[arch-commits] Commit in flac/repos (16 files)

Eric Bélanger eric at archlinux.org
Wed Nov 26 01:59:44 UTC 2014


    Date: Wednesday, November 26, 2014 @ 02:59:43
  Author: eric
Revision: 227109

archrelease: copy trunk to extra-i686, extra-x86_64

Added:
  flac/repos/extra-i686/PKGBUILD
    (from rev 227108, flac/trunk/PKGBUILD)
  flac/repos/extra-i686/flac-CVE-2014-8962.patch
    (from rev 227108, flac/trunk/flac-CVE-2014-8962.patch)
  flac/repos/extra-i686/flac-CVE-2014-9028.patch
    (from rev 227108, flac/trunk/flac-CVE-2014-9028.patch)
  flac/repos/extra-i686/flac-divby0.patch
    (from rev 227108, flac/trunk/flac-divby0.patch)
  flac/repos/extra-i686/flac-realloc.patch
    (from rev 227108, flac/trunk/flac-realloc.patch)
  flac/repos/extra-x86_64/PKGBUILD
    (from rev 227108, flac/trunk/PKGBUILD)
  flac/repos/extra-x86_64/flac-CVE-2014-8962.patch
    (from rev 227108, flac/trunk/flac-CVE-2014-8962.patch)
  flac/repos/extra-x86_64/flac-CVE-2014-9028.patch
    (from rev 227108, flac/trunk/flac-CVE-2014-9028.patch)
  flac/repos/extra-x86_64/flac-divby0.patch
    (from rev 227108, flac/trunk/flac-divby0.patch)
  flac/repos/extra-x86_64/flac-realloc.patch
    (from rev 227108, flac/trunk/flac-realloc.patch)
Deleted:
  flac/repos/extra-i686/PKGBUILD
  flac/repos/extra-i686/flac-divby0.patch
  flac/repos/extra-i686/flac-realloc.patch
  flac/repos/extra-x86_64/PKGBUILD
  flac/repos/extra-x86_64/flac-divby0.patch
  flac/repos/extra-x86_64/flac-realloc.patch

---------------------------------------+
 /PKGBUILD                             |  116 ++++++++++++++++++++++++++++++++
 /flac-divby0.patch                    |   94 +++++++++++++++++++++++++
 /flac-realloc.patch                   |   30 ++++++++
 extra-i686/PKGBUILD                   |   54 --------------
 extra-i686/flac-CVE-2014-8962.patch   |   40 +++++++++++
 extra-i686/flac-CVE-2014-9028.patch   |   34 +++++++++
 extra-i686/flac-divby0.patch          |   47 ------------
 extra-i686/flac-realloc.patch         |   15 ----
 extra-x86_64/PKGBUILD                 |   54 --------------
 extra-x86_64/flac-CVE-2014-8962.patch |   40 +++++++++++
 extra-x86_64/flac-CVE-2014-9028.patch |   34 +++++++++
 extra-x86_64/flac-divby0.patch        |   47 ------------
 extra-x86_64/flac-realloc.patch       |   15 ----
 13 files changed, 388 insertions(+), 232 deletions(-)

Deleted: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-i686/PKGBUILD	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,54 +0,0 @@
-# $Id$
-# Maintainer: Eric Bélanger <eric at archlinux.org>
-
-pkgbase=flac
-pkgname=('flac' 'flac-doc')
-pkgver=1.3.0
-pkgrel=4
-arch=('i686' 'x86_64')
-url="http://flac.sourceforge.net/"
-license=('BSD' 'GPL')
-depends=('gcc-libs' 'libogg')
-makedepends=('nasm' 'doxygen')
-options=('!makeflags')
-source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz
-        flac-realloc.patch flac-divby0.patch)
-sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b'
-          '22bf08219c289d747f399e351c701d0f195d3ce0'
-          'ceecf0603895267eda112c1cf85e3096e3d3acde')
-
-prepare() {
-  cd ${pkgbase}-${pkgver}
-  patch -p1 -i "${srcdir}/flac-realloc.patch"
-  patch -p1 -i "${srcdir}/flac-divby0.patch"
-}
-
-build() {
-  cd ${pkgbase}-${pkgver}
-  ./configure --prefix=/usr --disable-sse
-  make
-}
-
-check() {
-  cd ${pkgbase}-${pkgver}
-  make check
-}
-
-package_flac() {
-  pkgdesc="Free Lossless Audio Codec"
-  options=('!docs')
-
-  cd ${pkgbase}-${pkgver}
-  make DESTDIR="${pkgdir}" install
-  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-}
-
-package_flac-doc() {
-  pkgdesc="Developer documentation for the Free Lossless Audio Codec"
-  depends=('flac')
-
-  cd ${pkgbase}-${pkgver}
-  make DESTDIR="${pkgdir}" -C doc install
-  sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag"
-  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-}

