[gentoo-commits] repo/gentoo:master commit in: media-sound/mpg321/, media-sound/mpg321/files/

[gentoo-commits] repo/gentoo:master commit in: media-sound/mpg321/, media-sound/mpg321/files/

[Michael Weber]

commit:     b8c6db7e6b2033dc1d30bca8ba8edd8fc6f4c8c1
Author:     Michael Weber <xmw <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 12 21:39:47 2015 +0000
Commit:     Michael Weber <xmw <AT> gentoo <DOT> org>
CommitDate: Wed Aug 12 21:40:14 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b8c6db7e

media-sound/mpg321: Version bump (bug 444418), USE=alsa (bug 475620), format-security (bug 557132, thanks René Rhéaume).

Package-Manager: portage-2.2.20.1

 media-sound/mpg321/Manifest                        |  1 +
 .../files/mpg321-0.3.2-format-security.patch       | 38 ++++++++++++++++
 media-sound/mpg321/mpg321-0.3.2.ebuild             | 52 ++++++++++++++++++++++
 3 files changed, 91 insertions(+)

diff --git a/media-sound/mpg321/Manifest b/media-sound/mpg321/Manifest
index 03c5934..d4da505 100644
--- a/media-sound/mpg321/Manifest
+++ b/media-sound/mpg321/Manifest
@@ -1 +1,2 @@
 DIST mpg321-0.3.1.tar.gz 151104 SHA256 0b9c23d75a89236ade9830e0319d7e799efea9f6af262d6defda962037d65579 SHA512 77a7b975f2d31f670eb786ccb9601820945e60b19a188e7337bd2ff0237c7ee47970c27adf78cf633d4a561e89b06de3eacf9f2ec11373abcdcb75c322f19eee WHIRLPOOL 81ee33186d25fdadc288cb09cfa9a124531ac1fbe8e7c10cf748b5960f12de46d536ff7bde9fbb98979d57939fe10ad87179c193bf350dd4932731276eb330bf
+DIST mpg321-0.3.2.tar.gz 151139 SHA256 056fcc03e3f5c5021ec74bb5053d32c4a3b89b4086478dcf81adae650eac284e SHA512 f1bead2c11e4cde0f1a87e1b2e3d216ef80c9a5dd8b219841961688d44a5fc63a54b7af07359766fde0b2712ddc5d0a90b20149c3228cb2d70e830e15c8ab234 WHIRLPOOL 01db416053b2ee883aa31b98251b276a368a339f4a645cf30a066ae498eab2811be09349d04301c30393c1e9ba5804758c71db67526ca79121a24ffb47528ebb

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
new file mode 100644
index 0000000..732ca2c
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
@@ -0,0 +1,38 @@
+--- /var/tmp/portage/media-sound/mpg321-0.3.2/work/mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
++++ /tmp/mpg321.c	2015-08-12 23:34:20.395331151 +0200
+@@ -183,7 +183,7 @@
+ 				else{
+ #endif					
+ 					if(!(options.opt & MPG321_ENABLE_BUFFER))
+-						fprintf(stderr,"Volume: %ld%%      \r",volume);
++						fprintf(stderr,"Volume: %d%%      \r",volume);
+ #ifdef HAVE_ALSA
+ 				}
+ #endif
+@@ -233,7 +233,7 @@
+ 				else{
+ #endif
+ 					if(!(options.opt & MPG321_ENABLE_BUFFER))
+-						fprintf(stderr,"Volume: %ld%%      \r",volume);
++						fprintf(stderr,"Volume: %d%%      \r",volume);
+ #ifdef HAVE_ALSA
+ 				}
+ #endif
+@@ -447,7 +447,7 @@
+         {
+             if(!names[i])
+             {
+-                printf(emptystring);
++                printf("%s", emptystring);
+             }
+             
+             else
+@@ -465,7 +465,7 @@
+         for (i=0; i<=5; i++)    {
+             fprintf (stderr, "%s", info_id3[i].name);
+             if (!names[i])  {
+-                fprintf (stderr, emptystring);
++                fprintf (stderr, "%s", emptystring);
+             }   else    {
+                 fprintf (stderr, "%s", names[i]);
+                 free (names[i]);

