testing/id3lib: new aport

http://id3lib.sourceforge.net
library for reading, writing, and manipulating ID3v1 and ID3v2 tags

7 files changed, 209 insertions, 0 deletions

diff --git a/testing/id3lib/10-fix-compilation-with-cpp-headers.patch b/testing/id3lib/10-fix-compilation-with-cpp-headers.patch
new file mode 100644
index 0000000000..9f1eb3326f
--- /dev/null
+++ b/testing/id3lib/10-fix-compilation-with-cpp-headers.patch
@@ -0,0 +1,21 @@
+--- a/include/id3/id3lib_strings.h
++++ b/include/id3/id3lib_strings.h
+@@ -30,6 +30,7 @@
+ #define _ID3LIB_STRINGS_H_
+ 
+ #include <string>
++#include <cstring>
+ 
+ #if (defined(__GNUC__) && (__GNUC__ >= 3) || (defined(_MSC_VER) && _MSC_VER > 1000))
+ namespace std
+--- a/include/id3/writers.h
++++ b/include/id3/writers.h
+@@ -30,7 +30,7 @@
+ 
+ #include "id3/writer.h"
+ #include "id3/id3lib_streams.h"
+-//#include <string.h>
++#include <cstring>
+ 
+ class ID3_CPP_EXPORT ID3_OStreamWriter : public ID3_Writer
+ {
diff --git a/testing/id3lib/30-fix-utf16.patch b/testing/id3lib/30-fix-utf16.patch
new file mode 100644
index 0000000000..3d3f50fed6
--- /dev/null
+++ b/testing/id3lib/30-fix-utf16.patch
@@ -0,0 +1,38 @@
+Patch from 'Spoon' to fix issues with writing certain unicode characters
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,8 @@
++2006-02-17  Jerome Couderc
++
++    * Patch from Spoon to fix UTF-16 writing bug
++      http://sourceforge.net/tracker/index.php?func=detail&aid=1016290&group_id=979&atid=300979
++
+ 2003-03-02 Sunday 17:38   Thijmen Klok <thijmen@id3lib.org>
+ 
+ 	* THANKS (1.20): added more people 
+--- a/src/io_helpers.cpp
++++ b/src/io_helpers.cpp
+@@ -363,11 +363,22 @@
+     // Write the BOM: 0xFEFF
+     unicode_t BOM = 0xFEFF;
+     writer.writeChars((const unsigned char*) &BOM, 2);
++    // Patch from Spoon : 2004-08-25 14:17
++    //   http://sourceforge.net/tracker/index.php?func=detail&aid=1016290&group_id=979&atid=300979
++    // Wrong code
++    //for (size_t i = 0; i < size; i += 2)
++    //{
++    //  unicode_t ch = (data[i] << 8) | data[i+1];
++    //  writer.writeChars((const unsigned char*) &ch, 2);
++    //}
++    // Right code
++    unsigned char *pdata = (unsigned char *) data.c_str();
+     for (size_t i = 0; i < size; i += 2)
+     {
+-      unicode_t ch = (data[i] << 8) | data[i+1];
++      unicode_t ch = (pdata[i] << 8) | pdata[i+1];
+       writer.writeChars((const unsigned char*) &ch, 2);
+     }
++    // End patch
+   }
+   return writer.getCur() - beg;
+ }
diff --git a/testing/id3lib/50-remove-outdated-check.patch b/testing/id3lib/50-remove-outdated-check.patch
new file mode 100644
index 0000000000..386da2771b
--- /dev/null
+++ b/testing/id3lib/50-remove-outdated-check.patch
@@ -0,0 +1,11 @@
+We don't actually need iomanip.h
+--- a/configure.in
