gentoo resync : 13.06.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-06-13 10:39:22 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2020-06-13 10:39:22 +0100
commit: 9452a6e87b6c2c70513bc47a2470bf9f1168920e (patch)
tree: 8ac67e26b45f34d71c5aab3621813b100a0d5f00 /media-sound/mpg321
parent: f516638b7fe9592837389826a6152a7e1b251c54 (diff)
5 files changed, 118 insertions, 7 deletions
diff --git a/media-sound/mpg321/Manifest b/media-sound/mpg321/Manifest
index a3f4705b3fd1..6f7e606c69c8 100644
--- a/media-sound/mpg321/Manifest
+++ b/media-sound/mpg321/Manifest
@@ -1,5 +1,7 @@
 AUX mpg321-0.2.12-check-for-lround.patch 670 BLAKE2B e41184968df73dbb3eef1b6149cd569bc40590d5bd1262ede84356ad975498db3533f443aede6afc0c223650cd3e8fd877bceb702c6e645cafef45eb7e273b6d SHA512 391a98bdf102d3016e98005ddc84b6b303e1fd5653ddcaa13cda0b09b84952bee99f3ebbb6ad763a21965c47692a7011e167b7f990cea760ecf88dbaa34de3a2
-AUX mpg321-0.3.2-format-security.patch 1188 BLAKE2B 31ce7e13160c48c53ebb1010a069d0fe6693fab58e12c525dbf3fea6c294bb1f26be703143cd9a3ce10808238017a41f49c8e53ad2029c80d1ad5f346a98690a SHA512 2296934348c898704558f2dac9b7cbd90126d58804df834540688d0c3b35231f488aed036cec200464309cddc2c1adf43759ce87e99d5c370527c552b8e59089
+AUX mpg321-0.3.2-CVE-2019-14247.patch 931 BLAKE2B 5ef376d165a61771241389a9c165be2845dddb0584aad59d1b518ea7e53160d0a3b1f7ec266831220eb1da5082b1c57141ff9f16299a883bd464e1d3395ef560 SHA512 7b14627ae09ed3ccbcb0ecc58ef8f91ef1244fecb1cd3da82f64214fb5237fb4664203f39c92b700abec0e7dd4be78eb863fa3c00313a8a2ebfb0f0c80462108
+AUX mpg321-0.3.2-format-security.patch 1154 BLAKE2B be54674f59b5f98118573828b73942fc7f312e02058e358b3c853318021e30cd5062721c568e83317504770c9f44c052289c32007822a7d99a30df7cef20afc3 SHA512 4184e415f7338d35e2169d663ef24d2d4c0acfc7fac9dc40e184538aaf1c6aaaddd3adce6f54755043dc94b0ee90f74fe287abf6c010f677639dd58b814a4fd1
+AUX mpg321-0.3.2-gcc10.patch 2218 BLAKE2B b78e85d6ec04b6b76471bfe48df31ebd312d97c938f30b823f364dffcfa9101ac2033c4710173902fb42767d664f1bc89e0401b725084a062a35d89a01d14cbd SHA512 079cec28a4ce9aa54a7952e548d24804c266e397b2109eb7cbc42396b88a7f6e4ba5112219d645972d293e90ba12e5f696d606c803cff9225888cac1ba0cea79
 DIST mpg321-0.3.2.tar.gz 151139 BLAKE2B d1b043316aca07e61ab61698f1d9e56fd221c4024e69b5262906b280dcb4f67bd32f3ff72b1758ba26cc0fa7d1c5c4052fc6fc87ae9ceec9d0bf77b1d35a868f SHA512 f1bead2c11e4cde0f1a87e1b2e3d216ef80c9a5dd8b219841961688d44a5fc63a54b7af07359766fde0b2712ddc5d0a90b20149c3228cb2d70e830e15c8ab234
-EBUILD mpg321-0.3.2.ebuild 1178 BLAKE2B 62c2113d9085a05ead8a85749bcbce1f69c3e6ab8180f59c331a8ac0c63a295cf2e16a02275b274f22da6d3e1576c7a85c0b9f70818d3338f2e3a965f54e284f SHA512 9a2627399596fbf341e340361eb670b7757b49d2d1e3c7b1ace0a89acf112d857886042f0facd9e8d6cafd6c6fdd1e2e876da73fd66584ca051bd815c253ac23
+EBUILD mpg321-0.3.2.ebuild 1263 BLAKE2B 7638dc346137e269e038217499a25538151a63b6a71639fe762bed5af19ddd71f6801ff7f95ef8c50d36afa4b74b6554a30b9ebc916b4cdd7aacd78d005b2ddf SHA512 08aad7e63cd5e125843e619c70c1902c16feba7453cee8bf9a9371f63690b70ec2d983d6f7792b7e4f95e858923fa015889772b9db8919ee2b0924ca3d0849f8
 MISC metadata.xml 329 BLAKE2B d54fd85110b067a080ba1be242f8ee2e5c76b503e7fd6852fba8b1af20873244666fe5d46a1cbdce2a555c44dd057e99801f7974ceac78076c0189976c125960 SHA512 7f66ba87cde258577f41f82b9056b613d1da1741a3dbefe2185562549cf53050d5073b24f07f2b7de25f06b55cdde55653cb8de03d97806a2c47224b8e100764
diff --git a/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
new file mode 100644
index 000000000000..ff8aea8f8e7d
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
@@ -0,0 +1,20 @@
+Description: Handle illegal bitrate value
+Author: Chrysostomos Nanakos <cnanakos@debian.org>
+Bug-Debian: https://bugs.debian.org/870406
+Bug-Debian: https://bugs.debian.org/887057
+
+--- mpg321-0.3.2.orig/mad.c
++++ mpg321-0.3.2/mad.c
+@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len,
+ 
+     if (!is_vbr)
+     {
++	if (header.bitrate <= 0)                                                
++        {                                                                       
++            fprintf(stderr, "Illegal bit allocation value\n");                                                                              
++            return;                                                             
++        }    
++