Copied: flac/repos/extra-i686/PKGBUILD (from rev 227108, flac/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD	                        (rev 0)
+++ extra-i686/PKGBUILD	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,58 @@
+# $Id$
+# Maintainer: Eric Bélanger <eric at archlinux.org>
+
+pkgbase=flac
+pkgname=('flac' 'flac-doc')
+pkgver=1.3.0
+pkgrel=5
+arch=('i686' 'x86_64')
+url="http://flac.sourceforge.net/"
+license=('BSD' 'GPL')
+depends=('gcc-libs' 'libogg')
+makedepends=('nasm' 'doxygen')
+options=('!makeflags')
+source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz
+        flac-realloc.patch flac-divby0.patch flac-CVE-2014-8962.patch flac-CVE-2014-9028.patch)
+sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b'
+          '22bf08219c289d747f399e351c701d0f195d3ce0'
+          'ceecf0603895267eda112c1cf85e3096e3d3acde'
+          'f78547bc7a085a47273ad85c3ec86a2960739944'
+          '18f7a66fc0faf857e3c82b462619acf5b5a19af4')
+
+prepare() {
+  cd ${pkgbase}-${pkgver}
+  patch -p1 -i "${srcdir}/flac-realloc.patch"
+  patch -p1 -i "${srcdir}/flac-divby0.patch"
+  patch -p1 -i "${srcdir}/flac-CVE-2014-8962.patch"
+  patch -p1 -i "${srcdir}/flac-CVE-2014-9028.patch"
+}
+
+build() {
+  cd ${pkgbase}-${pkgver}
+  ./configure --prefix=/usr --disable-sse
+  make
+}
+
+check() {
+  cd ${pkgbase}-${pkgver}
+  make check
+}
+
+package_flac() {
+  pkgdesc="Free Lossless Audio Codec"
+  options=('!docs')
+
+  cd ${pkgbase}-${pkgver}
+  make DESTDIR="${pkgdir}" install
+  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+}
+
+package_flac-doc() {
+  pkgdesc="Developer documentation for the Free Lossless Audio Codec"
+  depends=('flac')
+
+  cd ${pkgbase}-${pkgver}
+  make DESTDIR="${pkgdir}" -C doc install
+  sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag"
+  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+}

Copied: flac/repos/extra-i686/flac-CVE-2014-8962.patch (from rev 227108, flac/trunk/flac-CVE-2014-8962.patch)
===================================================================
--- extra-i686/flac-CVE-2014-8962.patch	                        (rev 0)
+++ extra-i686/flac-CVE-2014-8962.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,40 @@
+From 5b3033a2b355068c11fe637e14ac742d273f076e Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Tue, 18 Nov 2014 07:20:25 -0800
+Subject: [PATCH] src/libFLAC/stream_decoder.c : Fix buffer read overflow.
+
+This is CVE-2014-8962.
+
+Reported-by: Michele Spagnuolo,
+             Google Security Team <mikispag at google.com>
+---
+ src/libFLAC/stream_decoder.c |    6 +++++-
+ 1 files changed, 5 insertions(+), 1 deletions(-)
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index cb66fe2..88a656d 100644
+--- a/src/libFLAC/stream_decoder.c
++++ b/src/libFLAC/stream_decoder.c
+@@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC =
+  *
+  ***********************************************************************/
+ 
+-static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
++static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
+ 
+ /***********************************************************************
+  *
+@@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder)
+ 			id = 0;
+ 			continue;
+ 		}
++
++		if(id >= 3)
++			return false;
++
+ 		if(x == ID3V2_TAG_[id]) {
+ 			id++;
+ 			i = 0;
+-- 
+1.7.2.5
+