++++ b/configure.in
+@@ -227,7 +227,6 @@
+ )
+ AC_CHECK_HEADERS(               \
+   string                        \
+-  iomanip.h                     \
+   ,,AC_MSG_ERROR([Missing a vital header file for id3lib])
+ )
+ 
diff --git a/testing/id3lib/60-id3lib-missing-nullpointer-check.patch b/testing/id3lib/60-id3lib-missing-nullpointer-check.patch
new file mode 100644
index 0000000000..d4ca5d292f
--- /dev/null
+++ b/testing/id3lib/60-id3lib-missing-nullpointer-check.patch
@@ -0,0 +1,12 @@
+This patch adds a check for a null pointer
+--- a/src/header_tag.cpp
++++ b/src/header_tag.cpp
+@@ -54,7 +54,7 @@
+ {
+   size_t bytesUsed = ID3_TagHeader::SIZE;
+ 
+-  if (_info->is_extended)
++  if (_info && _info->is_extended)
+   {
+     bytesUsed += _info->extended_bytes;
+   }
diff --git a/testing/id3lib/61-fix_vbr_stack_smash.patch b/testing/id3lib/61-fix_vbr_stack_smash.patch
new file mode 100644
index 0000000000..441256b183
--- /dev/null
+++ b/testing/id3lib/61-fix_vbr_stack_smash.patch
@@ -0,0 +1,19 @@
+Description: Fix crashes when reading VBR MP3 file.
+Bug-Ubuntu: https://launchpad.net/bugs/444466
+Origin: upstream, http://sourceforge.net/tracker/?func=detail&aid=937707&group_id=979&atid=300979
+Forwarded: yes
+Author: Urs Fleisch
+
+Index: id3lib3.8.3-3.8.3/src/mp3_parse.cpp
+===================================================================
+--- a/src/mp3_parse.cpp	2009-10-06 23:12:10.381250132 +0200
++++ b/src/mp3_parse.cpp	2009-10-06 23:14:09.545252591 +0200
+@@ -465,7 +465,7 @@
+   // from http://www.xingtech.com/developer/mp3/
+ 
+   const size_t VBR_HEADER_MIN_SIZE = 8;     // "xing" + flags are fixed
+-  const size_t VBR_HEADER_MAX_SIZE = 116;   // frames, bytes, toc and scale are optional
++  const size_t VBR_HEADER_MAX_SIZE = 120;   // frames, bytes, toc and scale are optional
+ 
+   if (mp3size >= vbr_header_offest + VBR_HEADER_MIN_SIZE) 
+   {
diff --git a/testing/id3lib/APKBUILD b/testing/id3lib/APKBUILD
new file mode 100644
index 0000000000..8ff8d6ce9f
--- /dev/null
+++ b/testing/id3lib/APKBUILD
@@ -0,0 +1,53 @@
+# Contributor: David Demelier <markand@malikania.fr>
+# Maintainer: David Demelier <markand@malikania.fr>
+pkgname="id3lib"
+pkgver=3.8.3
+pkgrel=0
+pkgdesc="library for reading, writing, and manipulating ID3v1 and ID3v2 tags"
+url="http://id3lib.sourceforge.net"
+arch="all"
+license="GPL-2.0-only"
+makedepends="autoconf automake libtool zlib-dev"
+subpackages="$pkgname-static $pkgname-dev $pkgname-libs"
+source="
+	http://downloads.sourceforge.net/id3lib/id3lib-$pkgver.tar.gz
+	10-fix-compilation-with-cpp-headers.patch
+	30-fix-utf16.patch
+	50-remove-outdated-check.patch
+	60-id3lib-missing-nullpointer-check.patch
+	61-fix_vbr_stack_smash.patch
+	CVE-2007-4460.patch"
+options="!check" # does not build.
