From 68c34089fbf5794d3867f53a8dd88b40c589af07 Mon Sep 17 00:00:00 2001 From: Ørjan Malde Date: Mar 26 2021 15:34:48 +0000 Subject: groups/251.native_packages_lib.group: adds libmad v0.15.1b Signed-off-by: Lucio Andrés Illanes Albornoz --- diff --git a/groups/251.native_packages_lib.group b/groups/251.native_packages_lib.group index 83a6aa0..bc78c61 100644 --- a/groups/251.native_packages_lib.group +++ b/groups/251.native_packages_lib.group @@ -5,7 +5,7 @@ GROUP_TARGET="native_packages"; NATIVE_PACKAGES_PACKAGES="$(rtl_lconcat "${NATIVE_PACKAGES_PACKAGES}" " glib jansson lame libarchive libassuan libatomic_ops libdmtx libedit libeditline libelf libestr libevent libfastjson libfetch libffi libfirm libflac libgcrypt libgpg_error libidn2 libite -libjpeg_turbo libksba libmspack libmp3splt libnettle libogg libpcap libpipeline libpng libpsl +libjpeg_turbo libksba libmad libmspack libmp3splt libnettle libogg libpcap libpipeline libpng libpsl libreadline libredwg libressl libsasl2 libshine libsndfile libsolv libssh libstrophe libtasn1 libtelnet libtheora libtirpc libudns libunistring libuv libvorbis libxml2 libxslt libz libzip lzo sdl1 sdl1_net sdl1_image sdl1_ttf sdl2 sdl2_image sdl2_ttf wolfssl")"; @@ -113,6 +113,10 @@ libxslt libz libzip lzo sdl1 sdl1_net sdl1_image sdl1_ttf sdl2 sdl2_image sdl2_t : ${PKG_LIBKSBA_VERSION:=1.5.0}; : ${PKG_LIBKSBA_URL:=https://www.gnupg.org/ftp/gcrypt/libksba/libksba-${PKG_LIBKSBA_VERSION}.tar.bz2}; : ${PKG_LIBKSBA_CONFIGURE_ARGS_EXTRA:=--with-libgpg-error-prefix=${PREFIX_NATIVE}}; +: ${PKG_LIBMAD_SHA256SUM:=bbfac3ed6bfbc2823d3775ebb931087371e142bb0e9bb1bee51a76a6e0078690}; +: ${PKG_LIBMAD_VERSION:=0.15.1b}; +: ${PKG_LIBMAD_URL:=https://sources.voidlinux.org/libmad-${PKG_LIBMAD_VERSION}/libmad-${PKG_LIBMAD_VERSION}.tar.gz}; +: ${PKG_LIBMAD_CONFIGURE_ARGS_EXTRA:="--enable-fpm=64bit --enable-accuracy"}; : ${PKG_LIBMSPACK_SHA256SUM:=bac862dee6e0fc10d92c70212441d9f8ad9b0222edc9a708c3ead4adb1b24a8e}; : ${PKG_LIBMSPACK_VERSION:=0.10.1alpha}; : ${PKG_LIBMSPACK_URL:=https://www.cabextract.org.uk/libmspack/libmspack-${PKG_LIBMSPACK_VERSION}.tar.gz}; diff --git a/patches/libmad-0.15.1b_pre.local.patch b/patches/libmad-0.15.1b_pre.local.patch new file mode 100644 index 0000000..12ce2f7 --- /dev/null +++ b/patches/libmad-0.15.1b_pre.local.patch @@ -0,0 +1,88 @@ +diff -ru libmad-0.15.1b.orig/configure libmad-0.15.1b/configure +--- libmad-0.15.1b.orig/configure 2004-02-05 10:34:07.000000000 +0100 ++++ libmad-0.15.1b/configure 2021-03-26 16:20:59.999840447 +0100 +@@ -19064,7 +19064,7 @@ + shift + ;; + -O2) +- optimize="-O" ++ optimize="-O2" + shift + ;; + -fomit-frame-pointer) +@@ -19081,74 +19081,6 @@ + esac + done + +-if test "$GCC" = yes +-then +- if test -z "$arch" +- then +- case "$host" in +- i386-*) ;; +- i?86-*) arch="-march=i486" ;; +- arm*-empeg-*) arch="-march=armv4 -mtune=strongarm1100" ;; +- armv4*-*) arch="-march=armv4 -mtune=strongarm" ;; +- powerpc-*) ;; +- mips*-agenda-*) arch="-mcpu=vr4100" ;; +- mips*-luxsonor-*) arch="-mips1 -mcpu=r3000 -Wa,-m4010" ;; +- esac +- fi +- +- case "$optimize" in +- -O|"-O "*) +- optimize="-O" +- optimize="$optimize -fforce-mem" +- optimize="$optimize -fforce-addr" +- : #x optimize="$optimize -finline-functions" +- : #- optimize="$optimize -fstrength-reduce" +- optimize="$optimize -fthread-jumps" +- optimize="$optimize -fcse-follow-jumps" +- optimize="$optimize -fcse-skip-blocks" +- : #x optimize="$optimize -frerun-cse-after-loop" +- : #x optimize="$optimize -frerun-loop-opt" +- : #x optimize="$optimize -fgcse" +- optimize="$optimize -fexpensive-optimizations" +- optimize="$optimize -fregmove" +- : #* optimize="$optimize -fdelayed-branch" +- : #x optimize="$optimize -fschedule-insns" +- optimize="$optimize -fschedule-insns2" +- : #? optimize="$optimize -ffunction-sections" +- : #? optimize="$optimize -fcaller-saves" +- : #> optimize="$optimize -funroll-loops" +- : #> optimize="$optimize -funroll-all-loops" +- : #x optimize="$optimize -fmove-all-movables" +- : #x optimize="$optimize -freduce-all-givs" +- : #? optimize="$optimize -fstrict-aliasing" +- : #* optimize="$optimize -fstructure-noalias" +- +- case "$host" in +- arm*-*) +- optimize="$optimize -fstrength-reduce" +- ;; +- mips*-*) +- optimize="$optimize -fstrength-reduce" +- optimize="$optimize -finline-functions" +- ;; +- i?86-*) +- optimize="$optimize -fstrength-reduce" +- ;; +- powerpc-apple-*) +- # this triggers an internal compiler error with gcc2 +- : #optimize="$optimize -fstrength-reduce" +- +- # this is really only beneficial with gcc3 +- : #optimize="$optimize -finline-functions" +- ;; +- *) +- # this sometimes provokes bugs in gcc 2.95.2 +- : #optimize="$optimize -fstrength-reduce" +- ;; +- esac +- ;; +- esac +-fi + + case "$host" in + mips*-agenda-*) +Only in libmad-0.15.1b.orig/: libmad-0.15.1b diff --git a/patches/libmad/libmad-0.15.1b-CVE-2017-8372_CVE-2017-8373_CVE-2017-8374.patch b/patches/libmad/libmad-0.15.1b-CVE-2017-8372_CVE-2017-8373_CVE-2017-8374.patch new file mode 100644 index 0000000..9cc8913 --- /dev/null +++ b/patches/libmad/libmad-0.15.1b-CVE-2017-8372_CVE-2017-8373_CVE-2017-8374.patch @@ -0,0 +1,197 @@ +; You can calculate where the next frame will start depending on things +; like the bitrate. See mad_header_decode(). It seems that when decoding +; the frame you can go past that boundary. This attempts to catch those cases, +; but might not catch all of them. +; For more info see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 +Index: libmad-0.15.1b/layer12.c +=================================================================== +--- a/layer12.c 2008-12-23 21:38:07.000000000 +0100 ++++ b/layer12.c 2008-12-23 21:38:12.000000000 +0100 +@@ -134,6 +134,12 @@ + for (sb = 0; sb < bound; ++sb) { + for (ch = 0; ch < nch; ++ch) { + nb = mad_bit_read(&stream->ptr, 4); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + if (nb == 15) { + stream->error = MAD_ERROR_BADBITALLOC; +@@ -146,6 +152,12 @@ + + for (sb = bound; sb < 32; ++sb) { + nb = mad_bit_read(&stream->ptr, 4); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + if (nb == 15) { + stream->error = MAD_ERROR_BADBITALLOC; +@@ -162,6 +174,12 @@ + for (ch = 0; ch < nch; ++ch) { + if (allocation[ch][sb]) { + scalefactor[ch][sb] = mad_bit_read(&stream->ptr, 6); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + # if defined(OPT_STRICT) + /* +@@ -187,6 +205,12 @@ + frame->sbsample[ch][s][sb] = nb ? + mad_f_mul(I_sample(&stream->ptr, nb), + sf_table[scalefactor[ch][sb]]) : 0; ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + } + } + +@@ -195,6 +219,12 @@ + mad_fixed_t sample; + + sample = I_sample(&stream->ptr, nb); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + for (ch = 0; ch < nch; ++ch) { + frame->sbsample[ch][s][sb] = +@@ -403,7 +433,15 @@ + nbal = bitalloc_table[offsets[sb]].nbal; + + for (ch = 0; ch < nch; ++ch) ++ { + allocation[ch][sb] = mad_bit_read(&stream->ptr, nbal); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } ++ } + } + + for (sb = bound; sb < sblimit; ++sb) { +@@ -411,6 +449,13 @@ + + allocation[0][sb] = + allocation[1][sb] = mad_bit_read(&stream->ptr, nbal); ++ ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + } + + /* decode scalefactor selection info */ +@@ -419,6 +464,12 @@ + for (ch = 0; ch < nch; ++ch) { + if (allocation[ch][sb]) + scfsi[ch][sb] = mad_bit_read(&stream->ptr, 2); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + } + } + +@@ -442,6 +493,12 @@ + for (ch = 0; ch < nch; ++ch) { + if (allocation[ch][sb]) { + scalefactor[ch][sb][0] = mad_bit_read(&stream->ptr, 6); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + switch (scfsi[ch][sb]) { + case 2: +@@ -452,11 +509,23 @@ + + case 0: + scalefactor[ch][sb][1] = mad_bit_read(&stream->ptr, 6); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + /* fall through */ + + case 1: + case 3: + scalefactor[ch][sb][2] = mad_bit_read(&stream->ptr, 6); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + } + + if (scfsi[ch][sb] & 1) +@@ -488,6 +557,12 @@ + index = offset_table[bitalloc_table[offsets[sb]].offset][index - 1]; + + II_samples(&stream->ptr, &qc_table[index], samples); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + for (s = 0; s < 3; ++s) { + frame->sbsample[ch][3 * gr + s][sb] = +@@ -506,6 +581,12 @@ + index = offset_table[bitalloc_table[offsets[sb]].offset][index - 1]; + + II_samples(&stream->ptr, &qc_table[index], samples); ++ if (mad_bit_nextbyte(&stream->ptr) > stream->next_frame) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + for (ch = 0; ch < nch; ++ch) { + for (s = 0; s < 3; ++s) { +Index: libmad-0.15.1b/layer3.c +=================================================================== +--- a/layer3.c 2008-12-23 21:38:07.000000000 +0100 ++++ b/layer3.c 2008-12-23 21:38:12.000000000 +0100 +@@ -2608,6 +2608,12 @@ + next_md_begin = 0; + + md_len = si.main_data_begin + frame_space - next_md_begin; ++ if (md_len + MAD_BUFFER_GUARD > MAD_BUFFER_MDLEN) ++ { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + frame_used = 0; +