Copied: flac/repos/extra-i686/flac-CVE-2014-9028.patch (from rev 227108, flac/trunk/flac-CVE-2014-9028.patch)
===================================================================
--- extra-i686/flac-CVE-2014-9028.patch	                        (rev 0)
+++ extra-i686/flac-CVE-2014-9028.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,34 @@
+From fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Wed, 19 Nov 2014 19:35:59 -0800
+Subject: [PATCH] src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.
+
+A file provided by the reporters caused the stream decoder to write to
+un-allocated heap space resulting in a segfault. The solution is to
+error out (by returning false from read_residual_partitioned_rice_())
+instead of trying to continue to decode.
+
+Fixes: CVE-2014-9028
+Reported-by: Michele Spagnuolo,
+             Google Security Team <mikispag at google.com>
+---
+ src/libFLAC/stream_decoder.c |    3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index 88a656d..54e84d4 100644
+--- a/src/libFLAC/stream_decoder.c
++++ b/src/libFLAC/stream_decoder.c
+@@ -2736,7 +2736,8 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
+ 		if(decoder->private_->frame.header.blocksize < predictor_order) {
+ 			send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
+ 			decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
+-			return true;
++			/* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */
++			return false;
+ 		}
+ 	}
+ 	else {
+-- 
+1.7.2.5
+

Deleted: extra-i686/flac-divby0.patch
===================================================================
--- extra-i686/flac-divby0.patch	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-i686/flac-divby0.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,47 +0,0 @@
-From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd at mega-nerd.com>
-Date: Tue, 8 Jul 2014 18:25:11 +1000
-Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0.
-
-Previous version of get_console_width() may return 0 which will result in
-a division by 0 in stats_print_name():
-
-	console_width = get_console_width();
-	len = strlen_console(name)+2;
-	console_chars_left = console_width  - (len % console_width);
-
-Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613
-Patch-from: lvqcl <lvqcl.mail at gmail.com>
----
- src/flac/utils.c |    7 +++++--
- 1 files changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/src/flac/utils.c b/src/flac/utils.c
-index 557477e..52b2c43 100644
---- a/src/flac/utils.c
-+++ b/src/flac/utils.c
-@@ -176,7 +176,7 @@ static int console_chars_left;
- 
- int get_console_width(void)
- {
--	int width = 80;
-+	int width = 0;
- #if defined _WIN32
- 	width = win_get_console_width();
- #elif defined __EMX__
-@@ -185,8 +185,11 @@ int get_console_width(void)
- 	width = s[0];
- #elif defined GWINSZ_IN_SYS_IOCTL
- 	struct winsize w;
--	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)	width = w.ws_col;
-+	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)
-+		width = w.ws_col;
- #endif
-+	if (width <= 0)
-+		width = 80;
- 	return width;
- }
- 
--- 
-1.7.2.5
-

Copied: flac/repos/extra-i686/flac-divby0.patch (from rev 227108, flac/trunk/flac-divby0.patch)
===================================================================
--- extra-i686/flac-divby0.patch	                        (rev 0)
+++ extra-i686/flac-divby0.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,47 @@
+From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Tue, 8 Jul 2014 18:25:11 +1000
+Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0.
+
+Previous version of get_console_width() may return 0 which will result in
+a division by 0 in stats_print_name():
+
+	console_width = get_console_width();
+	len = strlen_console(name)+2;
+	console_chars_left = console_width  - (len % console_width);
+
+Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613
+Patch-from: lvqcl <lvqcl.mail at gmail.com>
+---
+ src/flac/utils.c |    7 +++++--
+ 1 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/flac/utils.c b/src/flac/utils.c
+index 557477e..52b2c43 100644
+--- a/src/flac/utils.c
++++ b/src/flac/utils.c
+@@ -176,7 +176,7 @@ static int console_chars_left;
+ 
+ int get_console_width(void)
+ {
+-	int width = 80;
++	int width = 0;
+ #if defined _WIN32
+ 	width = win_get_console_width();
+ #elif defined __EMX__
+@@ -185,8 +185,11 @@ int get_console_width(void)
+ 	width = s[0];
+ #elif defined GWINSZ_IN_SYS_IOCTL
+ 	struct winsize w;
+-	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)	width = w.ws_col;
++	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)
++		width = w.ws_col;
+ #endif
++	if (width <= 0)
++		width = 80;
+ 	return width;
+ }
+ 
+-- 
+1.7.2.5
+

