[libmp3splt] fix snprintf overflow
by Sérgio M. Basto
commit 41118893f4d0cef0490923fc3119900ecbf85a5e
Author: Sérgio M. Basto <sergio(a)serjux.com>
Date: Wed Aug 2 03:28:04 2023 +0100
fix snprintf overflow
fix_snprintf-overflow.patch | 92 +++++++++++++++++++++++++++++++++++++++++++++
libmp3splt.spec | 4 +-
2 files changed, 95 insertions(+), 1 deletion(-)
---
diff --git a/fix_snprintf-overflow.patch b/fix_snprintf-overflow.patch
new file mode 100644
index 0000000..74228cd
--- /dev/null
+++ b/fix_snprintf-overflow.patch
@@ -0,0 +1,92 @@
+--- ./src/oformat_parser.c.orig 2023-08-02 03:16:38.992748757 +0100
++++ ./src/oformat_parser.c 2023-08-02 03:26:12.218903547 +0100
+@@ -534,7 +534,7 @@ put_value:
+ int max_number_of_digits = splt_u_get_requested_num_of_digits(state,
+ state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE);
+
+- snprintf(temp + offset, temp_len, "%s", format);
++ snprintf(temp + offset, temp_len - offset, "%s", format);
+
+ fm_length = strlen(temp) + 1 + max_number_of_digits;
+ if ((fm = malloc(fm_length * sizeof(char))) == NULL)
+@@ -564,7 +564,7 @@ put_value:
+ //
+ if (artist_or_performer != NULL)
+ {
+- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len-2, "%s", state->oformat.format[i]+2);
+
+ int artist_length = 0;
+ artist_length = strlen(artist_or_performer);
+@@ -609,7 +609,7 @@ put_value:
+ //
+ if (artist != NULL)
+ {
+- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len-2, "%s", state->oformat.format[i]+2);
+
+ int artist_length = 0;
+ artist_length = strlen(artist);
+@@ -655,7 +655,7 @@ put_value:
+ {
+ int album_length = 0;
+ album_length = strlen(album);
+- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + album_length + 1;
+ }
+@@ -699,7 +699,7 @@ put_value:
+ {
+ int genre_length = 0;
+ genre_length = strlen(genre);
+- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + genre_length + 1;
+ }
+@@ -743,7 +743,7 @@ put_value:
+ {
+ int title_length = 0;
+ title_length = strlen(title);
+- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + title_length + 1;
+ }
+@@ -787,7 +787,7 @@ put_value:
+ {
+ int performer_length = 0;
+ performer_length = strlen(performer);
+- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2);
+
+ fm_length = strlen(temp) + performer_length + 1;
+ }
+@@ -862,7 +862,7 @@ put_value:
+ const char *format =
+ splt_u_get_format_ptr(state->oformat.format[i], temp, NULL);
+
+- snprintf(temp + 4, temp_len, "%s", format + 2);
++ snprintf(temp + 4, temp_len-4, "%s", format + 2);
+ fm_length = strlen(temp) + 1 + max_num_of_digits;
+ }
+ else
+@@ -903,7 +903,7 @@ put_value:
+ original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state)));
+ if (original_filename)
+ {
+- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2,temp_len-2 , "%s", state->oformat.format[i]+2);
+
+ splt_su_cut_extension(original_filename);
+
+@@ -934,7 +934,7 @@ put_value:
+
+ if (last_dir)
+ {
+- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2);
+
+ int last_dir_length = strlen(last_dir);
+
diff --git a/libmp3splt.spec b/libmp3splt.spec
index 71545c5..a45de20 100644
--- a/libmp3splt.spec
+++ b/libmp3splt.spec
@@ -11,6 +11,7 @@ Group: Development/Libraries
Source: http://downloads.sourceforge.net/mp3splt/%{name}-%{version}.tar.gz
URL: http://mp3splt.sourceforge.net/
Patch0: v0.9.2..385d2001_2020-11-10.patch
+Patch1: fix_snprintf-overflow.patch
BuildRequires: gettext
BuildRequires: libid3tag-devel
@@ -49,7 +50,8 @@ This package contains development files for the mp3splt project.
