summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/recipes-multimedia/lame/lame/CVE-2017-13712.patch309
-rw-r--r--meta/recipes-multimedia/lame/lame/lame-3.99.5_fix_for_automake-1.12.x.patch59
-rw-r--r--meta/recipes-multimedia/lame/lame_3.100.bb (renamed from meta/recipes-multimedia/lame/lame_3.99.5.bb)9
3 files changed, 2 insertions, 375 deletions
diff --git a/meta/recipes-multimedia/lame/lame/CVE-2017-13712.patch b/meta/recipes-multimedia/lame/lame/CVE-2017-13712.patch
deleted file mode 100644
index f9ec7665ff..0000000000
--- a/meta/recipes-multimedia/lame/lame/CVE-2017-13712.patch
+++ /dev/null
@@ -1,309 +0,0 @@
1Upstream-Status: Backport [http://lame.cvs.sourceforge.net/viewvc/lame/lame/libmp3lame/id3tag.c?r1=1.79&r2=1.80]
2
3Backport patch to fix CVE-2017-13712 for lame.
4
5Signed-off-by: Kai Kang <kai.kang@windriver.com>
6---
7--- a/libmp3lame/id3tag.c 2017/08/22 19:44:05 1.79
8+++ b/libmp3lame/id3tag.c 2017/08/28 15:39:51 1.80
9@@ -194,7 +194,11 @@
10 }
11 #endif
12
13-
14+static int
15+is_lame_internal_flags_null(lame_t gfp)
16+{
17+ return (gfp && gfp->internal_flags) ? 0 : 1;
18+}
19
20 static int
21 id3v2_add_ucs2_lng(lame_t gfp, uint32_t frame_id, unsigned short const *desc, unsigned short const *text);
22@@ -238,8 +242,7 @@
23 static void
24 id3v2AddAudioDuration(lame_t gfp, double ms)
25 {
26- lame_internal_flags *gfc = gfp != 0 ? gfp->internal_flags : 0;
27- SessionConfig_t const *const cfg = &gfc->cfg;
28+ SessionConfig_t const *const cfg = &gfp->internal_flags->cfg; /* caller checked pointers */
29 char buffer[1024];
30 double const max_ulong = MAX_U_32_NUM;
31 unsigned long playlength_ms;
32@@ -280,7 +283,12 @@
33 void
34 id3tag_init(lame_t gfp)
35 {
36- lame_internal_flags *gfc = gfp->internal_flags;
37+ lame_internal_flags *gfc = 0;
38+
39+ if (is_lame_internal_flags_null(gfp)) {
40+ return;
41+ }
42+ gfc = gfp->internal_flags;
43 free_id3tag(gfc);
44 memset(&gfc->tag_spec, 0, sizeof gfc->tag_spec);
45 gfc->tag_spec.genre_id3v1 = GENRE_NUM_UNKNOWN;
46@@ -293,7 +301,12 @@
47 void
48 id3tag_add_v2(lame_t gfp)
49 {
50- lame_internal_flags *gfc = gfp->internal_flags;
51+ lame_internal_flags *gfc = 0;
52+
53+ if (is_lame_internal_flags_null(gfp)) {
54+ return;
55+ }
56+ gfc = gfp->internal_flags;
57 gfc->tag_spec.flags &= ~V1_ONLY_FLAG;
58 gfc->tag_spec.flags |= ADD_V2_FLAG;
59 }
60@@ -301,7 +314,12 @@
61 void
62 id3tag_v1_only(lame_t gfp)
63 {
64- lame_internal_flags *gfc = gfp->internal_flags;
65+ lame_internal_flags *gfc = 0;
66+
67+ if (is_lame_internal_flags_null(gfp)) {
68+ return;
69+ }
70+ gfc = gfp->internal_flags;
71 gfc->tag_spec.flags &= ~(ADD_V2_FLAG | V2_ONLY_FLAG);
72 gfc->tag_spec.flags |= V1_ONLY_FLAG;
73 }
74@@ -309,7 +327,12 @@
75 void
76 id3tag_v2_only(lame_t gfp)
77 {
78- lame_internal_flags *gfc = gfp->internal_flags;
79+ lame_internal_flags *gfc = 0;
80+
81+ if (is_lame_internal_flags_null(gfp)) {
82+ return;
83+ }
84+ gfc = gfp->internal_flags;
85 gfc->tag_spec.flags &= ~V1_ONLY_FLAG;
86 gfc->tag_spec.flags |= V2_ONLY_FLAG;
87 }
88@@ -317,7 +340,12 @@
89 void
90 id3tag_space_v1(lame_t gfp)
91 {
92- lame_internal_flags *gfc = gfp->internal_flags;
93+ lame_internal_flags *gfc = 0;
94+
95+ if (is_lame_internal_flags_null(gfp)) {
96+ return;
97+ }
