From 415856bdd4f48ab4f2732996f0bae58595092bbe Mon Sep 17 00:00:00 2001
From: Parabola <dev@list.parabolagnulinux.org>
Date: Tue, 5 Apr 2011 14:26:38 +0000
Subject: Tue Apr  5 14:26:38 UTC 2011

---
 extra/id3lib/PKGBUILD                              | 29 ++++++++
 extra/id3lib/id3lib-3.8.3-CVE-2007-4460.patch      | 49 +++++++++++++
 extra/id3lib/id3lib-3.8.3-gcc-4.3.patch            | 83 ++++++++++++++++++++++
 .../patch_id3lib_3.8.3_UTF16_writing_bug.diff      | 39 ++++++++++
 4 files changed, 200 insertions(+)
 create mode 100644 extra/id3lib/PKGBUILD
 create mode 100644 extra/id3lib/id3lib-3.8.3-CVE-2007-4460.patch
 create mode 100644 extra/id3lib/id3lib-3.8.3-gcc-4.3.patch
 create mode 100644 extra/id3lib/patch_id3lib_3.8.3_UTF16_writing_bug.diff

(limited to 'extra/id3lib')

diff --git a/extra/id3lib/PKGBUILD b/extra/id3lib/PKGBUILD
new file mode 100644
index 000000000..44263c9c9
--- /dev/null
+++ b/extra/id3lib/PKGBUILD
@@ -0,0 +1,29 @@
+# $Id: PKGBUILD 2130 2008-05-26 00:08:23Z eric $
+# Maintainer: 
+# Contributor: Jochem Kossen <j.kossen@home.nl>
+pkgname=id3lib
+pkgver=3.8.3
+pkgrel=10
+pkgdesc="An open-source, cross-platform software development library for reading, writing, and manipulating ID3v1 and ID3v2 tags"
+arch=(i686 x86_64)
+license=('LGPL')
+url="http://id3lib.sourceforge.net/"
+depends=('zlib' 'gcc-libs')
+options=('!libtool')
+source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.gz
+	patch_id3lib_3.8.3_UTF16_writing_bug.diff
+	id3lib-3.8.3-CVE-2007-4460.patch
+	id3lib-3.8.3-gcc-4.3.patch)
+md5sums=('19f27ddd2dda4b2d26a559a4f0f402a7' '196c65adee1ba511ddacef2de0dfd102'\
+         '78e90e15ddd1122b66da352b6c3b00ff' 'fdbffd2d9d289ed0d730950c78d4ebc4')
+
+build() {
+  cd ${startdir}/src/${pkgname}-${pkgver}
+  patch -Np1 -i ${startdir}/src/patch_id3lib_3.8.3_UTF16_writing_bug.diff || return 1
+  patch -Np0 -i ${startdir}/src/id3lib-3.8.3-CVE-2007-4460.patch || return 1
+  patch -Np1 -i ${startdir}/src/id3lib-3.8.3-gcc-4.3.patch || return 1
+  ./configure --prefix=/usr
+  sed -i -e 's/^LIBS =/LIBS = -lz -lstdc++/' src/Makefile || return 1
+  make || return 1
+  make DESTDIR=${startdir}/pkg install
+}
diff --git a/extra/id3lib/id3lib-3.8.3-CVE-2007-4460.patch b/extra/id3lib/id3lib-3.8.3-CVE-2007-4460.patch
new file mode 100644
index 000000000..daa08667b
--- /dev/null
+++ b/extra/id3lib/id3lib-3.8.3-CVE-2007-4460.patch
@@ -0,0 +1,49 @@
+--- src/tag_file.cpp
++++ src/tag_file.cpp
+@@ -242,8 +242,8 @@
+     strcpy(sTempFile, filename.c_str());
+     strcat(sTempFile, sTmpSuffix.c_str());
+ 
+-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+-    // This section is for Windows folk && gcc 3.x folk
++#if !defined(HAVE_MKSTEMP)
++    // This section is for Windows folk
+     fstream tmpOut;
+     createFile(sTempFile, tmpOut);
+ 
+@@ -257,7 +257,7 @@
+       tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+ 
+-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#else //!defined(HAVE_MKSTEMP)
+ 
