commit 41118893f4d0cef0490923fc3119900ecbf85a5e Author: Sérgio M. Basto <sergio(a)serjux.com&gt; Date: Wed Aug 2 03:28:04 2023 +0100 fix snprintf overflow fix_snprintf-overflow.patch | 92 +++++++++++++++++++++++++++++++++++++++++++++ libmp3splt.spec | 4 +- 2 files changed, 95 insertions(+), 1 deletion(-) --- diff --git a/fix_snprintf-overflow.patch b/fix_snprintf-overflow.patch new file mode 100644 index 0000000..74228cd --- /dev/null +++ b/fix_snprintf-overflow.patch @@ -0,0 +1,92 @@ +--- ./src/oformat_parser.c.orig 2023-08-02 03:16:38.992748757 +0100 ++++ ./src/oformat_parser.c 2023-08-02 03:26:12.218903547 +0100 +@@ -534,7 +534,7 @@ put_value: + int max_number_of_digits = splt_u_get_requested_num_of_digits(state, + state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE); + +- snprintf(temp + offset, temp_len, "%s", format); ++ snprintf(temp + offset, temp_len - offset, "%s", format); + + fm_length = strlen(temp) + 1 + max_number_of_digits; + if ((fm = malloc(fm_length * sizeof(char))) == NULL) +@@ -564,7 +564,7 @@ put_value: + // + if (artist_or_performer != NULL) + { +- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len-2, "%s", state->oformat.format[i]+2); + + int artist_length = 0; + artist_length = strlen(artist_or_performer); +@@ -609,7 +609,7 @@ put_value: + // + if (artist != NULL) + { +- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len-2, "%s", state->oformat.format[i]+2); + + int artist_length = 0; + artist_length = strlen(artist); +@@ -655,7 +655,7 @@ put_value: + { + int album_length = 0; + album_length = strlen(album); +- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + album_length + 1; + } +@@ -699,7 +699,7 @@ put_value: + { + int genre_length = 0; + genre_length = strlen(genre); +- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + genre_length + 1; + } +@@ -743,7 +743,7 @@ put_value: + { + int title_length = 0; + title_length = strlen(title); +- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + title_length + 1; + } +@@ -787,7 +787,7 @@ put_value: + { + int performer_length = 0; + performer_length = strlen(performer); +- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2); + + fm_length = strlen(temp) + performer_length + 1; + } +@@ -862,7 +862,7 @@ put_value: + const char *format = + splt_u_get_format_ptr(state->oformat.format[i], temp, NULL); + +- snprintf(temp + 4, temp_len, "%s", format + 2); ++ snprintf(temp + 4, temp_len-4, "%s", format + 2); + fm_length = strlen(temp) + 1 + max_num_of_digits; + } + else +@@ -903,7 +903,7 @@ put_value: + original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state))); + if (original_filename) + { +- snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2,temp_len-2 , "%s", state->oformat.format[i]+2); + + splt_su_cut_extension(original_filename); + +@@ -934,7 +934,7 @@ put_value: + + if (last_dir) + { +- snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); ++ snprintf(temp+2, temp_len-2, "%s", state->oformat.format[i]+2); + + int last_dir_length = strlen(last_dir); + diff --git a/libmp3splt.spec b/libmp3splt.spec index 71545c5..a45de20 100644 --- a/libmp3splt.spec +++ b/libmp3splt.spec @@ -11,6 +11,7 @@ Group: Development/Libraries Source: http://downloads.sourceforge.net/mp3splt/%{name}-%{version}.tar.gz URL: http://mp3splt.sourceforge.net/ Patch0: v0.9.2..385d2001_2020-11-10.patch +Patch1: fix_snprintf-overflow.patch BuildRequires: gettext BuildRequires: libid3tag-devel @@ -49,7 +50,8 @@ This package contains development files for the mp3splt project. %prep %setup -q -%patch0 -p2 +%patch -P0 -p2 +%patch -P1 -p1 %build autoreconf -fiv