!11 update to 0.16.3

From: @yaqiangchen Reviewed-by: @wang--ge Signed-off-by: @wang--ge
2023-10-24 01:30:49 +00:00 · 2023-10-24 01:30:49 +00:00 · 10fbaf9f01
commit 10fbaf9f01
parent d95c39fa2f c2c7235fcf
8 changed files with 27 additions and 177 deletions
--- a/Add_unversioned_so.patch
+++ b/Add_unversioned_so.patch
@ -0,0 +1,12 @@
+diff -Nur a/CMakeLists.txt b/CMakeLists.txt
+--- a/CMakeLists.txt	2023-09-24 09:52:54.000000000 +0800
+++ b/CMakeLists.txt	2023-10-18 15:52:23.227559220 +0800
+@@ -46,7 +46,7 @@
+ 
+ set_target_properties(id3tag PROPERTIES
+   VERSION ${CMAKE_PROJECT_VERSION}
+-  SOVERSION ${LIBRARY_SOVERSION}
+  SOVERSION 0
+ )
+ 
+ include(CheckIncludeFile)
--- a/CVE-2004-2779.patch
+++ b/CVE-2004-2779.patch
@ -1,38 +0,0 @@
-From: Karol Babioch <kbabioch@suse.com>
-Date: Tue Feb 20 17:52:15 CET 2018
-Upstream: dead
-References: https://sources.debian.org/patches/libid3tag/0.15.1b-13/10_utf16.dpatch/
-Subject: Fixes utf16 handling in case of an odd number of bytes
-
-Fixes id3_utf16_deserialize() in utf16.c, which previously misparsed ID3v2 tags
-encoded in UTF-16 with an odd number of bytes, triggering an endless loop
-allocating memory until OOM leading to DoS. (CVE-2004-2779 bsc#1081959
-CVE-2017-11551 bsc#1081961)
-
---
- utf16.c |   13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-Index: libid3tag-0.15.1b/utf16.c
-===================================================================
--- libid3tag-0.15.1b.orig/utf16.c
-+++ libid3tag-0.15.1b/utf16.c
-@@ -282,5 +282,18 @@ id3_ucs4_t *id3_utf16_deserialize(id3_by
-
-   free(utf16);
-
-+  if (end == *ptr && length % 2 != 0)
-+  {
-+     /* We were called with a bogus length.  It should always
-+      * be an even number.  We can deal with this in a few ways:
-+      * - Always give an error.
-+      * - Try and parse as much as we can and
-+      *   - return an error if we're called again when we
-+      *     already tried to parse everything we can.
-+      *   - tell that we parsed it, which is what we do here.
-+      */
-+     (*ptr)++;
-+  }
-+
-   return ucs4;
- }
--- a/CVE-2017-11550.patch
+++ b/CVE-2017-11550.patch
@ -1,42 +0,0 @@
-References: https://sources.debian.org/src/libid3tag/0.15.1b-13/debian/patches/11_unknown_encoding.dpatch/
-From: Karol Babioch <kbabioch@suse.com>
-Date: Wed Feb 21 13:23:47 CET 2018
-Upstream: dead
-Subject: Fix unknown encoding when parsing ID3 tags
-
-Fixes the handling of unknown encodings when parsing ID3 tags. (CVE-2017-11550 bsc#1081962 CVE-2008-2109 bsc#387731)
-
---
- compat.gperf |    3 +++
- parse.c      |    4 ++++
- 2 files changed, 7 insertions(+)
-
-Index: libid3tag-0.15.1b/compat.gperf
-===================================================================
--- libid3tag-0.15.1b.orig/compat.gperf
-+++ libid3tag-0.15.1b/compat.gperf
-@@ -241,6 +241,9 @@ int id3_compat_fixup(struct id3_tag *tag
-     encoding = id3_parse_uint(&data, 1);
-     string   = id3_parse_string(&data, end - data, encoding, 0);
- 
-+    if (!string)
-+	continue;
-+
-     if (id3_ucs4_length(string) < 4) {
-       free(string);
-       continue;
-Index: libid3tag-0.15.1b/parse.c
-===================================================================
--- libid3tag-0.15.1b.orig/parse.c
-+++ libid3tag-0.15.1b/parse.c
-@@ -165,6 +165,10 @@ id3_ucs4_t *id3_parse_string(id3_byte_t
-   case ID3_FIELD_TEXTENCODING_UTF_8:
-     ucs4 = id3_utf8_deserialize(ptr, length);
-     break;
-+
-+  default:
-+    /* FIXME: Unknown encoding! Print warning? */
-+    return NULL;
-   }
- 
-   if (ucs4 && !full) {
--- a/libid3tag-0.15.1b-fix-the-build-issue-with-gperf-3.1.patch
+++ b/libid3tag-0.15.1b-fix-the-build-issue-with-gperf-3.1.patch
@ -1,47 +0,0 @@
-From f7eea39940917922a31185ce0735059d66374928 Mon Sep 17 00:00:00 2001
-From: jpzhang <jpzhang187@163.com>
-Date: Wed, 15 Jul 2020 11:50:44 +0800
-Subject: [PATCH] fix the build issue with gperf-3.1
-
-
-diff --git a/compat.h b/compat.h
-index 8af71ec..b3d80d9 100644
--- a/compat.h
-+++ b/compat.h
-@@ -34,7 +34,7 @@ struct id3_compat {
- };
- 
- struct id3_compat const *id3_compat_lookup(register char const *,
-					   register unsigned int);
-+					   register size_t);
- 
- int id3_compat_fixup(struct id3_tag *);
- 
-diff --git a/frametype.c b/frametype.c
-index 13c5001..4d7e0f8 100644
--- a/frametype.c
-+++ b/frametype.c
-@@ -357,7 +357,7 @@ __inline
- const struct id3_frametype *
- id3_frametype_lookup (str, len)
-      register const char *str;
-     register unsigned int len;
-+     register size_t len;
- {
-   static const struct id3_frametype wordlist[] =
-     {
-diff --git a/frametype.h b/frametype.h
-index dd064b2..b5b7593 100644
--- a/frametype.h
-+++ b/frametype.h
-@@ -37,6 +37,6 @@ extern struct id3_frametype const id3_frametype_unknown;
- extern struct id3_frametype const id3_frametype_obsolete;
- 
- struct id3_frametype const *id3_frametype_lookup(register char const *,
-						 register unsigned int);
-+						 register size_t);
- 
- # endif
-- 
-2.23.0
-
--- a/libid3tag-0.15.1b-fix_overflow.patch
+++ b/libid3tag-0.15.1b-fix_overflow.patch
@ -1,11 +0,0 @@
--- field.c.orig	2008-05-05 09:49:15.000000000 -0400
-+++ field.c	2008-05-05 09:49:25.000000000 -0400
-@@ -291,7 +291,7 @@
- 
-       end = *ptr + length;
- 
-      while (end - *ptr > 0) {
-+      while (end - *ptr > 0 && **ptr != '\0') {
- 	ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0);
- 	if (ucs4 == 0)
- 	  goto fail;
--- a/libid3tag-0.15.1b.tar.gz
+++ b/libid3tag-0.15.1b.tar.gz
--- a/libid3tag-0.16.3.tar.gz
+++ b/libid3tag-0.16.3.tar.gz
--- a/libid3tag.spec
+++ b/libid3tag.spec
@ -1,15 +1,12 @@
 Name:           libid3tag
-Version:        0.15.1b
-Release:        21
+Version:        0.16.3
+Release:        1
 Summary:        ID3 tag manipulation library
 License:        GPLv2+
-URL:            http://www.underbit.com/products/mad/
-Source0:        http://downloads.sourceforge.net/mad/%{name}-%{version}.tar.gz
-Patch0:         libid3tag-0.15.1b-fix_overflow.patch
-Patch1:         libid3tag-0.15.1b-fix-the-build-issue-with-gperf-3.1.patch 
-Patch6000:      CVE-2004-2779.patch
-Patch6001:      CVE-2017-11550.patch
-BuildRequires:  zlib-devel >= 1.1.4 libtool gperf >= 3.1
+URL:            http://codeberg.org/tenacityteam/libid3tag
+Source0:        http://codeberg.org/tenacityteam/libid3tag/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Patch0:         Add_unversioned_so.patch
+BuildRequires:  gcc-c++ cmake make zlib-devel >= 1.1.4 libtool gperf >= 3.1