Deleted: extra-i686/flac-realloc.patch
===================================================================
--- extra-i686/flac-realloc.patch	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-i686/flac-realloc.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,15 +0,0 @@
-X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff
-
-diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
-index 097537b..8a31daa 100644
---- a/src/metaflac/utils.c
-+++ b/src/metaflac/utils.c
-@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
- 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
- 	if(0 == *dest)
- 		die("out of memory growing string");
--	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
-+	safe_strncpy((*dest)+ndest, source, nsource + 1);
- }
- 
- static inline int local_isprint(int c)

Copied: flac/repos/extra-i686/flac-realloc.patch (from rev 227108, flac/trunk/flac-realloc.patch)
===================================================================
--- extra-i686/flac-realloc.patch	                        (rev 0)
+++ extra-i686/flac-realloc.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,15 @@
+X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff
+
+diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
+index 097537b..8a31daa 100644
+--- a/src/metaflac/utils.c
++++ b/src/metaflac/utils.c
+@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
+ 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
+ 	if(0 == *dest)
+ 		die("out of memory growing string");
+-	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
++	safe_strncpy((*dest)+ndest, source, nsource + 1);
+ }
+ 
+ static inline int local_isprint(int c)

Deleted: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-x86_64/PKGBUILD	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,54 +0,0 @@
-# $Id$
-# Maintainer: Eric Bélanger <eric at archlinux.org>
-
-pkgbase=flac
-pkgname=('flac' 'flac-doc')
-pkgver=1.3.0
-pkgrel=4
-arch=('i686' 'x86_64')
-url="http://flac.sourceforge.net/"
-license=('BSD' 'GPL')
-depends=('gcc-libs' 'libogg')
-makedepends=('nasm' 'doxygen')
-options=('!makeflags')
-source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz
-        flac-realloc.patch flac-divby0.patch)
-sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b'
-          '22bf08219c289d747f399e351c701d0f195d3ce0'
-          'ceecf0603895267eda112c1cf85e3096e3d3acde')
-
-prepare() {
-  cd ${pkgbase}-${pkgver}
-  patch -p1 -i "${srcdir}/flac-realloc.patch"
-  patch -p1 -i "${srcdir}/flac-divby0.patch"
-}
-
-build() {
-  cd ${pkgbase}-${pkgver}
-  ./configure --prefix=/usr --disable-sse
-  make
-}
-
-check() {
-  cd ${pkgbase}-${pkgver}
-  make check
-}
-
-package_flac() {
-  pkgdesc="Free Lossless Audio Codec"
-  options=('!docs')
-
-  cd ${pkgbase}-${pkgver}
-  make DESTDIR="${pkgdir}" install
-  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-}
-
-package_flac-doc() {
-  pkgdesc="Developer documentation for the Free Lossless Audio Codec"
-  depends=('flac')
-
-  cd ${pkgbase}-${pkgver}
-  make DESTDIR="${pkgdir}" -C doc install
-  sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag"
-  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-}

Copied: flac/repos/extra-x86_64/PKGBUILD (from rev 227108, flac/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD	                        (rev 0)
+++ extra-x86_64/PKGBUILD	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,58 @@
+# $Id$
+# Maintainer: Eric Bélanger <eric at archlinux.org>
+
+pkgbase=flac
+pkgname=('flac' 'flac-doc')
+pkgver=1.3.0
+pkgrel=5
+arch=('i686' 'x86_64')
+url="http://flac.sourceforge.net/"
+license=('BSD' 'GPL')
+depends=('gcc-libs' 'libogg')
+makedepends=('nasm' 'doxygen')
+options=('!makeflags')
+source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz
+        flac-realloc.patch flac-divby0.patch flac-CVE-2014-8962.patch flac-CVE-2014-9028.patch)
+sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b'
+          '22bf08219c289d747f399e351c701d0f195d3ce0'
+          'ceecf0603895267eda112c1cf85e3096e3d3acde'
+          'f78547bc7a085a47273ad85c3ec86a2960739944'
+          '18f7a66fc0faf857e3c82b462619acf5b5a19af4')
+
+prepare() {
+  cd ${pkgbase}-${pkgver}
+  patch -p1 -i "${srcdir}/flac-realloc.patch"
+  patch -p1 -i "${srcdir}/flac-divby0.patch"
+  patch -p1 -i "${srcdir}/flac-CVE-2014-8962.patch"
+  patch -p1 -i "${srcdir}/flac-CVE-2014-9028.patch"
+}
+
+build() {
+  cd ${pkgbase}-${pkgver}
+  ./configure --prefix=/usr --disable-sse
+  make
+}
+
+check() {
+  cd ${pkgbase}-${pkgver}
+  make check
+}
+
+package_flac() {
+  pkgdesc="Free Lossless Audio Codec"
+  options=('!docs')
+
+  cd ${pkgbase}-${pkgver}
+  make DESTDIR="${pkgdir}" install
+  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+}
+
+package_flac-doc() {
+  pkgdesc="Developer documentation for the Free Lossless Audio Codec"
+  depends=('flac')
+
+  cd ${pkgbase}-${pkgver}
+  make DESTDIR="${pkgdir}" -C doc install
+  sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag"
+  install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+}