%prep
%setup -q
-%patch0 -p2
+%patch -P0 -p2
+%patch -P1 -p1
%build
autoreconf -fiv
9 months, 1 week
[pipewire-codec-aptx/f37] (5 commits) ...Update to 0.3.76
by Sérgio M. Basto
Summary of changes:
9fdbe2b... Update pipewire-codec-aptx to 0.3.73 (*)
e175be8... Fix and force pipewire version (*)
c353d46... Update to 0.3.74 (*)
629c529... Update to 0.3.75 (*)
8956579... Update to 0.3.76 (*)
(*) This commit already existed in another branch; no separate mail sent
9 months, 1 week
[kodi-inputstream-adaptive/f38] Update to 20.3.11
by Michael Cronenworth
commit d86e5d755523b6466bd6d4c205f0f6f040a89715
Author: Michael Cronenworth <mike(a)cchtml.com>
Date: Tue Aug 1 16:25:11 2023 -0500
Update to 20.3.11
kodi-inputstream-adaptive.spec | 5 ++++-
sources | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/kodi-inputstream-adaptive.spec b/kodi-inputstream-adaptive.spec
index 643980d..6bcc52a 100644
--- a/kodi-inputstream-adaptive.spec
+++ b/kodi-inputstream-adaptive.spec
@@ -8,7 +8,7 @@
%global internal_bento4_tag %{internal_bento4_version}-7-Omega
Name: kodi-inputstream-adaptive
-Version: 20.3.9
+Version: 20.3.11
Release: 1%{?dist}
Summary: Adaptive file addon for Kodi's InputStream interface
@@ -73,6 +73,9 @@ appstream-util validate-relax --nonet $RPM_BUILD_ROOT%{_metainfodir}/%{name}.met
%changelog
+* Tue Aug 01 2023 Michael Cronenworth <mike(a)cchtml.com> - 20.3.11-1
+- Update to 20.3.11
+
* Sat Jul 08 2023 Michael Cronenworth <mike(a)cchtml.com> - 20.3.9-1
- Update to 20.3.9
diff --git a/sources b/sources
index 49c10e0..01666eb 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (inputstream.adaptive-20.3.9-Nexus.tar.gz) = 95045e4438ee02f0fb95908e36e9e4812b5674eea167cd72ad5e75e0009f21e837cb0cc803be13b90b67318f9ef8f3c1b6ede518a8484223861ced8480240127
+SHA512 (inputstream.adaptive-20.3.11-Nexus.tar.gz) = 3f79f37b728a4a1436b081fc487684e81b531cabbd53480ef6707c1398a38ffbf068e29765eee7bb1392a60530c6e8dc94d2d97e4c8ce7f17a6514224427a792
SHA512 (Bento4-1.6.0-639-7-Omega.tar.gz) = bf257e5831eec44db944d1313858262c1ba32b6e67564bb8f809a1aa0fc8a55faaaac2357d80f1ce2e794914f6bec5263548e77802db2b9e52998af2b6276809
9 months, 1 week
[kodi-inputstream-adaptive] Update to 20.3.11
by Michael Cronenworth
commit 0b3cf97d794a10f22f577e577a862ccfa2136369
Author: Michael Cronenworth <mike(a)cchtml.com>
Date: Tue Aug 1 16:25:11 2023 -0500
Update to 20.3.11
kodi-inputstream-adaptive.spec | 5 ++++-
sources | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/kodi-inputstream-adaptive.spec b/kodi-inputstream-adaptive.spec
index 643980d..6bcc52a 100644
--- a/kodi-inputstream-adaptive.spec
+++ b/kodi-inputstream-adaptive.spec
@@ -8,7 +8,7 @@
%global internal_bento4_tag %{internal_bento4_version}-7-Omega
Name: kodi-inputstream-adaptive
-Version: 20.3.9
+Version: 20.3.11
Release: 1%{?dist}
Summary: Adaptive file addon for Kodi's InputStream interface
@@ -73,6 +73,9 @@ appstream-util validate-relax --nonet $RPM_BUILD_ROOT%{_metainfodir}/%{name}.met
%changelog
+* Tue Aug 01 2023 Michael Cronenworth <mike(a)cchtml.com> - 20.3.11-1
+- Update to 20.3.11
+
* Sat Jul 08 2023 Michael Cronenworth <mike(a)cchtml.com> - 20.3.9-1
- Update to 20.3.9
diff --git a/sources b/sources
index 49c10e0..01666eb 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (inputstream.adaptive-20.3.9-Nexus.tar.gz) = 95045e4438ee02f0fb95908e36e9e4812b5674eea167cd72ad5e75e0009f21e837cb0cc803be13b90b67318f9ef8f3c1b6ede518a8484223861ced8480240127
+SHA512 (inputstream.adaptive-20.3.11-Nexus.tar.gz) = 3f79f37b728a4a1436b081fc487684e81b531cabbd53480ef6707c1398a38ffbf068e29765eee7bb1392a60530c6e8dc94d2d97e4c8ce7f17a6514224427a792
SHA512 (Bento4-1.6.0-639-7-Omega.tar.gz) = bf257e5831eec44db944d1313858262c1ba32b6e67564bb8f809a1aa0fc8a55faaaac2357d80f1ce2e794914f6bec5263548e77802db2b9e52998af2b6276809
9 months, 1 week
[deadbeef/f37] (3 commits) ...Fix version.