98+ gfc = gfp->internal_flags;
99 gfc->tag_spec.flags &= ~V2_ONLY_FLAG;
100 gfc->tag_spec.flags |= SPACE_V1_FLAG;
101 }
102@@ -331,7 +359,12 @@
103 void
104 id3tag_set_pad(lame_t gfp, size_t n)
105 {
106- lame_internal_flags *gfc = gfp->internal_flags;
107+ lame_internal_flags *gfc = 0;
108+
109+ if (is_lame_internal_flags_null(gfp)) {
110+ return;
111+ }
112+ gfc = gfp->internal_flags;
113 gfc->tag_spec.flags &= ~V1_ONLY_FLAG;
114 gfc->tag_spec.flags |= PAD_V2_FLAG;
115 gfc->tag_spec.flags |= ADD_V2_FLAG;
116@@ -583,22 +616,29 @@
117 int
118 id3tag_set_albumart(lame_t gfp, const char *image, size_t size)
119 {
120- int mimetype = 0;
121- unsigned char const *data = (unsigned char const *) image;
122- lame_internal_flags *gfc = gfp->internal_flags;
123-
124- /* determine MIME type from the actual image data */
125- if (2 < size && data[0] == 0xFF && data[1] == 0xD8) {
126- mimetype = MIMETYPE_JPEG;
127- }
128- else if (4 < size && data[0] == 0x89 && strncmp((const char *) &data[1], "PNG", 3) == 0) {
129- mimetype = MIMETYPE_PNG;
130- }
131- else if (4 < size && strncmp((const char *) data, "GIF8", 4) == 0) {
132- mimetype = MIMETYPE_GIF;
133+ int mimetype = MIMETYPE_NONE;
134+ lame_internal_flags *gfc = 0;
135+
136+ if (is_lame_internal_flags_null(gfp)) {
137+ return 0;
138 }
139- else {
140- return -1;
141+ gfc = gfp->internal_flags;
142+
143+ if (image != 0) {
144+ unsigned char const *data = (unsigned char const *) image;
145+ /* determine MIME type from the actual image data */
146+ if (2 < size && data[0] == 0xFF && data[1] == 0xD8) {
147+ mimetype = MIMETYPE_JPEG;
148+ }
149+ else if (4 < size && data[0] == 0x89 && strncmp((const char *) &data[1], "PNG", 3) == 0) {
150+ mimetype = MIMETYPE_PNG;
151+ }
152+ else if (4 < size && strncmp((const char *) data, "GIF8", 4) == 0) {
153+ mimetype = MIMETYPE_GIF;
154+ }
155+ else {
156+ return -1;
157+ }
158 }
159 if (gfc->tag_spec.albumart != 0) {
160 free(gfc->tag_spec.albumart);
161@@ -606,7 +646,7 @@
162 gfc->tag_spec.albumart_size = 0;
163 gfc->tag_spec.albumart_mimetype = MIMETYPE_NONE;
164 }
165- if (size < 1) {
166+ if (size < 1 || mimetype == MIMETYPE_NONE) {
167 return 0;
168 }
169 gfc->tag_spec.albumart = lame_calloc(unsigned char, size);
170@@ -959,6 +999,9 @@
171 if (frame_id == 0) {
172 return -1;
173 }
174+ if (is_lame_internal_flags_null(gfp)) {
175+ return 0;
176+ }
177 if (text == 0) {
178 return 0;
179 }
180@@ -1008,6 +1051,9 @@
181 if (frame_id == 0) {
182 return -1;
183 }
184+ if (is_lame_internal_flags_null(gfp)) {
185+ return 0;
186+ }
187 if (text == 0) {
188 return 0;
189 }
190@@ -1037,6 +1083,9 @@
191 int
192 id3tag_set_comment_latin1(lame_t gfp, char const *lang, char const *desc, char const *text)
193 {
194+ if (is_lame_internal_flags_null(gfp)) {
195+ return 0;
196+ }
197 return id3v2_add_latin1(gfp, ID_COMMENT, lang, desc, text);
198 }
199
200@@ -1044,6 +1093,9 @@
201 int
202 id3tag_set_comment_utf16(lame_t gfp, char const *lang, unsigned short const *desc, unsigned short const *text)
203 {
204+ if (is_lame_internal_flags_null(gfp)) {
205+ return 0;
206+ }
207 return id3v2_add_ucs2(gfp, ID_COMMENT, lang, desc, text);
208 }
209
210@@ -1054,6 +1106,9 @@
211 int
212 id3tag_set_comment_ucs2(lame_t gfp, char const *lang, unsigned short const *desc, unsigned short const *text)