+
+prepare() {
+	default_prepare
+	update_config_guess
+	update_config_sub
+	libtoolize -fc
+	aclocal
+	autoconf
+	automake --add-missing --copy
+}
+
+build() {
+	./configure --prefix=/usr
+	make
+}
+
+package() {
+	make DESTDIR="$pkgdir" install
+}
+
+static() {
+	pkgdesc="Static libraries for id3lib"
+	mkdir -p "$subpkgdir"/usr/lib
+	mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/
+}
+
+sha512sums="3787e261f86933c1c2f2bff2c4b349b42f5d8636e489e4f39f9d75e6dfbdc79b87009a0f4ce4b786f2fb3dbc01ca9d56c4112095b46244f897e6c9a28573adaf  id3lib-3.8.3.tar.gz
+a21024c20abb918081ea87be2114d9dc957cfe5d776e0942d2ef2ae450fa73f36236eaf5d50e1a14e293ca927bb95328da8c65a4ae6af6f43574ace3be0ad260  10-fix-compilation-with-cpp-headers.patch
+811e1cc121a965fd0b6162a8937475e3d7dc2a477289707a28f6961ca2b9886b98508a954b12a36c27206202673ebd9ae6ec37d175c947e4e560ac112309ec6d  30-fix-utf16.patch
+137732ceee8ec7fc8b686e46bd43276fba6bdcbdce166e85108e7c4b456523b4a29b11ff3101a37489e2386c92dfbe7f088f79c9c054f30515095f2b68c89f48  50-remove-outdated-check.patch
+ebb536a3bce83ee8752905766f93c7920d548e85262704d617b3e608a020bca0909f5c59525caa2bbc2f034e2d11fb3eb0842d2b167e00c3ef4551c9eb57adf9  60-id3lib-missing-nullpointer-check.patch
+debecda3ace7b8ced35d06f33cee922b5f0c43bcf17b9bc7c859e1910a54d4ddb69930b31104ed66702d5bc011859c6724d3df6ece153cc836a992ff19300d70  61-fix_vbr_stack_smash.patch
+d534a1b4ce2fa186c089969c245ffc30c75d3e2b4c67b5a5d4b61fc9a8df04f9b2d5f1e13504b0e2f45540d774d5653c3dfa6e7dee9a12c99e7668a0b35fe8b2  CVE-2007-4460.patch"
diff --git a/testing/id3lib/CVE-2007-4460.patch b/testing/id3lib/CVE-2007-4460.patch
new file mode 100644
index 0000000000..7fcab02a87
--- /dev/null
+++ b/testing/id3lib/CVE-2007-4460.patch
@@ -0,0 +1,55 @@
+This patch fixes an issues where temporary files were created in an insecure
+way.
+
+It was first intruduced in version 3.8.3-7 and fixes
+http://bugs.debian.org/438540
+--- a/src/tag_file.cpp
++++ b/src/tag_file.cpp
+@@ -242,8 +242,8 @@
+     strcpy(sTempFile, filename.c_str());
+     strcat(sTempFile, sTmpSuffix.c_str());
+ 
+-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+-    // This section is for Windows folk && gcc 3.x folk
++#if !defined(HAVE_MKSTEMP)
++    // This section is for Windows folk
+     fstream tmpOut;
+     createFile(sTempFile, tmpOut);
+ 
+@@ -257,7 +257,7 @@
+       tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+ 
+-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#else //!defined(HAVE_MKSTEMP)
+ 
+     // else we gotta make a temp file, copy the tag into it, copy the
+     // rest of the old file after the tag, delete the old file, rename
+@@ -270,7 +270,7 @@
+       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
+     }
+ 
+-    ofstream tmpOut(fd);
++    ofstream tmpOut(sTempFile);
+     if (!tmpOut)
+     {
+       tmpOut.close();
+@@ -285,14 +285,14 @@
+     uchar tmpBuffer[BUFSIZ];
+     while (file)
+     {
+-      file.read(tmpBuffer, BUFSIZ);
++      file.read((char *)tmpBuffer, BUFSIZ);
+       size_t nBytes = file.gcount();
+-      tmpOut.write(tmpBuffer, nBytes);
++      tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+ 
+     close(fd); //closes the file
+ 
+-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#endif ////!defined(HAVE_MKSTEMP)
+ 
+     tmpOut.close();
+     file.close();
+