diff options
Diffstat (limited to 'media-sound/mp3gain')
| -rw-r--r-- | media-sound/mp3gain/Manifest | 3 | ||||
| -rw-r--r-- | media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch | 183 | ||||
| -rw-r--r-- | media-sound/mp3gain/mp3gain-1.6.2.ebuild | 33 |
3 files changed, 219 insertions, 0 deletions
diff --git a/media-sound/mp3gain/Manifest b/media-sound/mp3gain/Manifest index 057a491ee290..16541bfa70cf 100644 --- a/media-sound/mp3gain/Manifest +++ b/media-sound/mp3gain/Manifest @@ -1,4 +1,7 @@ AUX mp3gain-1.6.1-CVE-2017-12911.patch 2804 BLAKE2B 71d410abe4196cb47d4f006af7d8fd73a0308280ce57aaa955434c9f7b1bb8bf3363eb1ad8dbe0da3b5dd79e4ac5a355b796cdc253608c5bf2ba7c03527c3b32 SHA512 b5b093f18160cd4205870952d8f092c300f66d6fa025ac09114f55b1e5b37af6ab8ea1b505e33446f6c7153a5ffad04c001b67f9a069db8d3418c6fae3e73002 +AUX mp3gain-1.6.2-CVE-2019-18359-plus.patch 6742 BLAKE2B 1216085064f712751ad9c7739a5d7a3ae9ca258ce41860a177756005b911371b6784a6ee4b7b68e829e5e1b4eede86287abd048cca01db99c53aa1ac9ff94c8f SHA512 b795167c594b106b8f6336d4c975bb73812a4fbcd5e16cfcedfaeff0c291f6ea01e62f20318d5107e62c9c42e843e8cd618745acdd17fd35c4e9a5052d85227e DIST mp3gain-1_6_1-src.zip 68932 BLAKE2B 8c1ed35123f1613e189ec7bd74ee9f6176404a1b79c660f8f1a6df461cdfd3c6bb505daa09b8cc4756e1755d0923fe473a45c3ae171fcf35df22daaa08a7717a SHA512 6d26a7716a1901c80caff9d7fb03a454a452c06c6a57a7a921d5979727e112ba139690d8a287dde7a6e5a09b022d3c6f57193b4756a9c25caa177cef65f9e375 +DIST mp3gain-1_6_2-src.zip 71246 BLAKE2B 5172c2103bb2267bf819f36180e9cd7a9d57df6f7ddc29900e9063f97c4513972053bb0c3f1f69f7ddd12ec0cf4251e93e1b6920389a8246bfdd5650176a90d2 SHA512 ec9de6c755120480ccb72b34a0042aea7546ef923090ab04e420d5b189523b4504e29952a3d695d3c42c74348f5c3c9123ff090bcc671e43375711e085d67480 EBUILD mp3gain-1.6.1.ebuild 672 BLAKE2B f4bc25038d8ffde1df40f0a08b602f2c05e88870b6495cf83022acc273736ec19f1ca76e5451e07ffc1d1ed657fc6d92700d56eb5c92dfe60d5690d6c7284c22 SHA512 770d05807d4529c126a9b113dd95cf4b04abd8a5d0d3e8a9f3fe8a4d5a4f5c9ea96366eb293f8070a856694b3d6c1771d4273addc213e55f5616f6c63e7ea443 +EBUILD mp3gain-1.6.2.ebuild 683 BLAKE2B 0c38eb9b821c7514d02a9420035cd13d3edfc1cfb22883a2d408d37db2132c1f5dc98f3c9a33af7396e4e7919acf18b65f82d431f68cbfdb245d6ff24351e5bc SHA512 34cc9782ca9752e7fe9500d805277fc26bdf1293832d69c1fcb8b3db63f0aadd2f4ba2c9c7f03fb9569abb1038015a0b1bc206a8604c8e5b5d01dd67bf37499d MISC metadata.xml 452 BLAKE2B c0b22d81f8e91934b834281f256b67e4e61a86fe9cfee08ace713baa8ff28221393594e9199aa631889c2b7e25b50bc108876b3f991ea7bef7575e486d5b206a SHA512 8ab00c2369fea3ed2ae75f5d04939ac81f4f227236215556157c3616ce1d72636c94af0988f06c995a08dd95c3774635c5d954e6992a077c20c7472be907a119 diff --git a/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch b/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch new file mode 100644 index 000000000000..5f05fc1bf27b --- /dev/null +++ b/media-sound/mp3gain/files/mp3gain-1.6.2-CVE-2019-18359-plus.patch @@ -0,0 +1,183 @@ +openSUSE patch: https://build.opensuse.org/package/view_file/openSUSE:Factory/mp3gain/0001-fix-security-bugs.patch?expand=1 +Gentoo bug: https://bugs.gentoo.org/717940 +---- +From: Jason Craig <os-dev@jacraig.com> +Date: Mon, 30 Mar 2020 12:43:20 -0600 +Subject: [PATCH] Fix various security issues including CVE-2019-18359 +References: boo#1154971 +Upstream: dead + +Multiple POCs at https://github.com/zjuchenyuan/fuzzpoc