213 {
214+ if (is_lame_internal_flags_null(gfp)) {
215+ return 0;
216+ }
217 return id3tag_set_comment_utf16(gfp, lang, desc, text);
218 }
219
220@@ -1244,9 +1299,9 @@
221 int
222 id3tag_set_genre(lame_t gfp, const char *genre)
223 {
224- lame_internal_flags *gfc = gfp->internal_flags;
225+ lame_internal_flags *gfc = gfp != 0 ? gfp->internal_flags : 0;
226 int ret = 0;
227- if (genre && *genre) {
228+ if (gfc && genre && *genre) {
229 int const num = lookupGenre(genre);
230 if (num == -1) return num;
231 gfc->tag_spec.flags |= CHANGED_FLAG;
232@@ -1539,6 +1594,9 @@
233 int
234 id3tag_set_fieldvalue(lame_t gfp, const char *fieldvalue)
235 {
236+ if (is_lame_internal_flags_null(gfp)) {
237+ return 0;
238+ }
239 if (fieldvalue && *fieldvalue) {
240 if (strlen(fieldvalue) < 5 || fieldvalue[4] != '=') {
241 return -1;
242@@ -1551,6 +1609,9 @@
243 int
244 id3tag_set_fieldvalue_utf16(lame_t gfp, const unsigned short *fieldvalue)
245 {
246+ if (is_lame_internal_flags_null(gfp)) {
247+ return 0;
248+ }
249 if (fieldvalue && *fieldvalue) {
250 size_t dx = hasUcs2ByteOrderMarker(fieldvalue[0]);
251 unsigned short const separator = fromLatin1Char(fieldvalue, '=');
252@@ -1581,20 +1642,21 @@
253 int
254 id3tag_set_fieldvalue_ucs2(lame_t gfp, const unsigned short *fieldvalue)
255 {
256+ if (is_lame_internal_flags_null(gfp)) {
257+ return 0;
258+ }
259 return id3tag_set_fieldvalue_utf16(gfp, fieldvalue);
260 }
261
262 size_t
263 lame_get_id3v2_tag(lame_t gfp, unsigned char *buffer, size_t size)
264 {
265- lame_internal_flags *gfc;
266- if (gfp == 0) {
267+ lame_internal_flags *gfc = 0;
268+
269+ if (is_lame_internal_flags_null(gfp)) {
270 return 0;
271 }
272 gfc = gfp->internal_flags;
273- if (gfc == 0) {
274- return 0;
275- }
276 if (test_tag_spec_flags(gfc, V1_ONLY_FLAG)) {
277 return 0;
278 }
279@@ -1736,7 +1798,12 @@
280 int
281 id3tag_write_v2(lame_t gfp)
282 {
283- lame_internal_flags *gfc = gfp->internal_flags;
284+ lame_internal_flags *gfc = 0;
285+
286+ if (is_lame_internal_flags_null(gfp)) {
287+ return 0;
288+ }
289+ gfc = gfp->internal_flags;
290 #if 0
291 debug_tag_spec_flags(gfc, "write v2");
292 #endif
293@@ -1837,10 +1904,15 @@
294 int
295 id3tag_write_v1(lame_t gfp)
296 {
297- lame_internal_flags *const gfc = gfp->internal_flags;
298+ lame_internal_flags* gfc = 0;
299 size_t i, n, m;
300 unsigned char tag[128];
301
302+ if (is_lame_internal_flags_null(gfp)) {
303+ return 0;
304+ }
305+ gfc = gfp->internal_flags;
306+
307 m = sizeof(tag);
308 n = lame_get_id3v1_tag(gfp, tag, m);
309 if (n > m) {
diff --git a/meta/recipes-multimedia/lame/lame/lame-3.99.5_fix_for_automake-1.12.x.patch b/meta/recipes-multimedia/lame/lame/lame-3.99.5_fix_for_automake-1.12.x.patch
deleted file mode 100644
index 51baef26f2..0000000000
--- a/meta/recipes-multimedia/lame/lame/lame-3.99.5_fix_for_automake-1.12.x.patch
+++ /dev/null
@@ -1,59 +0,0 @@
1Upstream-Status: Pending
2
3Fix this kind of errors with automake 1.12.x:
4| doc/man/Makefile.am:3: error: automatic de-ANSI-fication support has been removed
5| autoreconf: automake failed with exit status: 1
6
7Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
82012/07/13
9
10Index: lame-3.99.5/configure.in
11===================================================================