+         double time = (len * 8.0) / (header.bitrate); /* time in seconds */
+         double timefrac = (double)time - ((long)(time));
+         long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */
diff --git a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
index 732ca2c60225..c93d8d796dc8 100644
--- a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
+++ b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
@@ -1,5 +1,5 @@
---- /var/tmp/portage/media-sound/mpg321-0.3.2/work/mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
-+++ /tmp/mpg321.c	2015-08-12 23:34:20.395331151 +0200
+--- mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
++++ mpg321-0.3.2-orig/mpg321.c	2015-08-12 23:34:20.395331151 +0200
 @@ -183,7 +183,7 @@
  				else{
  #endif					
diff --git a/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
new file mode 100644
index 000000000000..8966d9f7c8d0
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
@@ -0,0 +1,83 @@
+From f930c3b81bdf9c05152fb005562b3869f6e36f34 Mon Sep 17 00:00:00 2001
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Thu, 4 Jun 2020 20:41:25 +0300
+Subject: [PATCH] Fix GCC10 compilation
+
+---
+ mpg321.c |  8 ++++++++
+ mpg321.h | 16 ++++++++--------
+ 2 files changed, 16 insertions(+), 8 deletions(-)
+
+diff --git a/mpg321.c b/mpg321.c
+index 19282bb..663882e 100644
+--- a/mpg321.c
++++ b/mpg321.c
+@@ -63,6 +63,14 @@
+ #include <pthread.h>
+ #include <semaphore.h>
+ 
++output_frame *Output_Queue;
++decoded_frames *Decoded_Frames;
++int semarray;
++int mad_decoder_position;
++int output_buffer_position;
++double real[FFT_BUFFER_SIZE];
++double imag[FFT_BUFFER_SIZE];
++int loop_remaining;
+ 
+ int pflag = 0;
+ int volume = 0;
+diff --git a/mpg321.h b/mpg321.h
+index 798bff0..235cf4a 100644
+--- a/mpg321.h
++++ b/mpg321.h
+@@ -116,7 +116,7 @@ extern char *playlist_file;
+ extern int quit_now;
+ extern char remote_input_buf[PATH_MAX + 5];
+ extern int file_change;
+-int loop_remaining;
++extern int loop_remaining;
+ 
+ extern int status;
+ extern int scrobbler_time;
+@@ -233,8 +233,8 @@ RETSIGTYPE handle_sigchld(int sig);
+ #define FFT_BUFFER_SIZE_LOG 9
+ #define FFT_BUFFER_SIZE (1 << FFT_BUFFER_SIZE_LOG) /* 512 */
+ /*Temporary data stores to perform FFT in */
+-double real[FFT_BUFFER_SIZE];
+-double imag[FFT_BUFFER_SIZE];
++extern double real[FFT_BUFFER_SIZE];
++extern double imag[FFT_BUFFER_SIZE];
+ 
+ typedef struct {
+ 	double real[FFT_BUFFER_SIZE];
+@@ -258,10 +258,10 @@ fft_state *fft_init(void);
+ /* Output buffer process */
+ void frame_buffer_p();
+ /* Semaphore array */
+-int semarray;
++extern int semarray;
+ /* Input/Output buffer position */
+-int mad_decoder_position;
+-int output_buffer_position;
++extern int mad_decoder_position;
++extern int output_buffer_position;
+ /* Output Frame including needed information */
+ typedef struct {
+ 	unsigned char data[4*1152];
+@@ -285,10 +285,10 @@ typedef struct {
+ } decoded_frames;
+ 
+ /* Output frame queue pointer */
+-output_frame *Output_Queue;
++extern output_frame *Output_Queue;
+ 
+ /* Shared total decoded frames */
+-decoded_frames *Decoded_Frames;
++extern decoded_frames *Decoded_Frames;
+ 
+ #if defined(__GNU_LIBRARY__) && !defined(_SEM_SEMUN_UNDEFINED)
+ /* */
+-- 
+2.26.2
+
diff --git a/media-sound/mpg321/mpg321-0.3.2.ebuild b/media-sound/mpg321/mpg321-0.3.2.ebuild
index 1c6cf71665a0..390abffdec04 100644
--- a/media-sound/mpg321/mpg321-0.3.2.ebuild
+++ b/media-sound/mpg321/mpg321-0.3.2.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=5
+EAPI=7
 inherit autotools eutils
 
 DESCRIPTION="A realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3"
@@ -23,9 +23,15 @@ DEPEND="${RDEPEND}"
 
 S=${WORKDIR}/${P}-orig
 
+PATCHES=(
+	"${FILESDIR}/${PN}-0.2.12-check-for-lround.patch"
+	"${FILESDIR}/${P}-format-security.patch"
+	"${FILESDIR}/${P}-CVE-2019-14247.patch"
+	"${FILESDIR}/${P}-gcc10.patch"
+)
+
 src_prepare() {
-	epatch "${FILESDIR}"/${PN}-0.2.12-check-for-lround.patch \
-		"${FILESDIR}"/${P}-format-security.patch
+	default
 	eautoreconf
 }
author	V3n3RiX <venerix@redcorelinux.org>	2020-06-13 10:39:22 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2020-06-13 10:39:22 +0100
commit	9452a6e87b6c2c70513bc47a2470bf9f1168920e (patch)
tree	8ac67e26b45f34d71c5aab3621813b100a0d5f00 /media-sound/mpg321
parent	f516638b7fe9592837389826a6152a7e1b251c54 (diff)