summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzamat H. Hackimov <azamat.hackimov@gmail.com>2018-06-09 22:26:36 +0300
committerPatrice Clement <monsieurp@gentoo.org>2018-06-23 00:17:11 +0200
commita64e78259432a21caae85b633496331235377130 (patch)
tree36e703d8085d34d8c8c76f45c20dbec33d0d449b
parentmedia-libs/libuninameslist: EAPI6, add missing die. (diff)
downloadgentoo-a64e78259432a21caae85b633496331235377130.tar.gz
gentoo-a64e78259432a21caae85b633496331235377130.tar.bz2
gentoo-a64e78259432a21caae85b633496331235377130.zip
media-sound/mp3info: patch against printf format issue.
Closes: https://bugs.gentoo.org/657668 Package-Manager: Portage-2.3.40, Repoman-2.3.9 Closes: https://github.com/gentoo/gentoo/pull/8771
-rw-r--r--media-sound/mp3info/files/mp3info-0.8.5a-format-security.patch21
-rw-r--r--media-sound/mp3info/mp3info-0.8.5a-r1.ebuild41
2 files changed, 62 insertions, 0 deletions
diff --git a/media-sound/mp3info/files/mp3info-0.8.5a-format-security.patch b/media-sound/mp3info/files/mp3info-0.8.5a-format-security.patch
new file mode 100644
index 00000000000..5a8a749b55f
--- /dev/null
+++ b/media-sound/mp3info/files/mp3info-0.8.5a-format-security.patch
@@ -0,0 +1,21 @@
+diff -Nuar mp3info-0.8.5a.orig/textfunc.c mp3info-0.8.5a/textfunc.c
+--- mp3info-0.8.5a.orig/textfunc.c 2018-06-09 21:56:18.450985762 +0300
++++ mp3info-0.8.5a/textfunc.c 2018-06-09 22:09:07.164948467 +0300
+@@ -227,7 +227,7 @@
+
+ while((percent=strchr(format,'%'))) {
+ *percent=0;
+- printf(format);
++ printf("%s", format);
+ *percent='%';
+ code=percent+1;
+ while(*code && (code[0] != '%' && !isalpha(*code))) code++;
+@@ -354,7 +354,7 @@
+ }
+
+ }
+- printf(format);
++ printf("%s", format);
+ }
+
+
diff --git a/media-sound/mp3info/mp3info-0.8.5a-r1.ebuild b/media-sound/mp3info/mp3info-0.8.5a-r1.ebuild
new file mode 100644
index 00000000000..5982213a3da
--- /dev/null
+++ b/media-sound/mp3info/mp3info-0.8.5a-r1.ebuild
@@ -0,0 +1,41 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+inherit toolchain-funcs
+
+DESCRIPTION="An MP3 technical info viewer and ID3 1.x tag editor"
+HOMEPAGE="http://ibiblio.org/mp3info/"
+SRC_URI="http://ibiblio.org/pub/linux/apps/sound/mp3-utils/${PN}/${P}.tgz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~sparc-solaris"
+IUSE="gtk"
+
+RDEPEND="
+ gtk? ( >=x11-libs/gtk+-2.6.10:2 )
+ sys-libs/ncurses:0=
+"
+DEPEND="
+ ${RDEPEND}
+ virtual/pkgconfig
+"
+
+PATCHES=(
+ "${FILESDIR}/${P}-ldflags.patch"
+ "${FILESDIR}/${P}-tinfo.patch"
+ "${FILESDIR}/${P}-format-security.patch"
+)
+
+src_compile() {
+ tc-export PKG_CONFIG
+ emake mp3info $(usex gtk gmp3info '') CC="$(tc-getCC)" CFLAGS="${CFLAGS}"
+}
+
+src_install() {
+ dobin mp3info $(usex gtk gmp3info '')
+
+ dodoc ChangeLog README
+ doman mp3info.1
+}