From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1177330-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 9E73B1382C5
	for <garchives@archives.gentoo.org>; Sat,  6 Jun 2020 01:50:40 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id ADC13E089F;
	Sat,  6 Jun 2020 01:50:39 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 85A45E089F
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Jun 2020 01:50:39 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id C0D7334F2F8
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Jun 2020 01:50:34 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 9A045232
	for <gentoo-commits@lists.gentoo.org>; Sat,  6 Jun 2020 01:50:12 +0000 (UTC)
From: "Aaron Bauman" <bman@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Aaron Bauman" <bman@gentoo.org>
Message-ID: <1591408153.33364299eee045ae5df62612a33c9c80dbbe792c.bman@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: media-sound/mpg321/, media-sound/mpg321/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch media-sound/mpg321/files/mpg321-0.3.2-format-security.patch media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch media-sound/mpg321/mpg321-0.3.2.ebuild
X-VCS-Directories: media-sound/mpg321/files/ media-sound/mpg321/
X-VCS-Committer: bman
X-VCS-Committer-Name: Aaron Bauman
X-VCS-Revision: 33364299eee045ae5df62612a33c9c80dbbe792c
X-VCS-Branch: master
Date: Sat,  6 Jun 2020 01:50:12 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 6998052a-af2a-489d-beee-f95da3912920
X-Archives-Hash: 0b38d1a0915c009e13c68087ac4bfe1b

commit:     33364299eee045ae5df62612a33c9c80dbbe792c
Author:     Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Thu Jun  4 17:51:17 2020 +0000
Commit:     Aaron Bauman <bman <AT> gentoo <DOT> org>
CommitDate: Sat Jun  6 01:49:13 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33364299

media-sound/mpg321: update ebuild

Applied security fix from Debian for CVE-2019-14247 (#711918), fixed
compilation on GCC10 (#706740), updated ebuild to EAPI 7.

Bug: https://bugs.gentoo.org/711918
Closes: https://bugs.gentoo.org/706740
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Azamat H. Hackimov <azamat.hackimov <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/16066
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org>

 .../mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch | 20 ++++++
 .../files/mpg321-0.3.2-format-security.patch       |  4 +-
 media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch  | 83 ++++++++++++++++++++++
 media-sound/mpg321/mpg321-0.3.2.ebuild             | 12 +++-
 4 files changed, 114 insertions(+), 5 deletions(-)

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
new file mode 100644
index 00000000000..ff8aea8f8e7
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-CVE-2019-14247.patch
@@ -0,0 +1,20 @@
+Description: Handle illegal bitrate value
+Author: Chrysostomos Nanakos <cnanakos@debian.org>
+Bug-Debian: https://bugs.debian.org/870406
+Bug-Debian: https://bugs.debian.org/887057
+
+--- mpg321-0.3.2.orig/mad.c
++++ mpg321-0.3.2/mad.c
+@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len,
+ 
+     if (!is_vbr)
+     {
++	if (header.bitrate <= 0)                                                
++        {                                                                       
++            fprintf(stderr, "Illegal bit allocation value\n");                                                                              
++            return;                                                             
++        }    
++
+         double time = (len * 8.0) / (header.bitrate); /* time in seconds */
+         double timefrac = (double)time - ((long)(time));
+         long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
index 732ca2c6022..c93d8d796dc 100644
--- a/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
+++ b/media-sound/mpg321/files/mpg321-0.3.2-format-security.patch
@@ -1,5 +1,5 @@
---- /var/tmp/portage/media-sound/mpg321-0.3.2/work/mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
-+++ /tmp/mpg321.c	2015-08-12 23:34:20.395331151 +0200
+--- mpg321-0.3.2-orig/mpg321.c	2012-03-25 14:27:49.000000000 +0200
++++ mpg321-0.3.2-orig/mpg321.c	2015-08-12 23:34:20.395331151 +0200
 @@ -183,7 +183,7 @@
  				else{
  #endif					

