pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2004Q3]: pkgsrc/doc Pullup ticket 121 - requested by Quentin G...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/5d0a44dd9dcf
branches:  pkgsrc-2004Q3
changeset: 480713:5d0a44dd9dcf
user:      agc <agc%pkgsrc.org@localhost>
date:      Mon Oct 18 16:53:54 2004 +0000

description:
Pullup ticket 121 - requested by Quentin Garnier
security fix for sox

        Modified Files:
                pkgsrc/audio/sox: Makefile distinfo
        Added Files:
                pkgsrc/audio/sox/patches: patch-aa
        Removed Files:
                pkgsrc/audio/sox/patches: patch-ab

        Log Message:
        Update to version 12.17.6.  Note that this version fixes some
        buffer overflows in the WAV parser that could lead to arbitrary
        code execution.

        sox-12.17.6
        -----------
          o Changed comment code to always use copies of strings to
            fix bug in WAV handlering freeing argv[] memory.
          o Use calloc() to create ft_t structures so that all
            memory is initialized before being referenced.
          o Fixed VOC EOF bug were it thought there was an extra
            block when there wasn't.
          o Restructured directory layout so that source code is in
            a seperate directory.
          o Modified SoX to accept multiple input files.  Concatenates
            files together in this case.
          o Removed map effect so that loops and instr could be removed
            from effects structures.  This makes effects engine stand
            alone from the rest of the sox package.
          o Benedikt Zeyen found a bug in synth effect when generating
            brown noise that could cause clipping.
          o David Leverton sent another patch to prevent crashes on
            amd64's when resampling.
          o Fixed a bug were MP3 files with large ID3v2 tags could
            cause SoX to stick in a loop forever.  Now, it will
            abort on IDv3 tags larger then 100k.  Could still be
            improved to handle any size.
          o Changed volume option (-v) so that it tracks the file
            it was specified.  This means that when specified with
            the input file, it changes volume before effects engine
            and when specified with output file, its done after effects
            engine.
          o Added crossfade_cat.sh script that will concatenate to
            audio files and do a crossfade between them.
          o Fixed bug in fade effect were it was impossible to do a
            fadeout starting from the beginning of the audio file.
          o Removed rounding error when changing volume of audio with
            "-v" option.  This error caused doing a "-v -1.0" twice
            to not result in the original file.
          o Fixed a possible overflow in lots of effects were MIN
            value was treated as -MAX instead of -MAX-1.
          o Modifed sox so its OK for effects to not process any
            input or output bytes as long as they return ST_EOF.
          o When effects output data and reported ST_EOF at the
            same time, that buffer was discarded as well as
            data from any chained effect.
          o Added patch from Eric Benson that attempts to do a seek()
            if the first effect is trim.  This greatly speeds up
            processing large files.
          o Daniel Pouzzner implemented a multi-band compander (using
            the butterworth filters to split the audio into bands).
          o Donnie Smith updated the silence effect so that its possible
            to remove silence from the middle of a sound file by
            using a negative value for stop_periods.
          o Changed float routines to only work with normalized values
            from -1:1.
          o Modifed .au handler to be able to read and write 32-bit
            and 64-bit float data.  Only tested reading so far.
          o WAV with GSM data now always pads data to even number of bytes.
          o Added support for writing 32-bit audio to AIFF.

        sox-12.17.5
        -----------
          o Thomas Klausner sent in patches to compile audio drivers under
            NetBSD.
          o Rahul Powar pointed out a memory leak in the WAV file handler.
            It wasn't calling the correct close() function when closing
            input files.
          o Modified play.1 man page to not use multiple name lines.  This
            appears to confuse some conversion programs.  Updated sox.1
            man page for typo in reverb option.
          o Andrew Church fixed problem with header of stereo 8SVX files.
          o Jimen Ching added support to scan over garbage data at the
            beginning of MP3 files to find valid frames.  This is useful
            to play WAV and AIFF files that have MP3 data in them until
            those handlers support it directly.  To play those, force
            sox to use the mp3 handler with the "-t mp3" option.
          o Added patch from Ulf Harnhammar to wav handler to prevent
            buffer overflows.
          o Added patch from Redhat to allow resample to work on certain 64-bit
            machines (Sam Varshavchik)
          o Tony Seebregts added a file handler for headerless Dialogic/OKI ADPCM
            files (VOX files).
          o Jan Paul Schmidt added a repeat effect to do loops the brute force way.
            This is also good for file format that don't support loops as well.
          o Fix for OSS driver in rate tolerance calcs that were off because
            of type conversion problems.  Guenter Geiger.
          o Allow reading sphere files with headers greater then 256 bytes.  Jimen
            Ching.
          o Fix for vorbis were comments are displayed in KEY=value format always.
            Stop printing some info to stdout in case output is a pipe. Guenter
            Geiger.
          o J Robert Ray submitted fix for AIFF handler to ignore lowercase
            chunks that are unknown.
          o Bugfix for 8-bit voc files.  Jimen Ching
          o General warning cleanups (cbagwell)
          o Memory leaks in reading WAV files (Ufuk Kayserilioglu)
          o Rearrange link order of ogg vorbis libraries so that they
            can be compiled as static. (Christian Weisgerbr)

diffstat:

 audio/sox/Makefile         |   3 +--
 audio/sox/distinfo         |   8 ++++----
 audio/sox/patches/patch-aa |  23 +++++++++++++++++++++++
 audio/sox/patches/patch-ab |  26 --------------------------
 doc/CHANGES-pkgsrc-2004Q3  |   4 +++-
 5 files changed, 31 insertions(+), 33 deletions(-)

diffs (97 lines):

diff -r 039e9a6d8050 -r 5d0a44dd9dcf audio/sox/Makefile
--- a/audio/sox/Makefile        Thu Sep 30 14:08:35 2004 +0000
+++ b/audio/sox/Makefile        Mon Oct 18 16:53:54 2004 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.27 2004/03/12 02:23:15 snj Exp $
+# $NetBSD: Makefile,v 1.27.6.1 2004/10/18 16:53:54 agc Exp $
 
