Compare commits

...

1 Commits
epel9 ... i10ce

Author SHA1 Message Date
Arkady L. Shane cb1fdc3e1a
import opusfile-0.12-15.el10
2 weeks ago

2
.gitignore vendored

@ -1 +1 @@
/opusfile-0.*.tar.gz SOURCES/opusfile-0.12.tar.gz

@ -0,0 +1 @@
3e86971fef28292f982a32730632b1d531059ed5 SOURCES/opusfile-0.12.tar.gz

@ -0,0 +1,40 @@
From 0a4cd796df5b030cb866f3f4a5e41a4b92caddf5 Mon Sep 17 00:00:00 2001
From: Ralph Giles <giles@thaumas.net>
Date: Tue, 6 Sep 2022 19:04:31 -0700
Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer.
Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns
a null pointer. This allows more graceful recovery by the caller
in the unlikely event of a fallible ogg_malloc call.
We do check the return value elsewhere in the code, so the new
checks make the code more consistent.
Thanks to https://github.com/xiph/opusfile/issues/36 for reporting.
Signed-off-by: Timothy B. Terriberry <tterribe@xiph.org>
Signed-off-by: Mark Harris <mark.hsj@gmail.com>
---
src/opusfile.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/opusfile.c b/src/opusfile.c
index ca219b2..3c3c81e 100644
--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -148,6 +148,7 @@ static int op_get_data(OggOpusFile *_of,int _nbytes){
int nbytes;
OP_ASSERT(_nbytes>0);
buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes);
OP_ASSERT(nbytes<=_nbytes);
if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes);
@@ -1527,6 +1528,7 @@ static int op_open1(OggOpusFile *_of,
if(_initial_bytes>0){
char *buffer;
buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer));
ogg_sync_wrote(&_of->oy,(long)_initial_bytes);
}

@ -1,16 +1,24 @@
Name: opusfile Name: opusfile
Version: 0.12 Version: 0.12
Release: 6%{?dist} %global soname_version 0
Release: 15%{?dist}
Summary: A high-level API for decoding and seeking within .opus files Summary: A high-level API for decoding and seeking within .opus files
License: BSD License: BSD-3-Clause
URL: https://www.opus-codec.org/ URL: https://www.opus-codec.org/
Source0: https://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz Source0: https://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz
# Propagate allocation failure from ogg_sync_buffer.
# https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5
#
# Fixes CVE-2022-47021.
# A potential bug of NPD
# https://github.com/xiph/opusfile/issues/36
Patch1: https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5.patch#/CVE-2022-47021.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
BuildRequires: libogg-devel BuildRequires: pkgconfig(ogg)
BuildRequires: openssl-devel BuildRequires: pkgconfig(openssl)
BuildRequires: opus-devel BuildRequires: pkgconfig(opus)
%description %description
libopusfile provides a high-level API for decoding and seeking libopusfile provides a high-level API for decoding and seeking
@ -27,13 +35,14 @@ decoded with a single output format, even if the channel count changes).
%package devel %package devel
Summary: Development package for %{name} Summary: Development package for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig # The public API headers include ogg/ogg.h.
Requires: pkgconfig(ogg)
%description devel %description devel
Files for development with %{name}. Files for development with %{name}.
%prep %prep
%setup -q %autosetup -p1
%build %build
%configure --disable-static %configure --disable-static
@ -46,13 +55,11 @@ Files for development with %{name}.
#Remove libtool archives. #Remove libtool archives.
find %{buildroot} -type f -name "*.la" -delete find %{buildroot} -type f -name "*.la" -delete
%ldconfig_scriptlets
%files %files
%license COPYING %license COPYING
%doc AUTHORS %doc AUTHORS
%{_libdir}/libopusfile.so.* %{_libdir}/libopusfile.so.%{soname_version}{,.*}
%{_libdir}/libopusurl.so.* %{_libdir}/libopusurl.so.%{soname_version}{,.*}
%files devel %files devel
%doc %{_docdir}/%{name} %doc %{_docdir}/%{name}
@ -63,6 +70,37 @@ find %{buildroot} -type f -name "*.la" -delete
%{_libdir}/libopusurl.so %{_libdir}/libopusurl.so
%changelog %changelog
* Sat Dec 28 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 0.12-15
- Rebuilt for MSVSphere 10
* Sat Sep 21 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 0.12-15
- Identify the license as BSD-3-Clause
- Make opusfile-devel depend on libogg-devel
* Mon Sep 02 2024 Miroslav Suchý <msuchy@redhat.com> - 0.12-14
- convert license to SPDX
* Thu Jul 18 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Feb 01 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.12-9
- Add upstream fix for CVE-2022-47021
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-6 * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

@ -1 +0,0 @@
SHA512 (opusfile-0.12.tar.gz) = e25e6968a3183ac0628ce1000840fd6f9f636e92ba984d6a72b76fb2a98ec632d2de4c66a8e4c05ef30655c2a4a13ab35f89606fa7d79a54cfa8506543ca57af
Loading…
Cancel
Save