diff --git a/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
new file mode 100644
index 00000000000..8966d9f7c8d
--- /dev/null
+++ b/media-sound/mpg321/files/mpg321-0.3.2-gcc10.patch
@@ -0,0 +1,83 @@
+From f930c3b81bdf9c05152fb005562b3869f6e36f34 Mon Sep 17 00:00:00 2001
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Thu, 4 Jun 2020 20:41:25 +0300
+Subject: [PATCH] Fix GCC10 compilation
+
+---
+ mpg321.c |  8 ++++++++
+ mpg321.h | 16 ++++++++--------
+ 2 files changed, 16 insertions(+), 8 deletions(-)
+
+diff --git a/mpg321.c b/mpg321.c
+index 19282bb..663882e 100644
+--- a/mpg321.c
++++ b/mpg321.c
+@@ -63,6 +63,14 @@
+ #include <pthread.h>
+ #include <semaphore.h>
+ 
++output_frame *Output_Queue;
++decoded_frames *Decoded_Frames;
++int semarray;
++int mad_decoder_position;
++int output_buffer_position;
++double real[FFT_BUFFER_SIZE];
++double imag[FFT_BUFFER_SIZE];
++int loop_remaining;
+ 
+ int pflag = 0;
+ int volume = 0;
+diff --git a/mpg321.h b/mpg321.h
+index 798bff0..235cf4a 100644
+--- a/mpg321.h
++++ b/mpg321.h
+@@ -116,7 +116,7 @@ extern char *playlist_file;
+ extern int quit_now;
+ extern char remote_input_buf[PATH_MAX + 5];
+ extern int file_change;
+-int loop_remaining;
++extern int loop_remaining;
+ 
+ extern int status;
+ extern int scrobbler_time;
+@@ -233,8 +233,8 @@ RETSIGTYPE handle_sigchld(int sig);
+ #define FFT_BUFFER_SIZE_LOG 9
+ #define FFT_BUFFER_SIZE (1 << FFT_BUFFER_SIZE_LOG) /* 512 */
+ /*Temporary data stores to perform FFT in */
+-double real[FFT_BUFFER_SIZE];
+-double imag[FFT_BUFFER_SIZE];
++extern double real[FFT_BUFFER_SIZE];
++extern double imag[FFT_BUFFER_SIZE];
+ 
+ typedef struct {
+ 	double real[FFT_BUFFER_SIZE];
+@@ -258,10 +258,10 @@ fft_state *fft_init(void);
+ /* Output buffer process */
+ void frame_buffer_p();
+ /* Semaphore array */
+-int semarray;
++extern int semarray;
+ /* Input/Output buffer position */
+-int mad_decoder_position;
+-int output_buffer_position;
++extern int mad_decoder_position;
++extern int output_buffer_position;
+ /* Output Frame including needed information */
+ typedef struct {
+ 	unsigned char data[4*1152];
+@@ -285,10 +285,10 @@ typedef struct {
+ } decoded_frames;
+ 
+ /* Output frame queue pointer */
+-output_frame *Output_Queue;
++extern output_frame *Output_Queue;
+ 
+ /* Shared total decoded frames */
+-decoded_frames *Decoded_Frames;
++extern decoded_frames *Decoded_Frames;
+ 
+ #if defined(__GNU_LIBRARY__) && !defined(_SEM_SEMUN_UNDEFINED)
+ /* */
+-- 
+2.26.2
+

diff --git a/media-sound/mpg321/mpg321-0.3.2.ebuild b/media-sound/mpg321/mpg321-0.3.2.ebuild
index 1c6cf71665a..390abffdec0 100644
--- a/media-sound/mpg321/mpg321-0.3.2.ebuild
+++ b/media-sound/mpg321/mpg321-0.3.2.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=5
+EAPI=7
 inherit autotools eutils
 
 DESCRIPTION="A realtime MPEG 1.0/2.0/2.5 audio player for layers 1, 2 and 3"
@@ -23,9 +23,15 @@ DEPEND="${RDEPEND}"
 
 S=${WORKDIR}/${P}-orig
 
+PATCHES=(
+	"${FILESDIR}/${PN}-0.2.12-check-for-lround.patch"
+	"${FILESDIR}/${P}-format-security.patch"
+	"${FILESDIR}/${P}-CVE-2019-14247.patch"
+	"${FILESDIR}/${P}-gcc10.patch"
+)
+
 src_prepare() {
-	epatch "${FILESDIR}"/${PN}-0.2.12-check-for-lround.patch \
-		"${FILESDIR}"/${P}-format-security.patch
+	default
 	eautoreconf
 }