 DISTNAME=      sox-12.17.4
-PKGREVISION=   2
 CATEGORIES=    audio
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=sox/} \
                http://www.cnpbagwell.com/
diff -r 039e9a6d8050 -r 5d0a44dd9dcf audio/sox/distinfo
--- a/audio/sox/distinfo        Thu Sep 30 14:08:35 2004 +0000
+++ b/audio/sox/distinfo        Mon Oct 18 16:53:54 2004 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4 2003/03/25 09:14:06 wiz Exp $
+$NetBSD: distinfo,v 1.4.8.1 2004/10/18 16:53:54 agc Exp $
 
-SHA1 (sox-12.17.4.tar.gz) = d6fba1e40b20f73334917d4aaab113b6066283cd
-Size (sox-12.17.4.tar.gz) = 417497 bytes
-SHA1 (patch-ab) = 0632e13e99f358e1a54a2a1d64f39aacf11d4a0f
+SHA1 (sox-12.17.6.tar.gz) = d3e8548814daee5f2d6ace04afc2789ae6e74e58
+Size (sox-12.17.6.tar.gz) = 444125 bytes
+SHA1 (patch-aa) = 90a7d6da429853257d289d084e6485a3925eb849
diff -r 039e9a6d8050 -r 5d0a44dd9dcf audio/sox/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/audio/sox/patches/patch-aa        Mon Oct 18 16:53:54 2004 +0000
@@ -0,0 +1,23 @@
+$NetBSD: patch-aa,v 1.7.8.1 2004/10/18 16:53:54 agc Exp $
+
+--- Makefile.in.orig   2004-09-02 00:04:02.000000000 +0200
++++ Makefile.in
+@@ -18,6 +18,8 @@ includedir = @includedir@
+ 
+ INSTALL       = @INSTALL@
+ LN_S    = @LN_S@
++RM      = rm -f
++PLAY_SUPPORT = @PLAY_SUPPORT@
+ 
+ all: 
+       cd src && $(MAKE) $@
+@@ -27,6 +29,9 @@ man: $(srcdir)/sox.1 $(srcdir)/soxexam.1
+       nroff -man $(srcdir)/soxexam.1 | col -b > soxexam.txt
+       nroff -man $(srcdir)/libst.3 | col -b > libst.txt
+ 
++PLAY_INSTALL_0 =
++PLAY_INSTALL_1 = install-play
++
+ install: $(PLAY_INSTALL_$(PLAY_SUPPORT))
+       cd src && $(MAKE) $@
+       $(srcdir)/mkinstalldirs $(mandir)/man1
diff -r 039e9a6d8050 -r 5d0a44dd9dcf audio/sox/patches/patch-ab
--- a/audio/sox/patches/patch-ab        Thu Sep 30 14:08:35 2004 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,26 +0,0 @@
-$NetBSD: patch-ab,v 1.6 2002/07/12 19:30:51 mycroft Exp $
-
---- sunaudio.c.orig    Sat Dec  1 02:17:18 2001
-+++ sunaudio.c Fri Jul 12 19:18:31 2002
-@@ -31,7 +31,9 @@
- #ifdef HAVE_ERRNO_H
- #include <errno.h>
- #endif
-+#ifndef __NetBSD__
- #include <stropts.h>
-+#endif
- #include <malloc.h>
- #include <unistd.h>
- #include <stdlib.h>
-@@ -170,7 +172,11 @@
-         return(ST_EOF);
-     }
-     /* Flush any data in the buffers - its probably in the wrong format */
-+#ifdef __NetBSD__
-+    ioctl(fileno(ft->fp), AUDIO_FLUSH);
-+#else
-     ioctl(fileno(ft->fp), I_FLUSH, FLUSHR);
-+#endif
-     /* Change to non-buffered I/O*/
-     setvbuf(ft->fp, NULL, _IONBF, sizeof(char) * ft->file.size);
-     sigintreg(ft);      /* Prepare to catch SIGINT */
diff -r 039e9a6d8050 -r 5d0a44dd9dcf doc/CHANGES-pkgsrc-2004Q3
--- a/doc/CHANGES-pkgsrc-2004Q3 Thu Sep 30 14:08:35 2004 +0000
+++ b/doc/CHANGES-pkgsrc-2004Q3 Mon Oct 18 16:53:54 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.4 2004/09/30 14:08:35 agc Exp $
+$NetBSD: CHANGES-pkgsrc-2004Q3,v 1.1.2.5 2004/10/18 16:53:54 agc Exp $
 
 Changes to the packages collection and infrastructure on the
 pkgsrc-2004Q3 branch:
@@ -11,3 +11,5 @@
 fix bug in lftp
 Pullup ticket 116 - requested by Eric Gillespie
 security fix for subversion
+Pullup ticket 121 - requested by Quentin Garnier
+security fix for sox



Home | Main Index | Thread Index | Old Index