From e583acf52c9f050e33c88d6a607a67eac6d5747d Mon Sep 17 00:00:00 2001 From: chenmaodong Date: Wed, 8 Jan 2020 22:02:52 +0800 Subject: [PATCH 1/2] remove sensitive information --- libsndfile.spec | 15 ++++++++++----- revert.patch | 37 ------------------------------------- 2 files changed, 10 insertions(+), 42 deletions(-) delete mode 100644 revert.patch diff --git a/libsndfile.spec b/libsndfile.spec index 355f5d6..faf83ad 100644 --- a/libsndfile.spec +++ b/libsndfile.spec @@ -1,6 +1,6 @@ Name: libsndfile Version: 1.0.28 -Release: 15 +Release: 16 Summary: Library for reading and writing sound files License: LGPLv2+ and GPLv2+ and BSD URL: http://www.mega-nerd.com/libsndfile/ @@ -12,10 +12,9 @@ BuildRequires: sqlite-devel Patch0: libsndfile-1.0.25-system-gsm.patch Patch1: libsndfile-1.0.25-zerodivfix.patch -Patch2: revert.patch -Patch3: libsndfile-1.0.28-flacbufovfl.patch -Patch4: libsndfile-1.0.29-cve2017_6892.patch -Patch5: libsndfile-1.0.28-cve2017_12562.patch +Patch2: libsndfile-1.0.28-flacbufovfl.patch +Patch3: libsndfile-1.0.29-cve2017_6892.patch +Patch4: libsndfile-1.0.28-cve2017_12562.patch Patch6000: libsndfile-1.0.28-CVE-2018-13139-CVE-2018-19432.patch Patch6001: libsndfile-1.0.28-src-wav.c-Fix-WAV-Sampler-Chunk-tune-parsing.patch Patch6002: libsndfile-1.0.28-CVE-2018-19758.patch @@ -130,6 +129,12 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check %{_mandir}/man1/sndfile-salvage.1* %changelog +* Wed Jan 08 2020 chenmaodong - 1.0.28-16 +- Type:enhancement +- ID:NA +- SUG:NA +- DESC:remove sensitive information + * Mon Dec 23 2019 chenmaodong - 1.0.28-15 - Type:enhancement - ID:NA diff --git a/revert.patch b/revert.patch deleted file mode 100644 index fbdd96d..0000000 --- a/revert.patch +++ /dev/null @@ -1,37 +0,0 @@ ---- libsndfile-1.0.28/src/rf64.c 2017-04-02 09:43:22.000000000 +0200 -+++ libsndfile-1.0.27/src/rf64.c 2016-04-01 23:08:53.000000000 +0200 -@@ -735,25 +734,27 @@ rf64_write_header (SF_PRIVATE *psf, int - - #endif - -- pad_size = psf->dataoffset - 16 - psf->header.indx ; -- if (pad_size >= 0) -- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ; -+ if (psf->header.indx + 8 < psf->dataoffset) -+ { /* Add PAD data if necessary. */ -+ int k = psf->dataoffset - 16 - psf->header.indx ; -+ psf_binheader_writef (psf, "m4z", PAD_MARKER, k, make_size_t (k)) ; -+ } ; - - if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES)) - psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ; - else - psf_binheader_writef (psf, "m4", data_MARKER, 0xffffffff) ; - -- psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ; -+ psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ; - if (psf->error) - return psf->error ; - -- if (has_data && psf->dataoffset != psf->header.indx) -- { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ; -+ if (has_data && psf->dataoffset != psf->header.indx) -+ { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ; - return psf->error = SFE_INTERNAL ; - } ; - -- psf->dataoffset = psf->header.indx ; -+ psf->dataoffset = psf->header.indx ; - - if (NOT (has_data)) - psf_fseek (psf, psf->dataoffset, SEEK_SET) ; -- Gitee From 4de3a7422ee027bba0ee27cb84f08f0b48a98901 Mon Sep 17 00:00:00 2001 From: chenmaodong Date: Fri, 10 Jan 2020 19:42:13 +0800 Subject: [PATCH 2/2] use libgsm which is in libsndfile package --- libsndfile-1.0.25-system-gsm.patch | 56 ------------------------------ libsndfile.spec | 21 ++++++----- 2 files changed, 12 insertions(+), 65 deletions(-) delete mode 100644 libsndfile-1.0.25-system-gsm.patch diff --git a/libsndfile-1.0.25-system-gsm.patch b/libsndfile-1.0.25-system-gsm.patch deleted file mode 100644 index d6d1b34..0000000 --- a/libsndfile-1.0.25-system-gsm.patch +++ /dev/null @@ -1,56 +0,0 @@ -diff -up libsndfile-1.0.28/src/gsm610.c.systemgsm libsndfile-1.0.28/src/gsm610.c ---- libsndfile-1.0.28/src/gsm610.c.systemgsm 2016-09-10 10:08:27.000000000 +0200 -+++ libsndfile-1.0.28/src/gsm610.c 2017-04-11 10:47:40.437162489 +0200 -@@ -27,7 +27,7 @@ - #include "sfendian.h" - #include "common.h" - #include "wavlike.h" --#include "GSM610/gsm.h" -+#include - - #define GSM610_BLOCKSIZE 33 - #define GSM610_SAMPLES 160 -@@ -391,7 +391,8 @@ gsm610_seek (SF_PRIVATE *psf, int UNUSED - psf_fseek (psf, psf->dataoffset, SEEK_SET) ; - pgsm610->blockcount = 0 ; - -- gsm_init (pgsm610->gsm_data) ; -+ gsm_destroy (pgsm610->gsm_data) ; -+ pgsm610->gsm_data = gsm_create () ; - if ((SF_CONTAINER (psf->sf.format)) == SF_FORMAT_WAV || - (SF_CONTAINER (psf->sf.format)) == SF_FORMAT_W64) - gsm_option (pgsm610->gsm_data, GSM_OPT_WAV49, &true_flag) ; -diff -up libsndfile-1.0.28/src/Makefile.am.systemgsm libsndfile-1.0.28/src/Makefile.am ---- libsndfile-1.0.28/src/Makefile.am.systemgsm 2017-04-01 09:18:02.000000000 +0200 -+++ libsndfile-1.0.28/src/Makefile.am 2017-04-11 10:48:43.855620172 +0200 -@@ -8,7 +8,7 @@ lib_LTLIBRARIES = libsndfile.la - include_HEADERS = sndfile.hh - nodist_include_HEADERS = sndfile.h - --noinst_LTLIBRARIES = GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la libcommon.la -+noinst_LTLIBRARIES = G72x/libg72x.la ALAC/libalac.la libcommon.la - - SYMBOL_FILES = Symbols.gnu-binutils Symbols.darwin libsndfile-1.def Symbols.os2 Symbols.static - -@@ -43,7 +43,7 @@ libsndfile_la_CPPFLAGS = -DSNDFILE_EXPOR - libsndfile_la_LDFLAGS = -no-undefined -version-info $(SHARED_VERSION_INFO) $(SHLIB_VERSION_ARG) - libsndfile_la_SOURCES = $(FILESPECIFIC) $(noinst_HEADERS) - nodist_libsndfile_la_SOURCES = $(nodist_include_HEADERS) --libsndfile_la_LIBADD = GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la \ -+libsndfile_la_LIBADD = -lgsm G72x/libg72x.la ALAC/libalac.la \ - libcommon.la $(EXTERNAL_XIPH_LIBS) -lm - - EXTRA_libsndfile_la_DEPENDENCIES = $(SYMBOL_FILES) -@@ -58,12 +58,6 @@ libcommon_la_SOURCES = common.c file_io. - #====================================================================== - # Subdir libraries. - --GSM610_libgsm_la_SOURCES = GSM610/config.h GSM610/gsm.h GSM610/gsm610_priv.h \ -- GSM610/add.c GSM610/code.c GSM610/decode.c GSM610/gsm_create.c \ -- GSM610/gsm_decode.c GSM610/gsm_destroy.c GSM610/gsm_encode.c \ -- GSM610/gsm_option.c GSM610/long_term.c GSM610/lpc.c GSM610/preprocess.c \ -- GSM610/rpe.c GSM610/short_term.c GSM610/table.c -- - G72x_libg72x_la_SOURCES = G72x/g72x.h G72x/g72x_priv.h \ - G72x/g721.c G72x/g723_16.c G72x/g723_24.c G72x/g723_40.c G72x/g72x.c - diff --git a/libsndfile.spec b/libsndfile.spec index faf83ad..195fd8f 100644 --- a/libsndfile.spec +++ b/libsndfile.spec @@ -1,20 +1,19 @@ Name: libsndfile Version: 1.0.28 -Release: 16 +Release: 17 Summary: Library for reading and writing sound files License: LGPLv2+ and GPLv2+ and BSD URL: http://www.mega-nerd.com/libsndfile/ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz -BuildRequires: alsa-lib-devel gcc gcc-c++ flac-devel gsm-devel +BuildRequires: alsa-lib-devel gcc gcc-c++ flac-devel BuildRequires: libogg-devel libtool libvorbis-devel pkgconfig BuildRequires: sqlite-devel -Patch0: libsndfile-1.0.25-system-gsm.patch -Patch1: libsndfile-1.0.25-zerodivfix.patch -Patch2: libsndfile-1.0.28-flacbufovfl.patch -Patch3: libsndfile-1.0.29-cve2017_6892.patch -Patch4: libsndfile-1.0.28-cve2017_12562.patch +Patch0: libsndfile-1.0.25-zerodivfix.patch +Patch1: libsndfile-1.0.28-flacbufovfl.patch +Patch2: libsndfile-1.0.29-cve2017_6892.patch +Patch3: libsndfile-1.0.28-cve2017_12562.patch Patch6000: libsndfile-1.0.28-CVE-2018-13139-CVE-2018-19432.patch Patch6001: libsndfile-1.0.28-src-wav.c-Fix-WAV-Sampler-Chunk-tune-parsing.patch Patch6002: libsndfile-1.0.28-CVE-2018-19758.patch @@ -49,10 +48,8 @@ Help files for %{name}-utils. %prep %autosetup -n %{name}-%{version} -p1 -rm -r src/GSM610 %build -autoreconf -I M4 -fiv %configure \ --disable-dependency-tracking \ --enable-sqlite \ @@ -129,6 +126,12 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check %{_mandir}/man1/sndfile-salvage.1* %changelog +* Fri Jan 10 2020 chenmaodong - 1.0.28-17 +- Type:enhancement +- ID:NA +- SUG:NA +- DESC:use libgsm inside libsndfile + * Wed Jan 08 2020 chenmaodong - 1.0.28-16 - Type:enhancement - ID:NA -- Gitee