[libid3tag] Updated to avoid crash bug

Already updated to 0.16.1, but this fixes a crash bug in 0.16.1. Signed-off-by: Christopher Snowhill <kode54@gmail.com>
2022-07-15 05:10:58 -07:00 · 2022-07-15 05:10:58 -07:00 · 97707e9b8f
parent 647c754311
commit 97707e9b8f
8 changed files with 28 additions and 136 deletions
--- a/ThirdParty/libid3tag/README.md
+++ b/ThirdParty/libid3tag/README.md
@ -1,21 +1,21 @@
 Built with the Arch Linux defaults, sort of:

 ```
-patch -Np1 -i 10_utf16.diff
-patch -Np1 -i 11_unknown_encoding.diff
-patch -Np0 -i CVE-2008-2109.patch
-patch -Np1 -i libid3tag-gperf.patch
-rm compat.c frametype.c
+patch -Np1 -i libid3tag-0.16.1.bugfix.patch

-touch NEWS
-touch AUTHORS
-touch ChangeLog
+cmake -B build.x86 -DCMAKE_OSX_ARCHITECTURES="x86_64" -DCMAKE_OSX_DEPLOYMENT_TARGET="10.13" -DBUILD_SHARED_LIBS=OFF
+cmake -B build.arm -DCMAKE_OSX_ARCHITECTURES="arm64" -DCMAKE_OSX_DEPLOYMENT_TARGET="11.0" -DBUILD_SHARED_LIBS=OFF

-autoreconf -fiv
-./configure
-make -j8 CFLAGS="-Os -arch x86_64 -arch arm64 -mmacosx-version-min=10.12" LDFLAGS="-arch x86_64 -arch arm64 -mmacosx-version-min=10.12"
+cd build.x86
+make -j8
+cd ..
+
+cd build.arm
+make -j8
+cd ..
+
+mkdir out.release
+lipo -create -output out.release/libid3tag.a build.x86/libid3tag.a build.arm/libid3tag.a
 ```

-Version 0.15.1b was used, with Arch Linux patches. I also had to tweak
-the compat.c and frametype.c to change the function definitions to match
-the gperf patch used above.
+Version 0.16.1 was used, with a patch to fix a crash bug on invalid tags.
--- a/ThirdParty/libid3tag/patches/10_utf16.diff
+++ b/ThirdParty/libid3tag/patches/10_utf16.diff
@ -1,48 +0,0 @@
-#! /bin/sh -e
-## 10_utf16.dpatch by  <kurt@roeckx.be>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Handle bogus UTF16 sequences that have a length that is not
-## DP: an even number of 8 bit characters.
-
-if [ $# -lt 1 ]; then
-    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
-    exit 1
-fi
-
-[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
-patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
-
-case "$1" in
-    -patch) patch -p1 ${patch_opts} < $0;;
-    -unpatch) patch -R -p1 ${patch_opts} < $0;;
-    *)
-        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
-        exit 1;;
-esac
-
-exit 0
-
-@DPATCH@
-diff -urNad libid3tag-0.15.1b/utf16.c /tmp/dpep.tKvO7a/libid3tag-0.15.1b/utf16.c
--- libid3tag-0.15.1b/utf16.c	2006-01-13 15:26:29.000000000 +0100
-+++ /tmp/dpep.tKvO7a/libid3tag-0.15.1b/utf16.c	2006-01-13 15:27:19.000000000 +0100
-@@ -282,5 +282,18 @@
- 
-   free(utf16);
- 
-+  if (end == *ptr && length % 2 != 0)
-+  {
-+     /* We were called with a bogus length.  It should always
-+      * be an even number.  We can deal with this in a few ways:
-+      * - Always give an error.
-+      * - Try and parse as much as we can and
-+      *   - return an error if we're called again when we
-+      *     already tried to parse everything we can.
-+      *   - tell that we parsed it, which is what we do here.
-+      */
-+     (*ptr)++;
-+  }
-+
-   return ucs4;
- }
--- a/ThirdParty/libid3tag/patches/11_unknown_encoding.diff
+++ b/ThirdParty/libid3tag/patches/11_unknown_encoding.diff
@ -1,37 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 11_unknown_encoding.dpatch by Andreas Henriksson <andreas@fatal.se>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: In case of an unknown/invalid encoding, id3_parse_string() will
-## DP: return NULL, but the return value wasn't checked resulting
-## DP: in segfault in id3_ucs4_length().  This is the only place
-## DP: the return value wasn't checked.