12--- lame-3.99.5.orig/configure.in
13+++ lame-3.99.5/configure.in
14@@ -77,9 +77,6 @@ if test "${GCC}" = "yes"; then
15 AC_MSG_RESULT(${GCC_version})
16 fi
17
18-dnl more automake stuff
19-AM_C_PROTOTYPES
20-
21 AC_CHECK_HEADER(dmalloc.h)
22 if test "${ac_cv_header_dmalloc_h}" = "yes"; then
23 AM_WITH_DMALLOC
24Index: lame-3.99.5/doc/html/Makefile.am
25===================================================================
26--- lame-3.99.5.orig/doc/html/Makefile.am
27+++ lame-3.99.5/doc/html/Makefile.am
28@@ -1,6 +1,6 @@
29 ## $Id: Makefile.am,v 1.7 2010/09/30 20:58:40 jaz001 Exp $
30
31-AUTOMAKE_OPTIONS = foreign ansi2knr
32+AUTOMAKE_OPTIONS = foreign
33
34 docdir = $(datadir)/doc
35 pkgdocdir = $(docdir)/$(PACKAGE)
36Index: lame-3.99.5/libmp3lame/i386/Makefile.am
37===================================================================
38--- lame-3.99.5.orig/libmp3lame/i386/Makefile.am
39+++ lame-3.99.5/libmp3lame/i386/Makefile.am
40@@ -1,6 +1,6 @@
41 ## $Id: Makefile.am,v 1.26 2011/04/04 09:42:34 aleidinger Exp $
42
43-AUTOMAKE_OPTIONS = foreign $(top_srcdir)/ansi2knr
44+AUTOMAKE_OPTIONS = foreign
45
46 DEFS = @DEFS@ @CONFIG_DEFS@
47
48Index: lame-3.99.5/doc/man/Makefile.am
49===================================================================
50--- lame-3.99.5.orig/doc/man/Makefile.am
51+++ lame-3.99.5/doc/man/Makefile.am
52@@ -1,6 +1,6 @@
53 ## $Id: Makefile.am,v 1.1 2000/10/22 11:39:44 aleidinger Exp $
54
55-AUTOMAKE_OPTIONS = foreign ansi2knr
56+AUTOMAKE_OPTIONS = foreign
57
58 man_MANS = lame.1
59 EXTRA_DIST = ${man_MANS}
diff --git a/meta/recipes-multimedia/lame/lame_3.99.5.bb b/meta/recipes-multimedia/lame/lame_3.100.bb
index e5321bb9d8..ff6ac7efb2 100644
--- a/meta/recipes-multimedia/lame/lame_3.99.5.bb
+++ b/meta/recipes-multimedia/lame/lame_3.100.bb
@@ -10,16 +10,13 @@ DEPENDS = "ncurses gettext-native"
10LIC_FILES_CHKSUM = "file://COPYING;md5=c46bda00ffbb0ba1dac22f8d087f54d9 \ 10LIC_FILES_CHKSUM = "file://COPYING;md5=c46bda00ffbb0ba1dac22f8d087f54d9 \
11 file://include/lame.h;beginline=1;endline=20;md5=a2258182c593c398d15a48262130a92b \ 11 file://include/lame.h;beginline=1;endline=20;md5=a2258182c593c398d15a48262130a92b \
12" 12"
13PR = "r1"
14 13
15SRC_URI = "${SOURCEFORGE_MIRROR}/lame/lame-${PV}.tar.gz \ 14SRC_URI = "${SOURCEFORGE_MIRROR}/lame/lame-${PV}.tar.gz \
16 file://no-gtk1.patch \ 15 file://no-gtk1.patch \
17 file://lame-3.99.5_fix_for_automake-1.12.x.patch \
18 file://CVE-2017-13712.patch \
19 " 16 "
20 17
21SRC_URI[md5sum] = "84835b313d4a8b68f5349816d33e07ce" 18SRC_URI[md5sum] = "83e260acbe4389b54fe08e0bdbf7cddb"
22SRC_URI[sha256sum] = "24346b4158e4af3bd9f2e194bb23eb473c75fb7377011523353196b19b9a23ff" 19SRC_URI[sha256sum] = "ddfe36cab873794038ae2c1210557ad34857a4b6bdc515785d1da9e175b1da1e"
23 20
24inherit autotools pkgconfig 21inherit autotools pkgconfig
25 22
@@ -28,5 +25,3 @@ FILES_${PN} = "${bindir}/lame"
28FILES_libmp3lame = "${libdir}/libmp3lame.so.*" 25FILES_libmp3lame = "${libdir}/libmp3lame.so.*"
29FILES_libmp3lame-dev = "${includedir} ${libdir}/*" 26FILES_libmp3lame-dev = "${includedir} ${libdir}/*"
30FILES_${PN}-dev = "" 27FILES_${PN}-dev = ""
31
32CACHED_CONFIGUREVARS_append_x86 = " ac_cv_header_emmintrin_h=no ac_cv_header_xmmintrin_h=no"