Copied: flac/repos/extra-x86_64/flac-CVE-2014-8962.patch (from rev 227108, flac/trunk/flac-CVE-2014-8962.patch)
===================================================================
--- extra-x86_64/flac-CVE-2014-8962.patch	                        (rev 0)
+++ extra-x86_64/flac-CVE-2014-8962.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,40 @@
+From 5b3033a2b355068c11fe637e14ac742d273f076e Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Tue, 18 Nov 2014 07:20:25 -0800
+Subject: [PATCH] src/libFLAC/stream_decoder.c : Fix buffer read overflow.
+
+This is CVE-2014-8962.
+
+Reported-by: Michele Spagnuolo,
+             Google Security Team <mikispag at google.com>
+---
+ src/libFLAC/stream_decoder.c |    6 +++++-
+ 1 files changed, 5 insertions(+), 1 deletions(-)
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index cb66fe2..88a656d 100644
+--- a/src/libFLAC/stream_decoder.c
++++ b/src/libFLAC/stream_decoder.c
+@@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC =
+  *
+  ***********************************************************************/
+ 
+-static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
++static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
+ 
+ /***********************************************************************
+  *
+@@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder)
+ 			id = 0;
+ 			continue;
+ 		}
++
++		if(id >= 3)
++			return false;
++
+ 		if(x == ID3V2_TAG_[id]) {
+ 			id++;
+ 			i = 0;
+-- 
+1.7.2.5
+

Copied: flac/repos/extra-x86_64/flac-CVE-2014-9028.patch (from rev 227108, flac/trunk/flac-CVE-2014-9028.patch)
===================================================================
--- extra-x86_64/flac-CVE-2014-9028.patch	                        (rev 0)
+++ extra-x86_64/flac-CVE-2014-9028.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,34 @@
+From fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Wed, 19 Nov 2014 19:35:59 -0800
+Subject: [PATCH] src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.
+
+A file provided by the reporters caused the stream decoder to write to
+un-allocated heap space resulting in a segfault. The solution is to
+error out (by returning false from read_residual_partitioned_rice_())
+instead of trying to continue to decode.
+
+Fixes: CVE-2014-9028
+Reported-by: Michele Spagnuolo,
+             Google Security Team <mikispag at google.com>
+---
+ src/libFLAC/stream_decoder.c |    3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index 88a656d..54e84d4 100644
+--- a/src/libFLAC/stream_decoder.c
++++ b/src/libFLAC/stream_decoder.c
+@@ -2736,7 +2736,8 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
+ 		if(decoder->private_->frame.header.blocksize < predictor_order) {
+ 			send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
+ 			decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
+-			return true;
++			/* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */
++			return false;
+ 		}
+ 	}
+ 	else {
+-- 
+1.7.2.5
+