by Vasiliy Glazov
Summary of changes:
52f628c... Rebuild for new ffmpeg (*)
efca143... Add MPRIS plugin to recommends. (*)
bfd1d00... Fix version. (*)
(*) This commit already existed in another branch; no separate mail sent
9 months, 1 week
[deadbeef/f38] (2 commits) ...Fix version.
by Vasiliy Glazov
Summary of changes:
efca143... Add MPRIS plugin to recommends. (*)
bfd1d00... Fix version. (*)
(*) This commit already existed in another branch; no separate mail sent
9 months, 1 week
[deadbeef] Fix version.
by Vasiliy Glazov
commit bfd1d00c12cdbe16d59f17c318073d2238963a93
Author: Vasiliy Glazov <vascom2(a)gmail.com>
Date: Tue Aug 1 10:26:33 2023 +0300
Fix version.
deadbeef.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---
diff --git a/deadbeef.spec b/deadbeef.spec
index c7a4958..3422483 100644
--- a/deadbeef.spec
+++ b/deadbeef.spec
@@ -12,7 +12,7 @@
%global ddb_output_pw_shortcommit %(c=%{mp4p_commit}; echo ${c:0:7})
Name: deadbeef
-Version: 1.9.6
+Version: 1.9.5
Release: 3%{?dist}
Summary: An audio player for GNU/Linux
9 months, 1 week
[deadbeef] Add MPRIS plugin to recommends.
by Vasiliy Glazov
commit efca1435e3c7f4a42ecddc8afd44ade8f9b22bc9
Author: Vasiliy Glazov <vascom2(a)gmail.com>
Date: Tue Aug 1 09:09:38 2023 +0300
Add MPRIS plugin to recommends.
deadbeef.spec | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
---
diff --git a/deadbeef.spec b/deadbeef.spec
index 67a250f..c7a4958 100644
--- a/deadbeef.spec
+++ b/deadbeef.spec
@@ -12,8 +12,8 @@
%global ddb_output_pw_shortcommit %(c=%{mp4p_commit}; echo ${c:0:7})
Name: deadbeef
-Version: 1.9.5
-Release: 2%{?dist}
+Version: 1.9.6
+Release: 3%{?dist}
Summary: An audio player for GNU/Linux
License: GPL-2.0-or later AND LGPL-2.0-or-later and BSD and MIT AND Zlib
@@ -62,6 +62,7 @@ BuildRequires: libdispatch-devel
Requires: hicolor-icon-theme
Requires: %{name}-plugins%{?_isa} = %{version}-%{release}
+Recommends: deadbeef-mpris2-plugin
%description
DeaDBeeF (as in 0xDEADBEEF) is an audio player for GNU/Linux systems with X11
@@ -171,6 +172,9 @@ desktop-file-validate %{buildroot}%{_datadir}/applications/%{name}.desktop
%changelog
+* Tue Aug 01 2023 Vasiliy N. Glazov <vascom2(a)gmail.com> - 1.9.5-3
+- Add mpris plugin to recommends
+
* Wed Mar 01 2023 Leigh Scott <leigh123linux(a)gmail.com> - 1.9.5-2
- Rebuild for new ffmpeg
9 months, 1 week