NEW) - added...

qboosh qboosh at pld-linux.org
Sun Oct 3 10:01:21 CEST 2010 

Author: qboosh                       Date: Sun Oct  3 08:01:21 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- added nul-overrun patch (avoid crash on ID3v2 tags with embedded NUL)
- dropped no longer recognized configure option
- release 2

---- Files affected:
packages/mpg123:
   mpg123.spec (1.109 -> 1.110) , mpg123-nul-overrun.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/mpg123/mpg123.spec
diff -u packages/mpg123/mpg123.spec:1.109 packages/mpg123/mpg123.spec:1.110
--- packages/mpg123/mpg123.spec:1.109	Sun Sep 19 09:59:21 2010
+++ packages/mpg123/mpg123.spec	Sun Oct  3 10:01:13 2010
@@ -23,7 +23,7 @@
 Summary(uk.UTF-8):	Програвач MPEG аудіофайлів
 Name:		mpg123
 Version:	1.12.4
-Release:	1
+Release:	2
 # some old parts are GPLed, but they are not included in package
 License:	LGPL v2.1
 Group:		Applications/Sound
@@ -31,6 +31,7 @@
 # Source0-md5:	256ab49b228b334d18377e8485840391
 Patch0:		%{name}-am.patch
 Patch1:		%{name}-no-la.patch
+Patch2:		%{name}-nul-overrun.patch
 URL:		http://www.mpg123.de/
 %{?with_openal:BuildRequires:	OpenAL-devel}
 %{?with_sdl:BuildRequires:	SDL-devel >= 1.2.11}
@@ -234,6 +235,7 @@
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 %{__libtoolize}
@@ -243,7 +245,6 @@
 %{__automake}
 # select "0" optimization, which doesn't add any -O to CFLAGS
 %configure \
-	--disable-ltdl-install \
 	--enable-modules \
 	--enable-static \
 	--with-audio=%{?with_alsa:alsa,}oss%{?with_esd:,esd}%{?with_jack:,jack}%{?with_portaudio:,portaudio}%{?with_pulseaudio:,pulse}%{?with_sdl:,sdl}%{?with_nas:,nas}%{?with_arts:,arts}%{?with_openal:,openal} \
@@ -355,6 +356,11 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.110  2010/10/03 08:01:13  qboosh
+- added nul-overrun patch (avoid crash on ID3v2 tags with embedded NUL)
+- dropped no longer recognized configure option
+- release 2
+
 Revision 1.109  2010/09/19 07:59:21  witekfl
 - 1.12.4
 - there is a chdir in list_modules. I don't know if change it to full paths

================================================================
Index: packages/mpg123/mpg123-nul-overrun.patch
diff -u /dev/null packages/mpg123/mpg123-nul-overrun.patch:1.1
--- /dev/null	Sun Oct  3 10:01:21 2010
+++ packages/mpg123/mpg123-nul-overrun.patch	Sun Oct  3 10:01:13 2010
@@ -0,0 +1,12 @@
+Don't overrun output buffer in utf8_ascii() if source string contains embedded NUL
+--- mpg123-1.12.4/src/metaprint.c.orig	2010-08-22 14:09:17.000000000 +0200
++++ mpg123-1.12.4/src/metaprint.c	2010-10-03 09:39:15.851740205 +0200
+@@ -335,7 +335,7 @@
+ 	if(!mpg123_resize_string(dest, dlen+1)){ mpg123_free_string(dest); return; }
+ 	/* Just ASCII, we take it easy. */
+ 	p = dest->p;
+-	for(spos=0; spos < source->fill; ++spos)
++	for(spos=0; (spos < source->fill) && (source->p[spos] != 0); ++spos)
+ 	{
+ 		/* UTF-8 continuation byte 0x10?????? */
+ 		if((source->p[spos] & 0xc0) == 0x80) continue;
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/mpg123/mpg123.spec?r1=1.109&r2=1.110&f=u

More information about the pld-cvs-commit mailing list