 %description
 libid3tag is a library for reading and (eventually) writing ID3 tags,
@ -23,40 +20,15 @@ Requires:       %{name} = %{version}-%{release}
 ID3 tag library development files.

 %prep
-%setup -q
-%patch0 -p0 -b .CVE-2008-2109
-%patch1 -p1
-%patch6000 -p1
-%patch6001 -p1
-touch NEWS AUTHORS ChangeLog
-autoreconf -i -f
-
-# *.pc originally from the Debian package.
-cat << \EOF > %{name}.pc
-prefix=%{_prefix}
-exec_prefix=%{_exec_prefix}
-libdir=%{_libdir}
-includedir=%{_includedir}
-
-Name: id3tag
-Description: ID3 tag manipulation library
-Requires:
-Version: %{version}
-Libs: -lid3tag
-Cflags:
-EOF
+%autosetup -p1 -n %{name}

 %build
-%configure --disable-static
-# configure strips -g, -O2 from CFLAGS, override it here
-make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS"
-
+%cmake
+%make_build

 %install
-make install DESTDIR=$RPM_BUILD_ROOT
+%make_install
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
-install -Dpm 644 %{name}.pc $RPM_BUILD_ROOT%{_libdir}/pkgconfig/id3tag.pc
-

 %post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
@ -65,14 +37,18 @@ install -Dpm 644 %{name}.pc $RPM_BUILD_ROOT%{_libdir}/pkgconfig/id3tag.pc
 %files
 %doc CHANGES COPYING COPYRIGHT CREDITS README TODO
 %{_libdir}/libid3tag.so.*
-%{_libdir}/libid3tag.so

 %files devel
 %{_includedir}/id3tag.h
+%{_libdir}/libid3tag.so
+%{_libdir}/cmake/id3tag
 %{_libdir}/pkgconfig/id3tag.pc


 %changelog
+* Wed Oct 18 2023 chenyaqiang <chengyaqiang@huawei.com> - 0.16.3-1
+- update to 0.16.3
+
 * Wed Jul 15 2020 zhangjiapeng<zhangjiapeng9@huawei.com> - 0.15.1b-21
 - Type:bugfix
 - ID:NA