flac: add upstream patch to fix CVE-2018-6888

- cleanup template
2018-10-02 15:57:47 +02:00 · 2018-10-02 15:57:47 +02:00 · 833bdd032e
commit 833bdd032e
parent 8a2c6e2c43
2 changed files with 20 additions and 10 deletions
--- a/srcpkgs/flac/patches/CVE-2017-6888.patch
+++ b/srcpkgs/flac/patches/CVE-2017-6888.patch
@ -0,0 +1,13 @@
+# Upstream: Yes
+--- a/src/libFLAC/stream_decoder.c
+++ b/src/libFLAC/stream_decoder.c
+@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
+                                        }
+                                        memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
+                                        if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
+                                               /* Current i-th entry is bad, so we delete it. */
+                                               free (obj->comments[i].entry) ;
+                                               obj->comments[i].entry = NULL ;
+                                                obj->num_comments = i;
+                                                goto skip;
+                                        }
--- a/srcpkgs/flac/template
+++ b/srcpkgs/flac/template
@ -1,27 +1,24 @@
 # Template file for 'flac'
 pkgname=flac
 version=1.3.2
-revision=3
+revision=4
+patch_args="-Np1"
 build_style=gnu-configure
-configure_args="--disable-rpath --disable-doxygen-docs --disable-xmms-plugin --with-ogg=${XBPS_CROSS_BASE}/usr
--disable-thorough-tests"
-hostmakedepends="automake pkg-config libtool nasm"
+configure_args="--disable-rpath --disable-doxygen-docs --disable-xmms-plugin
+--with-ogg=${XBPS_CROSS_BASE}/usr --disable-thorough-tests"
+hostmakedepends="pkg-config nasm"
 makedepends="libogg-devel"
 short_desc="Free Lossless Audio Codec"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"
 homepage="http://flac.sourceforge.net/"
-license="3-clause-BSD, GPL-2"
-distfiles="http://downloads.xiph.org/releases/flac/flac-${version}.tar.xz"
+license="BSD-3-Clause, GPL-2"
+distfiles="https://downloads.xiph.org/releases/flac/flac-${version}.tar.xz"
 checksum=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f

 post_install() {
 	vlicense COPYING.Xiph
 }

-pre_configure() {
-	autoreconf -fi
-}
-
 libflac_package() {
 	short_desc+=" - shared libraries"
 	pkg_install() {