Compare commits

...

No commits in common. 'c9' and 'c8' have entirely different histories.
c9 ... c8

2
.gitignore vendored

@ -1 +1 @@
SOURCES/taglib-1.12.tar.gz
SOURCES/taglib-1.11.1.tar.gz

@ -1 +1 @@
c06c44223f64ef61d29372659059d6b9e27c2efd SOURCES/taglib-1.12.tar.gz
80a30eeae67392f636c9f113c60d778c2995c99e SOURCES/taglib-1.11.1.tar.gz

@ -0,0 +1,33 @@
From eb9ded1206f18f2c319157337edea2533a40bea6 Mon Sep 17 00:00:00 2001
From: "Stephen F. Booth" <me@sbooth.org>
Date: Sun, 23 Jul 2017 10:11:09 -0400
Subject: [PATCH] Don't assume TDRC is an instance of TextIdentificationFrame
If TDRC is encrypted, FrameFactory::createFrame() returns UnknownFrame
which causes problems in rebuildAggregateFrames() when it is assumed
that TDRC is a TextIdentificationFrame
---
taglib/mpeg/id3v2/id3v2framefactory.cpp | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/taglib/mpeg/id3v2/id3v2framefactory.cpp b/taglib/mpeg/id3v2/id3v2framefactory.cpp
index 759a9b7b..9347ab86 100644
--- a/taglib/mpeg/id3v2/id3v2framefactory.cpp
+++ b/taglib/mpeg/id3v2/id3v2framefactory.cpp
@@ -334,10 +334,11 @@ void FrameFactory::rebuildAggregateFrames(ID3v2::Tag *tag) const
tag->frameList("TDAT").size() == 1)
{
TextIdentificationFrame *tdrc =
- static_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
+ dynamic_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
UnknownFrame *tdat = static_cast<UnknownFrame *>(tag->frameList("TDAT").front());
- if(tdrc->fieldList().size() == 1 &&
+ if(tdrc &&
+ tdrc->fieldList().size() == 1 &&
tdrc->fieldList().front().size() == 4 &&
tdat->data().size() >= 5)
{
--
2.13.5

@ -1,31 +0,0 @@
diff -up taglib-1.12/taglib-config.cmake.multilib taglib-1.12/taglib-config.cmake
--- taglib-1.12/taglib-config.cmake.multilib 2021-02-15 05:23:07.000000000 -0600
+++ taglib-1.12/taglib-config.cmake 2021-03-03 10:16:46.584430893 -0600
@@ -16,7 +16,6 @@ EOH
prefix=@CMAKE_INSTALL_PREFIX@
exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@LIB_INSTALL_DIR@
includedir=@INCLUDE_INSTALL_DIR@
flags=""
@@ -29,7 +28,7 @@ while test $# -gt 0
do
case $1 in
--libs)
- flags="$flags -L$libdir -ltag @ZLIB_LIBRARIES_FLAGS@"
+ flags="$flags -ltag"
;;
--cflags)
flags="$flags -I$includedir -I$includedir/taglib"
diff -up taglib-1.12/taglib.pc.cmake.multilib taglib-1.12/taglib.pc.cmake
--- taglib-1.12/taglib.pc.cmake.multilib 2021-02-15 05:23:07.000000000 -0600
+++ taglib-1.12/taglib.pc.cmake 2021-03-03 10:20:26.682249784 -0600
@@ -7,5 +7,6 @@ Name: TagLib
Description: Audio meta-data library
Requires:
Version: @TAGLIB_LIB_VERSION_STRING@
-Libs: -L${libdir} -ltag @ZLIB_LIBRARIES_FLAGS@
+Libs: -L${libdir} -ltag
+Libs.private: @ZLIB_LIBRARIES_FLAGS@
Cflags: -I${includedir} -I${includedir}/taglib

@ -0,0 +1,20 @@
diff -up taglib-1.5rc1/taglib-config.cmake.multilib-2 taglib-1.5rc1/taglib-config.cmake
--- taglib-1.5rc1/taglib-config.cmake.multilib-2 2008-01-29 19:30:00.000000000 -0600
+++ taglib-1.5rc1/taglib-config.cmake 2008-02-13 06:41:11.000000000 -0600
@@ -16,7 +16,6 @@ EOH
prefix=${CMAKE_INSTALL_PREFIX}
exec_prefix=${CMAKE_INSTALL_PREFIX}
-libdir=${LIB_INSTALL_DIR}
includedir=${INCLUDE_INSTALL_DIR}
flags=""
@@ -29,7 +28,7 @@ while test $# -gt 0
do
case $1 in
--libs)
- flags="$flags -L$libdir -ltag"
+ flags="$flags -ltag"
;;
--cflags)
flags="$flags -I$includedir/taglib"