Deleted: extra-x86_64/flac-divby0.patch
===================================================================
--- extra-x86_64/flac-divby0.patch	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-x86_64/flac-divby0.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,47 +0,0 @@
-From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd at mega-nerd.com>
-Date: Tue, 8 Jul 2014 18:25:11 +1000
-Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0.
-
-Previous version of get_console_width() may return 0 which will result in
-a division by 0 in stats_print_name():
-
-	console_width = get_console_width();
-	len = strlen_console(name)+2;
-	console_chars_left = console_width  - (len % console_width);
-
-Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613
-Patch-from: lvqcl <lvqcl.mail at gmail.com>
----
- src/flac/utils.c |    7 +++++--
- 1 files changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/src/flac/utils.c b/src/flac/utils.c
-index 557477e..52b2c43 100644
---- a/src/flac/utils.c
-+++ b/src/flac/utils.c
-@@ -176,7 +176,7 @@ static int console_chars_left;
- 
- int get_console_width(void)
- {
--	int width = 80;
-+	int width = 0;
- #if defined _WIN32
- 	width = win_get_console_width();
- #elif defined __EMX__
-@@ -185,8 +185,11 @@ int get_console_width(void)
- 	width = s[0];
- #elif defined GWINSZ_IN_SYS_IOCTL
- 	struct winsize w;
--	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)	width = w.ws_col;
-+	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)
-+		width = w.ws_col;
- #endif
-+	if (width <= 0)
-+		width = 80;
- 	return width;
- }
- 
--- 
-1.7.2.5
-

Copied: flac/repos/extra-x86_64/flac-divby0.patch (from rev 227108, flac/trunk/flac-divby0.patch)
===================================================================
--- extra-x86_64/flac-divby0.patch	                        (rev 0)
+++ extra-x86_64/flac-divby0.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,47 @@
+From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd at mega-nerd.com>
+Date: Tue, 8 Jul 2014 18:25:11 +1000
+Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0.
+
+Previous version of get_console_width() may return 0 which will result in
+a division by 0 in stats_print_name():
+
+	console_width = get_console_width();
+	len = strlen_console(name)+2;
+	console_chars_left = console_width  - (len % console_width);
+
+Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613
+Patch-from: lvqcl <lvqcl.mail at gmail.com>
+---
+ src/flac/utils.c |    7 +++++--
+ 1 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/flac/utils.c b/src/flac/utils.c
+index 557477e..52b2c43 100644
+--- a/src/flac/utils.c
++++ b/src/flac/utils.c
+@@ -176,7 +176,7 @@ static int console_chars_left;
+ 
+ int get_console_width(void)
+ {
+-	int width = 80;
++	int width = 0;
+ #if defined _WIN32
+ 	width = win_get_console_width();
+ #elif defined __EMX__
+@@ -185,8 +185,11 @@ int get_console_width(void)
+ 	width = s[0];
+ #elif defined GWINSZ_IN_SYS_IOCTL
+ 	struct winsize w;
+-	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)	width = w.ws_col;
++	if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1)
++		width = w.ws_col;
+ #endif
++	if (width <= 0)
++		width = 80;
+ 	return width;
+ }
+ 
+-- 
+1.7.2.5
+

Deleted: extra-x86_64/flac-realloc.patch
===================================================================
--- extra-x86_64/flac-realloc.patch	2014-11-26 01:55:42 UTC (rev 227108)
+++ extra-x86_64/flac-realloc.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -1,15 +0,0 @@
-X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff
-
-diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
-index 097537b..8a31daa 100644
---- a/src/metaflac/utils.c
-+++ b/src/metaflac/utils.c
-@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
- 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
- 	if(0 == *dest)
- 		die("out of memory growing string");
--	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
-+	safe_strncpy((*dest)+ndest, source, nsource + 1);
- }
- 
- static inline int local_isprint(int c)

Copied: flac/repos/extra-x86_64/flac-realloc.patch (from rev 227108, flac/trunk/flac-realloc.patch)
===================================================================
--- extra-x86_64/flac-realloc.patch	                        (rev 0)
+++ extra-x86_64/flac-realloc.patch	2014-11-26 01:59:43 UTC (rev 227109)
@@ -0,0 +1,15 @@
+X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff
+
+diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
+index 097537b..8a31daa 100644
+--- a/src/metaflac/utils.c
++++ b/src/metaflac/utils.c
+@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
+ 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
+ 	if(0 == *dest)
+ 		die("out of memory growing string");
+-	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
++	safe_strncpy((*dest)+ndest, source, nsource + 1);
+ }
+ 
+ static inline int local_isprint(int c)


More information about the arch-commits mailing list