+     // else we gotta make a temp file, copy the tag into it, copy the
+     // rest of the old file after the tag, delete the old file, rename
+@@ -270,7 +270,7 @@
+       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
+     }
+ 
+-    ofstream tmpOut(fd);
++    ofstream tmpOut(sTempFile);
+     if (!tmpOut)
+     {
+       tmpOut.close();
+@@ -285,14 +285,14 @@
+     uchar tmpBuffer[BUFSIZ];
+     while (file)
+     {
+-      file.read(tmpBuffer, BUFSIZ);
++      file.read((char *)tmpBuffer, BUFSIZ);
+       size_t nBytes = file.gcount();
+-      tmpOut.write(tmpBuffer, nBytes);
++      tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+ 
+     close(fd); //closes the file
+ 
+-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#endif ////!defined(HAVE_MKSTEMP)
+ 
+     tmpOut.close();
+     file.close();
diff --git a/extra/id3lib/id3lib-3.8.3-gcc-4.3.patch b/extra/id3lib/id3lib-3.8.3-gcc-4.3.patch
new file mode 100644
index 000000000..f5ec498b6
--- /dev/null
+++ b/extra/id3lib/id3lib-3.8.3-gcc-4.3.patch
@@ -0,0 +1,83 @@
+diff -Naur id3lib-3.8.3-orig/configure id3lib-3.8.3/configure
+--- id3lib-3.8.3-orig/configure      2008-05-24 23:39:36.000000000 -0400
++++ id3lib-3.8.3/configure   2008-05-24 23:39:57.000000000 -0400
+@@ -10296,8 +10296,7 @@
+ 
+ for ac_header in \
+   string                        \
+-  iomanip.h                     \
+ 
+ do
+ as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ 
+diff -Naur id3lib-3.8.3-orig/include/id3/id3lib_strings.h id3lib-3.8.3/include/id3/id3lib_strings.h
+--- id3lib-3.8.3-orig/include/id3/id3lib_strings.h	2008-03-05 18:19:46.000000000 -0600
++++ id3lib-3.8.3/include/id3/id3lib_strings.h	2008-03-05 18:19:38.000000000 -0600
+@@ -30,6 +30,7 @@
+ #define _ID3LIB_STRINGS_H_
+ 
+ #include <string>
++#include <cstring>
+ 
+ #if (defined(__GNUC__) && (__GNUC__ >= 3) || (defined(_MSC_VER) && _MSC_VER > 1000))
+ namespace std
+diff -Naur id3lib-3.8.3-orig/include/id3/writers.h id3lib-3.8.3/include/id3/writers.h
+--- id3lib-3.8.3-orig/include/id3/writers.h	2003-03-01 18:23:00.000000000 -0600
++++ id3lib-3.8.3/include/id3/writers.h	2008-03-05 18:23:05.000000000 -0600
+@@ -30,7 +30,7 @@
+ 
+ #include "id3/writer.h"
+ #include "id3/id3lib_streams.h"
+-//#include <string.h>
++#include <string.h>
+ 
+ class ID3_CPP_EXPORT ID3_OStreamWriter : public ID3_Writer
+ {
+diff -Naur id3lib-3.8.3-orig/examples/demo_convert.cpp id3lib-3.8.3/examples/demo_convert.cpp
+--- id3lib-3.8.3-orig/examples/demo_convert.cpp	2003-03-01 18:23:00.000000000 -0600
++++ id3lib-3.8.3/examples/demo_convert.cpp	2008-03-05 18:26:50.000000000 -0600
+@@ -84,7 +84,7 @@
+   }
+ }
+ 
+-int main( unsigned int argc, char * const argv[])
++int main( int argc, char * const argv[])
+ {
+   flags_t ulFlag = ID3TT_ALL;
+   gengetopt_args_info args;
+diff -Naur id3lib-3.8.3-orig/examples/demo_info.cpp id3lib-3.8.3/examples/demo_info.cpp
+--- id3lib-3.8.3-orig/examples/demo_info.cpp	2003-03-01 18:23:00.000000000 -0600