diff --git a/media-sound/mpg321/mpg321-0.3.2.ebuild b/media-sound/mpg321/mpg321-0.3.2.ebuild
new file mode 100644
index 0000000..29744d2
--- /dev/null
+++ b/media-sound/mpg321/mpg321-0.3.2.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit autotools eutils
+
+DESCRIPTION="A realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3"
+HOMEPAGE="http://mpg321.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P/-/_}.orig.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos"
+IUSE="alsa ipv6"
+
+RDEPEND="app-eselect/eselect-mpg123
+	>=media-libs/libao-1
+	media-libs/libid3tag
+	media-libs/libmad
+	sys-libs/zlib
+	alsa? ( media-libs/alsa-lib )"
+DEPEND="${RDEPEND}"
+
+S=${WORKDIR}/${P}-orig
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-0.2.12-check-for-lround.patch \
+		"${FILESDIR}"/${P}-format-security.patch
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--disable-mpg123-symlink \
+		$(use_enable ipv6) \
+		$(use_enable alsa)
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	dodoc AUTHORS BUGS HACKING README* THANKS TODO # NEWS and ChangeLog are dead
+	mv "${ED}"/usr/bin/mpg321{,-mpg123}
+}
+
+pkg_postinst() {
+	eselect mpg123 update ifunset
+}
+
+pkg_postrm() {
+	eselect mpg123 update ifunset
+}

[gentoo-commits] repo/gentoo:master commit in: media-sound/mpg321/, media-sound/mpg321/files/

[Aaron Bauman]

commit:     33364299eee045ae5df62612a33c9c80dbbe792c
Author:     Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Thu Jun  4 17:51:17 2020 +0000
Commit:     Aaron Bauman <bman <AT> gentoo <DOT> org>
CommitDate: Sat Jun  6 01:49:13 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33364299

media-sound/mpg321: update ebuild

Applied security fix from Debian for CVE-2019-14247 (#711918), fixed
compilation on GCC10 (#706740), updated ebuild to EAPI 7.

Bug: https://bugs.gentoo.org/711918
Closes: https://bugs.gentoo.org/706740
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/16066
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org>

 .../mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch | 20 ++++++
 .../files/mpg321-0.3.2-format-security.patch       |  4 +-
 media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch  | 83 ++++++++++++++++++++++
 media-sound/mpg321/mpg321-0.3.2.ebuild             | 12 +++-
 4 files changed, 114 insertions(+), 5 deletions(-)

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
new file mode 100644
index 00000000000..ff8aea8f8e7
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
@@ -0,0 +1,20 @@
+Description: Handle illegal bitrate value
+Author: Chrysostomos Nanakos <cnanakos@debian.org>
+Bug-Debian: https://bugs.debian.org/870406
+Bug-Debian: https://bugs.debian.org/887057
+
+--- mpg321-0.3.2.orig/mad.c
++++ mpg321-0.3.2/mad.c
+@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len,
+ 
+     if (!is_vbr)
+     {
++	if (header.bitrate <= 0)                                                
++        {                                                                       
++            fprintf(stderr, "Illegal bit allocation value\n");                                                                              
++            return;                                                             
++        }    
++
+         double time = (len * 8.0) / (header.bitrate); /* time in seconds */
+         double timefrac = (double)time - ((long)(time));
+         long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
index 732ca2c6022..c93d8d796dc 100644
--- a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
+++ b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
@@ -1,5 +1,5 @@
---- /var/tmp/portage/media-sound/mpg321-0.3.2/work/mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
-+++ /tmp/mpg321.c	2015-08-12 23:34:20.395331151 +0200
+--- mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
++++ mpg321-0.3.2-orig/mpg321.c	2015-08-12 23:34:20.395331151 +0200
 @@ -183,7 +183,7 @@
  				else{
  #endif					

