commit: d3251f82484c3f9b488a3f1fa1d87f9e0172cdbd
Author: Pacho Ramos <pacho <AT> gentoo <DOT> org>
AuthorDate: Sat Apr 21 14:34:19 2018 +0000
Commit: Pacho Ramos <pacho <AT> gentoo <DOT> org>
CommitDate: Sat Apr 21 14:37:51 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d3251f82
media-sound/mp3gain: Bump (#630954), fix CVE-2017-12911 (#635548)
Package-Manager: Portage-2.3.28, Repoman-2.3.9
media-sound/mp3gain/Manifest | 1 +
.../files/mp3gain-1.6.1-CVE-2017-12911.patch | 77 ++++++++++++++++++++++
media-sound/mp3gain/mp3gain-1.6.1.ebuild | 34 ++++++++++
3 files changed, 112 insertions(+)
diff --git a/media-sound/mp3gain/Manifest b/media-sound/mp3gain/Manifest
index e9eedc0a445..8dadde8a3c5 100644
--- a/media-sound/mp3gain/Manifest
+++ b/media-sound/mp3gain/Manifest
@@ -1 +1,2 @@
DIST mp3gain-1_5_2-src.zip 129435 BLAKE2B
39ad12a09e58375c23602939097622fda0cb6b7487e95947d5443fce55f4d2163c15df619f96b1839acf99bba9ed8ad1990bab287e1392c30813d185d823d734
SHA512
1a7ac51bf0108c1f6fbd610c513bf7fd2c64d340a2ba23dc9fa5c3b896b279474f31f2d60318f409576e39f7643dd585d3e159e2a4db4553f7c9cc3761b7f388
+DIST mp3gain-1_6_1-src.zip 68932 BLAKE2B
8c1ed35123f1613e189ec7bd74ee9f6176404a1b79c660f8f1a6df461cdfd3c6bb505daa09b8cc4756e1755d0923fe473a45c3ae171fcf35df22daaa08a7717a
SHA512
6d26a7716a1901c80caff9d7fb03a454a452c06c6a57a7a921d5979727e112ba139690d8a287dde7a6e5a09b022d3c6f57193b4756a9c25caa177cef65f9e375
diff --git a/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch
b/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch
new file mode 100644
index 00000000000..0b5a3228096
--- /dev/null
+++ b/media-sound/mp3gain/files/mp3gain-1.6.1-CVE-2017-12911.patch
@@ -0,0 +1,77 @@
+--- a/apetag.c
++++ b/apetag.c
+@@ -49,6 +49,12 @@
+
+ static int Lyrics3GetNumber6 ( const unsigned char* string )
+ {
++ if (string[0] < '0' || string[0] > '9') return 0;
++ if (string[1] < '0' || string[1] > '9') return 0;
++ if (string[2] < '0' || string[2] > '9') return 0;
++ if (string[3] < '0' || string[3] > '9') return 0;
++ if (string[4] < '0' || string[4] > '9') return 0;
++ if (string[5] < '0' || string[5] > '9') return 0;
+ return ( string[0] - '0') * 100000 +
+ ( string[1] - '0') * 10000 +
+ ( string[2] - '0') * 1000 +
+@@ -86,12 +92,14 @@
+ free(*id3tagbuff);
+ *id3tagbuff = (unsigned char *)malloc(128);
+ memcpy(*id3tagbuff,tmpid3,128);
++ if ( *tag_offset < (128 + (long)(sizeof(T))) ) return 0;
+ if ( fseek (fp, *tag_offset - 128 - sizeof (T), SEEK_SET) ) return 0;
+ if ( fread (&T, 1, sizeof (T), fp) != sizeof (T) ) return 0;
+ // check for lyrics3 v2.00 tag
+ if ( memcmp (T.ID, "LYRICS200", sizeof (T.ID)) ) return 0;
+ len = Lyrics3GetNumber6 (T.Length);
+- if ( fseek (fp, *tag_offset - 128 - (int)sizeof (T) - len, SEEK_SET) )
return 0;
++ if (*tag_offset < (128 + (long)(sizeof(T)) + len)) return 0;
++ if ( fseek (fp, *tag_offset - 128 - (long)sizeof (T) - len, SEEK_SET) )
return 0;
+ if ( fread (tmp, 1, 11, fp) != 11 ) return 0;
+ if ( memcmp (tmp, "LYRICSBEGIN", 11) ) return 0;
+
+@@ -167,6 +175,7 @@
+ Ver = Read_LE_Uint32 (T.Version);
+ if ( (Ver != 1000) && (Ver != 2000) ) return 0;
+ if ( (TagLen = Read_LE_Uint32 (T.Length)) < sizeof (T) ) return 0;
++ if (*tag_offset < TagLen) return 0;
+ if ( fseek (fp, *tag_offset - TagLen, SEEK_SET) ) return 0;
+ buff = (char *)malloc (TagLen);
+ if ( fread (buff, 1, TagLen - sizeof (T), fp) != (TagLen - sizeof (T)) ) {
+@@ -285,6 +294,7 @@
+ (*apeTag)->originalTagSize = TagLen;
+
+ if ( Read_LE_Uint32 (T.Flags) & (1<<31) ) { // Tag contains header
++ if (*tag_offset < (long)(sizeof(T))) return 0;
+ *tag_offset -= sizeof (T);
+
+ fseek (fp, *tag_offset, SEEK_SET);
+@@ -355,14 +365,14 @@
+ */
+ int ReadMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct
FileTagsStruct *fileTags) {
+ FILE *fi;
+- long tag_offset, offs_bk;
++ long tag_offset, offs_bk, file_size;
+
+ fi = fopen(filename, "rb");
+ if (fi == NULL)
+ return 0;
+
+ fseek(fi, 0, SEEK_END);
+- tag_offset = ftell(fi);
++ tag_offset = file_size = ftell(fi);
+
+ fileTags->lyrics3TagSize = 0;
+
+@@ -373,7 +383,11 @@
+ ReadMP3ID3v1Tag ( fi, &(fileTags->id31tag), &tag_offset );
+ } while ( offs_bk != tag_offset );
+
+- fileTags->tagOffset = tag_offset;
++ if (tag_offset >= 0 && tag_offset <= file_size) {
++ fileTags->tagOffset = tag_offset;
++ } else { //Corrupt tag information, simply default to end-of-file
++ fileTags->tagOffset = file_size;
++ }
+
+ fclose(fi);
+
\ No newline at end of file
diff --git a/media-sound/mp3gain/mp3gain-1.6.1.ebuild
b/media-sound/mp3gain/mp3gain-1.6.1.ebuild
new file mode 100644
index 00000000000..81548cbb0e1
--- /dev/null
+++ b/media-sound/mp3gain/mp3gain-1.6.1.ebuild
@@ -0,0 +1,34 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit toolchain-funcs
+
+MY_P="${P//./_}"
+
+DESCRIPTION="A program to analyze and adjust MP3 files to same volume"
+HOMEPAGE="http://mp3gain.sourceforge.net/";
+SRC_URI="mirror://sourceforge/${PN}/${MY_P}-src.zip"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux
~ppc-macos ~x86-macos"
+IUSE=""
+
+RDEPEND="
+ app-arch/unzip
+ media-sound/mpg123
+"
+DEPEND="${RDEPEND}"
+
+PATCHES=( "${FILESDIR}"/${P}-CVE-2017-12911.patch )
+
+S="${WORKDIR}"
+
+src_compile() {
+ emake CC="$(tc-getCC)"
+}
+
+src_install() {
+ dobin mp3gain
+}