++++ id3lib-3.8.3/examples/demo_info.cpp	2008-03-05 18:27:40.000000000 -0600
+@@ -309,7 +309,7 @@
+ 
+ #define DEBUG
+ 
+-int main( unsigned int argc, char * const argv[])
++int main( int argc, char * const argv[])
+ {
+   ID3D_INIT_DOUT();
+ 
+diff -Naur id3lib-3.8.3-orig/examples/demo_tag.cpp id3lib-3.8.3/examples/demo_tag.cpp
+--- id3lib-3.8.3-orig/examples/demo_tag.cpp	2003-03-01 18:23:00.000000000 -0600
++++ id3lib-3.8.3/examples/demo_tag.cpp	2008-03-05 18:31:20.000000000 -0600
+@@ -46,7 +46,7 @@
+     os << "v2";
+ }
+ 
+-int main( unsigned int argc, char * const argv[])
++int main( int argc, char * const argv[])
+ {
+   int ulFlag = ID3TT_ID3;
+   ID3D_INIT_DOUT();
+diff -Naur id3lib-3.8.3-orig/examples/demo_copy.cpp id3lib-3.8.3/examples/demo_copy.cpp
+--- id3lib-3.8.3-orig/examples/demo_copy.cpp	2003-03-01 18:23:00.000000000 -0600
++++ id3lib-3.8.3/examples/demo_copy.cpp	2008-03-05 18:32:44.000000000 -0600
+@@ -81,7 +81,7 @@
+   }
+ }
+ 
+-int main( unsigned int argc, char * const argv[])
++int main( int argc, char * const argv[])
+ {
+   int ulFlag = ID3TT_ID3;
+   ID3D_INIT_DOUT();
diff --git a/extra/id3lib/patch_id3lib_3.8.3_UTF16_writing_bug.diff b/extra/id3lib/patch_id3lib_3.8.3_UTF16_writing_bug.diff
new file mode 100644
index 000000000..b05d2cf29
--- /dev/null
+++ b/extra/id3lib/patch_id3lib_3.8.3_UTF16_writing_bug.diff
@@ -0,0 +1,39 @@
+diff -ruN id3lib-3.8.3.orig/ChangeLog id3lib-3.8.3/ChangeLog
+--- id3lib-3.8.3.orig/ChangeLog	2003-03-02 01:23:00.000000000 +0100
++++ id3lib-3.8.3/ChangeLog	2006-02-22 00:33:59.946214472 +0100
+@@ -1,3 +1,8 @@
++2006-02-17  Jerome Couderc
++
++    * Patch from Spoon to fix UTF-16 writing bug
++      http://sourceforge.net/tracker/index.php?func=detail&aid=1016290&group_id=979&atid=300979
++
+ 2003-03-02 Sunday 17:38   Thijmen Klok <thijmen@id3lib.org>
+ 
+ 	* THANKS (1.20): added more people 
+diff -ruN id3lib-3.8.3.orig/src/io_helpers.cpp id3lib-3.8.3/src/io_helpers.cpp
+--- id3lib-3.8.3.orig/src/io_helpers.cpp	2003-03-02 01:23:00.000000000 +0100
++++ id3lib-3.8.3/src/io_helpers.cpp	2006-02-22 00:35:02.926639992 +0100
+@@ -363,11 +363,22 @@
+     // Write the BOM: 0xFEFF
+     unicode_t BOM = 0xFEFF;
+     writer.writeChars((const unsigned char*) &BOM, 2);
++    // Patch from Spoon : 2004-08-25 14:17
++    //   http://sourceforge.net/tracker/index.php?func=detail&aid=1016290&group_id=979&atid=300979
++    // Wrong code
++    //for (size_t i = 0; i < size; i += 2)
++    //{
++    //  unicode_t ch = (data[i] << 8) | data[i+1];
++    //  writer.writeChars((const unsigned char*) &ch, 2);
++    //}
++    // Right code
++    unsigned char *pdata = (unsigned char *) data.c_str();
+     for (size_t i = 0; i < size; i += 2)
+     {
+-      unicode_t ch = (data[i] << 8) | data[i+1];
++      unicode_t ch = (pdata[i] << 8) | pdata[i+1];
+       writer.writeChars((const unsigned char*) &ch, 2);
+     }
++    // End patch
+   }
+   return writer.getCur() - beg;
+ }
-- 
cgit v1.2.3-54-g00ecf