were fixed. +--- a/apetag.c ++++ b/apetag.c +@@ -16,6 +16,13 @@ + #define _stricmp strcasecmp + #endif /* WIN32 */ + ++// Min and max values for gain and peak in order to fit in allotted space in the APE tags. For gain that is nine chars, ++// including a + or -. For peak that is eight chars, including a - but no +. Both will always have six precision digits. ++#define MIN_GAIN -9.999999 ++#define MAX_GAIN 9.999999 ++#define MIN_PEAK -9.99999 ++#define MAX_PEAK 9.999999 ++ + int ReadMP3ID3v1Tag(FILE *fi, unsigned char **tagbuff, long *tag_offset) { + char tmp[128]; + +@@ -102,9 +109,9 @@ static int ReadMP3Lyrics3v2Tag ( FILE *fp, unsigned char **tagbuff, unsigned lon + if ( fseek (fp, *tag_offset - 128 - (long)sizeof (T) - len, SEEK_SET) ) return 0; + if ( fread (tmp, 1, 11, fp) != 11 ) return 0; + if ( memcmp (tmp, "LYRICSBEGIN", 11) ) return 0; +- ++ + taglen = 128 + Lyrics3GetNumber6(T.Length) + sizeof(T); +- ++ + *tag_offset -= taglen; + if (*tagbuff != NULL) { + free(*tagbuff); +@@ -142,7 +149,7 @@ enum { + + unsigned long strlen_max(const char * ptr, unsigned long max) { + unsigned long n = 0; +- while (ptr[n] && n < max) n++; ++ while (n < max && ptr[n]) n++; + return n; + } + +@@ -234,6 +241,14 @@ int ReadMP3APETag ( FILE *fp, struct MP3GainTagInfo *info, struct APETagStruct + info->albumPeak = atof(value); + } else if (!_stricmp(name,"MP3GAIN_UNDO")) { + /* value should be something like "+003,+003,W" */ ++ /* If the file didn't specify enough bytes for the value (at least 11...see above), skip the tag. */ ++ if(vsize < 11) ++ { ++ free(value); ++ free(name); ++ p += isize + 1 + vsize; ++ continue; ++ } + info->haveUndo = !0; + vp = value; + memcpy(tmpString,vp,4); +@@ -251,6 +266,14 @@ int ReadMP3APETag ( FILE *fp, struct MP3GainTagInfo *info, struct APETagStruct + } + } else if (!_stricmp(name,"MP3GAIN_MINMAX")) { + /* value should be something like "001,153" */ ++ /* If the file didn't specify enough bytes for the value (at least 7...see above), skip the tag. */ ++ if(vsize < 7) ++ { ++ free(value); ++ free(name); ++ p += isize + 1 + vsize; ++ continue; ++ } + info->haveMinMaxGain = !0; + vp = value; + memcpy(tmpString,vp,3); +@@ -289,7 +312,7 @@ int ReadMP3APETag ( FILE *fp, struct MP3GainTagInfo *info, struct APETagStruct + } + + free (buff); +- ++ + *tag_offset -= TagLen; + (*apeTag)->originalTagSize = TagLen; + +@@ -318,7 +341,7 @@ int ReadMP3APETag ( FILE *fp, struct MP3GainTagInfo *info, struct APETagStruct + int truncate_file (char *filename, long truncLength) { + + #ifdef WIN32 +- ++ + int fh, result; + + /* Open a file */ +@@ -370,10 +393,10 @@ int ReadMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct FileT + fi = fopen(filename, "rb"); + if (fi == NULL) + return 0; +- ++ + fseek(fi, 0, SEEK_END); + tag_offset = file_size = ftell(fi); +- ++ + fileTags->lyrics3TagSize = 0; + + do { +@@ -515,7 +538,7 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + Write_LE_Uint32(newFooter.Flags,1<<31); /* tag has header */ + memset(newFooter.Reserved,0,sizeof(newFooter.Reserved)); + } +- ++ + if (info->haveMinMaxGain) { + /* 8 bytes + "MP3GAIN_MINMAX" + '/0' + "123,123" = 30 bytes */ + Write_LE_Uint32(mp3gainTagData,7); +@@ -575,7 +598,10 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + mp3gainTagData += 4; + strcpy(mp3gainTagData, "REPLAYGAIN_TRACK_GAIN"); + mp3gainTagData += 