@ -0,0 +1,29 @@
diff --git a/taglib/ogg/flac/oggflacfile.cpp b/taglib/ogg/flac/oggflacfile.cpp
index 3a36ebe..01148cc 100644
--- a/taglib/ogg/flac/oggflacfile.cpp
+++ b/taglib/ogg/flac/oggflacfile.cpp
@@ -216,11 +216,22 @@ void Ogg::FLAC::File::scan()
if(!metadataHeader.startsWith("fLaC")) {
// FLAC 1.1.2+
+
+ // See https://xiph.org/flac/ogg_mapping.html for the header specification.
+ if(metadataHeader.size() < 13)
+ return;
+
+ if(metadataHeader[0] != 0x7f)
+ return;
+
if(metadataHeader.mid(1, 4) != "FLAC")
return;
- if(metadataHeader[5] != 1)
- return; // not version 1
+ if(metadataHeader[5] != 1 && metadataHeader[6] != 0)
+ return; // not version 1.0
+
+ if(metadataHeader.mid(9, 4) != "fLaC")
+ return;
metadataHeader = metadataHeader.mid(13);
}

@ -1,16 +1,16 @@
%undefine __cmake_in_source_build
## 1.11 currently disables tests with BUILD_SHARED_LIBS=ON
#bcond_without tests
#bcond_without doc
%global apidocdir __api-doc_fedora
Name: taglib
Name: taglib
Summary: Audio Meta-Data Library
Version: 1.12
Release: 6%{?dist}
Version: 1.11.1
Release: 8%{?dist}
License: LGPLv2 or MPLv1.1
#URL: http://launchpad.net/taglib
URL: http://taglib.github.io/
%if 0%{?snap:1}
Source0: taglib-%{version}-%{snap}.tar.gz
@ -21,11 +21,16 @@ Source0: http://taglib.github.io/releases/taglib-%{version}%{?beta}.tar.gz
Source1: taglib-snapshot.sh
# http://bugzilla.redhat.com/343241
# fix multilib, and drop -lz flag to consumers (probably only needed for static linking)
Patch0: taglib-1.12-multilib.patch
Patch102: taglib-1.5rc1-multilib.patch
## upstream patches
# sbooth fork/pull-request
# https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6
Patch1: 0001-Don-t-assume-TDRC-is-an-instance-of-TextIdentificati.patch
# CVE fixes
Patch50: taglib-CVE-2018-11439.patch
BuildRequires: gcc
BuildRequires: gcc-c++
BuildRequires: cmake
BuildRequires: pkgconfig
BuildRequires: zlib-devel
@ -50,10 +55,10 @@ BuildArch: noarch
This is API documentation generated from the TagLib source code.
%package devel
Summary: Development files for %{name}
Summary: Development files for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release}
%if ! %{with doc}
Obsoletes: %{name}-doc < %{version}-%{release}
Obsoletes: %{name}-doc
%endif
%description devel
Files needed when building software with %{name}.
@ -64,25 +69,28 @@ Files needed when building software with %{name}.
%build
%{cmake} \
mkdir %{_target_platform}
pushd %{_target_platform}
%{cmake} .. \
%if %{with tests}
-DBUILD_TESTS:BOOL=ON \
%endif
-DCMAKE_BUILD_TYPE:STRING="Release"
popd
%cmake_build
make %{?_smp_mflags} -C %{_target_platform}
%if %{with doc}
%cmake_build --target docs
make docs -C %{_target_platform}
%endif
%install
%cmake_install
make install/fast DESTDIR=%{buildroot} -C %{_target_platform}
%if %{with doc}
rm -fr %{apidocdir} ; mkdir %{apidocdir}
cp -a %{_vpath_builddir}/doc/html/ %{apidocdir}/
cp -a %{_target_platform}/doc/html/ %{apidocdir}/
ln -s html/index.html %{apidocdir}
find %{apidocdir} -name '*.md5' | xargs rm -fv
%endif
@ -95,7 +103,7 @@ test "$(pkg-config --modversion taglib_c)" = "%{version}"
%if %{with tests}
#ln -s ../../tests/data %{_target_platform}/tests/
#LD_LIBRARY_PATH=%{buildroot}%{_libdir}:$LD_LIBRARY_PATH \
%ctest
make check -C %{_target_platform}
%endif
%ldconfig_scriptlets
@ -122,45 +130,9 @@ test "$(pkg-config --modversion taglib_c)" = "%{version}"
%changelog
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.12-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.12-5
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 29 2021 Rex Dieter <rdieter@fedoraproject.org> - 1.12-4
- fix multilib.patch (#1943870)
* Wed Mar 03 2021 Rex Dieter <rdieter@fedoraproject.org> - 1.12-3
- -devel: fix/drop -lz references in taglib-config, taglib.pc
* Tue Feb 16 2021 Rex Dieter <rdieter@fedoraproject.org> - 1.12-2
- use versioned obsoletes
* Tue Feb 16 2021 David King <amigadave@amigadave.com> - 1.12-1
- Update to 1.12 (#1584870)
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue May 08 2018 Rex Dieter <rdieter@fedoraproject.org> - 1.11.1-8
- use %%make_build
* Tue Aug 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.11.1-8
- Fix heap-based buffer over-read via a crafted audio file (CVE-2018-11439)
Resolves: bz#1584872
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
@ -387,7 +359,7 @@ test "$(pkg-config --modversion taglib_c)" = "%{version}"
- svn20071111 snapshot (#376241)
* Thu Sep 27 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.5-0.5.20070924svn
- -BR: automake
- -BR: automake
- +BR: zlib-devel
* Thu Sep 27 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.5-0.4.20070924svn

Loading…
Cancel
Save