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
new file mode 100644
index 00000000000..8966d9f7c8d
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
@@ -0,0 +1,83 @@
+From f930c3b81bdf9c05152fb005562b3869f6e36f34 Mon Sep 17 00:00:00 2001
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Thu, 4 Jun 2020 20:41:25 +0300
+Subject: [PATCH] Fix GCC10 compilation
+
+---
+ mpg321.c |  8 ++++++++
+ mpg321.h | 16 ++++++++--------
+ 2 files changed, 16 insertions(+), 8 deletions(-)
+
+diff --git a/mpg321.c b/mpg321.c
+index 19282bb..663882e 100644
+--- a/mpg321.c
++++ b/mpg321.c
+@@ -63,6 +63,14 @@
+ #include <pthread.h>
+ #include <semaphore.h>
+ 
++output_frame *Output_Queue;
++decoded_frames *Decoded_Frames;
++int semarray;
++int mad_decoder_position;
++int output_buffer_position;
++double real[FFT_BUFFER_SIZE];
++double imag[FFT_BUFFER_SIZE];
++int loop_remaining;
+ 
+ int pflag = 0;
+ int volume = 0;
+diff --git a/mpg321.h b/mpg321.h
+index 798bff0..235cf4a 100644
+--- a/mpg321.h
++++ b/mpg321.h
+@@ -116,7 +116,7 @@ extern char *playlist_file;
+ extern int quit_now;
+ extern char remote_input_buf[PATH_MAX + 5];
+ extern int file_change;
+-int loop_remaining;
++extern int loop_remaining;
+ 
+ extern int status;
+ extern int scrobbler_time;
+@@ -233,8 +233,8 @@ RETSIGTYPE handle_sigchld(int sig);
+ #define FFT_BUFFER_SIZE_LOG 9
+ #define FFT_BUFFER_SIZE (1 << FFT_BUFFER_SIZE_LOG) /* 512 */
+ /*Temporary data stores to perform FFT in */
+-double real[FFT_BUFFER_SIZE];
+-double imag[FFT_BUFFER_SIZE];
++extern double real[FFT_BUFFER_SIZE];
++extern double imag[FFT_BUFFER_SIZE];
+ 
+ typedef struct {
+ 	double real[FFT_BUFFER_SIZE];
+@@ -258,10 +258,10 @@ fft_state *fft_init(void);
+ /* Output buffer process */
+ void frame_buffer_p();
+ /* Semaphore array */
+-int semarray;
++extern int semarray;
+ /* Input/Output buffer position */
+-int mad_decoder_position;
+-int output_buffer_position;
++extern int mad_decoder_position;
++extern int output_buffer_position;
+ /* Output Frame including needed information */
+ typedef struct {
+ 	unsigned char data[4*1152];
+@@ -285,10 +285,10 @@ typedef struct {
+ } decoded_frames;
+ 
+ /* Output frame queue pointer */
+-output_frame *Output_Queue;
++extern output_frame *Output_Queue;
+ 
+ /* Shared total decoded frames */
+-decoded_frames *Decoded_Frames;
++extern decoded_frames *Decoded_Frames;
+ 
+ #if defined(__GNU_LIBRARY__) && !defined(_SEM_SEMUN_UNDEFINED)
+ /* */
+-- 
+2.26.2
+

diff --git a/media-sound/mpg321/mpg321-0.3.2.ebuild b/media-sound/mpg321/mpg321-0.3.2.ebuild
index 1c6cf71665a..390abffdec0 100644
--- a/media-sound/mpg321/mpg321-0.3.2.ebuild
+++ b/media-sound/mpg321/mpg321-0.3.2.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=5
+EAPI=7
 inherit autotools eutils
 
 DESCRIPTION="A realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3"
@@ -23,9 +23,15 @@ DEPEND="${RDEPEND}"
 
 S=${WORKDIR}/${P}-orig
 
+PATCHES=(
+	"${FILESDIR}/${PN}-0.2.12-check-for-lround.patch"
+	"${FILESDIR}/${P}-format-security.patch"
+	"${FILESDIR}/${P}-CVE-2019-14247.patch"
+	"${FILESDIR}/${P}-gcc10.patch"
+)
+
 src_prepare() {
-	epatch "${FILESDIR}"/${PN}-0.2.12-check-for-lround.patch \
-		"${FILESDIR}"/${P}-format-security.patch
+	default
 	eautoreconf
 }