-
-@DPATCH@
-diff -urNad libid3tag-0.15.1b~/compat.gperf libid3tag-0.15.1b/compat.gperf
--- libid3tag-0.15.1b~/compat.gperf	2004-01-23 09:41:32.000000000 +0000
-+++ libid3tag-0.15.1b/compat.gperf	2007-01-14 14:36:53.000000000 +0000
-@@ -236,6 +236,10 @@
- 
-     encoding = id3_parse_uint(&data, 1);
-     string   = id3_parse_string(&data, end - data, encoding, 0);
-+    if (!string)
-+    {
-+	continue;
-+    }
- 
-     if (id3_ucs4_length(string) < 4) {
-       free(string);
-diff -urNad libid3tag-0.15.1b~/parse.c libid3tag-0.15.1b/parse.c
--- libid3tag-0.15.1b~/parse.c	2004-01-23 09:41:32.000000000 +0000
-+++ libid3tag-0.15.1b/parse.c	2007-01-14 14:37:34.000000000 +0000
-@@ -165,6 +165,9 @@
-   case ID3_FIELD_TEXTENCODING_UTF_8:
-     ucs4 = id3_utf8_deserialize(ptr, length);
-     break;
-+  default:
-+  	/* FIXME: Unknown encoding! Print warning? */
-+	return NULL;
-   }
- 
-   if (ucs4 && !full) {
--- a/ThirdParty/libid3tag/patches/CVE-2008-2109.patch
+++ b/ThirdParty/libid3tag/patches/CVE-2008-2109.patch
@ -1,11 +0,0 @@
--- field.c.orig	2008-05-05 09:49:15.000000000 -0400
-+++ field.c	2008-05-05 09:49:25.000000000 -0400
-@@ -291,7 +291,7 @@
- 
-       end = *ptr + length;
- 
-      while (end - *ptr > 0) {
-+      while (end - *ptr > 0 && **ptr != '\0') {
- 	ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0);
- 	if (ucs4 == 0)
- 	  goto fail;
--- a/ThirdParty/libid3tag/patches/libid3tag-0.16.1.bugfix.patch
+++ b/ThirdParty/libid3tag/patches/libid3tag-0.16.1.bugfix.patch
@ -0,0 +1,14 @@
+diff -ur libid3tag-0.16.1.orig/compat.c libid3tag-0.16.1/compat.c
+--- libid3tag-0.16.1.orig/compat.c	2021-08-15 13:52:07.000000000 -0700
+++ libid3tag-0.16.1/compat.c	2022-07-15 04:27:32.000000000 -0700
+@@ -439,6 +439,10 @@
+     encoding = id3_parse_uint(&data, 1);
+     string   = id3_parse_string(&data, end - data, encoding, 0);
+ 
+    if (string == 0) {
+      continue;
+    }
+
+     if (id3_ucs4_length(string) < 4) {
+       free(string);
+       continue;
--- a/ThirdParty/libid3tag/patches/libid3tag-gperf.patch
+++ b/ThirdParty/libid3tag/patches/libid3tag-gperf.patch
@ -1,26 +0,0 @@
-Index: libid3tag-0.15.1b/frametype.h
-===================================================================
--- libid3tag-0.15.1b.orig/frametype.h
-+++ libid3tag-0.15.1b/frametype.h
-@@ -37,6 +37,6 @@ extern struct id3_frametype const id3_fr
- extern struct id3_frametype const id3_frametype_obsolete;
- 
- struct id3_frametype const *id3_frametype_lookup(register char const *,
-						 register unsigned int);
-+						 register size_t);
- 
- # endif
-Index: libid3tag-0.15.1b/compat.h
-===================================================================
--- libid3tag-0.15.1b.orig/compat.h
-+++ libid3tag-0.15.1b/compat.h
-@@ -34,7 +34,7 @@ struct id3_compat {
- };
- 
- struct id3_compat const *id3_compat_lookup(register char const *,
-					   register unsigned int);
-+					   register size_t);
- 
- int id3_compat_fixup(struct id3_tag *);
- 
-
--- a/ThirdParty/libraries-debug-overlay.tar.xz
+++ b/ThirdParty/libraries-debug-overlay.tar.xz
--- a/ThirdParty/libraries.tar.xz
+++ b/ThirdParty/libraries.tar.xz