22; +- sprintf(valueString,"%-+9.6f", info->trackGain); ++ // Clamp the gain value to ensure that sprintf won't put more than 9 chars in valueString. In cases of very ++ // large trackGain value, valueString could overflow. ++ sprintf(valueString, "%-+9.6f", info->trackGain < MIN_GAIN ? MIN_GAIN ++ : (info->trackGain > MAX_GAIN ? MAX_GAIN : info->trackGain)); + memcpy(mp3gainTagData, valueString, 9); + mp3gainTagData += 9; + memcpy(mp3gainTagData, " dB", 3); +@@ -589,7 +615,10 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + mp3gainTagData += 4; + strcpy(mp3gainTagData, "REPLAYGAIN_TRACK_PEAK"); + mp3gainTagData += 22; +- sprintf(valueString,"%-8.6f", info->trackPeak); ++ // Clamp the peak value to ensure that sprintf won't put more than 8 chars in valueString. In cases of very ++ // large trackPeak value, valueString could overflow. ++ sprintf(valueString,"%-8.6f", info->trackPeak < MIN_PEAK ? MIN_PEAK ++ : (info->trackPeak > MAX_PEAK ? MAX_PEAK : info->trackPeak)); + memcpy(mp3gainTagData, valueString, 8); + mp3gainTagData += 8; + } +@@ -601,7 +630,9 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + mp3gainTagData += 4; + strcpy(mp3gainTagData, "REPLAYGAIN_ALBUM_GAIN"); + mp3gainTagData += 22; +- sprintf(valueString,"%-+9.6f", info->albumGain); ++ // Clamp the gain value, see haveTrackGain if above. ++ sprintf(valueString,"%-+9.6f", info->albumGain < MIN_GAIN ? MIN_GAIN ++ : (info->albumGain > MAX_GAIN ? MAX_GAIN : info->albumGain)); + memcpy(mp3gainTagData, valueString, 9); + mp3gainTagData += 9; + memcpy(mp3gainTagData, " dB", 3); +@@ -615,7 +646,9 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + mp3gainTagData += 4; + strcpy(mp3gainTagData, "REPLAYGAIN_ALBUM_PEAK"); + mp3gainTagData += 22; +- sprintf(valueString,"%-8.6f", info->albumPeak); ++ // Clamp the peak value, see haveTrackPeak if above. ++ sprintf(valueString,"%-8.6f", info->albumPeak < MIN_PEAK ? MIN_PEAK ++ : (info->albumPeak > MAX_PEAK ? MAX_PEAK : info->albumPeak)); + memcpy(mp3gainTagData, valueString, 8); + mp3gainTagData += 8; + } +@@ -641,7 +674,7 @@ int WriteMP3GainAPETag (char *filename, struct MP3GainTagInfo *info, struct File + } //no Lyrics3 tag + + fclose(outputFile); +- ++ + if (saveTimeStamp) + fileTime(filename,setStoredTime); + +@@ -666,7 +699,7 @@ int RemoveMP3GainAPETag (char *filename, int saveTimeStamp) { + info.haveMinMaxGain = 0; + info.haveAlbumMinMaxGain = 0; + info.haveUndo = 0; +- ++ + fileTags.apeTag = NULL; + fileTags.id31tag = NULL; + fileTags.lyrics3tag = NULL; + + diff --git a/media-sound/mp3gain/mp3gain-1.6.2.ebuild b/media-sound/mp3gain/mp3gain-1.6.2.ebuild new file mode 100644 index 000000000000..032698c2c633 --- /dev/null +++ b/media-sound/mp3gain/mp3gain-1.6.2.ebuild @@ -0,0 +1,33 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs + +MY_P="${P//./_}" + +DESCRIPTION="A program to analyze and adjust MP3 files to same volume" +HOMEPAGE="http://mp3gain.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}-src.zip" +S="${WORKDIR}" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha amd64 ~hppa ~ppc ~ppc64 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos" + +BDEPEND="app-arch/unzip" +RDEPEND="media-sound/mpg123" +DEPEND="${RDEPEND}" + +PATCHES=( + "${FILESDIR}/${PN}-1.6.2-CVE-2019-18359-plus.patch" +) + +src_compile() { + emake CC="$(tc-getCC)" +} + +src_install() { + dobin mp3gain +} |