rpm/libcdio
SHA256
1
0
Fork 0
forked from pool/libcdio
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libcdio?expand=0&rev=2

Browse Source
This commit is contained in:
OBS User unknown 2008-02-01 21:44:34 +00:00 committed by Git OBS Bridge
parent 84b6afc695
commit d3a859f662
5 changed files with 178 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
libcdio-joliet-name-overflow.patch Normal file
View File

@ -0,0 +1,104 @@
--- src/cd-info.c 2007/06/16 20:12:16 1.149
+++ src/cd-info.c 2008/01/09 04:26:24 1.152 (reduced patch)
@@ -518,6 +518,8 @@
CdioList_t *p_dirlist = _cdio_list_new ();
CdioListNode_t *entnode;
uint8_t i_joliet_level;
+ char *translated_name = (char *) malloc(4096);
+ size_t translated_name_size = 4096;
i_joliet_level = (opts.no_joliet)
? 0
@@ -539,7 +541,15 @@
iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode);
char *psz_iso_name = p_statbuf->filename;
char _fullname[4096] = { 0, };
- char translated_name[MAX_ISONAME+1];
+ if (strlen(psz_iso_name) >= translated_name_size) {
+ translated_name_size = strlen(psz_iso_name)+1;
+ free(translated_name);
+ translated_name = (char *) malloc(translated_name_size);
+ if (!translated_name) {
+ report( stderr, "Error allocating memory\n" );
+ return;
+ }
+ }
if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) {
iso9660_name_translate_ext(psz_iso_name, translated_name,
@@ -564,6 +574,7 @@
p_statbuf->rr.i_symlink = 0;
}
}
+ free (translated_name);
_cdio_list_free (p_entlist, true);
--- src/iso-info.c 2006/03/17 19:36:54 1.35
+++ src/iso-info.c 2008/01/09 04:26:24 1.38 (reduced patch)
@@ -205,7 +205,8 @@
CdioList_t *dirlist = _cdio_list_new ();
CdioListNode_t *entnode;
uint8_t i_joliet_level = iso9660_ifs_get_joliet_level(p_iso);
-
+ char *translated_name = (char *) malloc(4096);
+ size_t translated_name_size = 4096;
entlist = iso9660_ifs_readdir (p_iso, psz_path);
if (opts.print_iso9660) {
@@ -224,7 +225,15 @@
iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode);
char *psz_iso_name = p_statbuf->filename;
char _fullname[4096] = { 0, };
- char translated_name[MAX_ISONAME+1];
+ if (strlen(psz_iso_name) >= translated_name_size) {
+ translated_name_size = strlen(psz_iso_name)+1;
+ free(translated_name);
+ translated_name = (char *) malloc(translated_name_size);
+ if (!translated_name) {
+ report( stderr, "Error allocating memory\n" );
+ return;
+ }
+ }
if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) {
iso9660_name_translate_ext(psz_iso_name, translated_name,
@@ -258,6 +267,7 @@
p_statbuf->rr.i_symlink = 0;
}
}
+ free (translated_name);
_cdio_list_free (entlist, true);
--- src/mmc-tool.c 2006/04/14 22:17:08 1.9
+++ src/mmc-tool.c 2008/01/09 04:26:24 1.10 (reduced patch)
@@ -261,7 +261,7 @@
}
static void
-print_mode_sense (unsigned int i_mmc_size, const uint8_t buf[22])
+print_mode_sense (unsigned int i_mmc_size, const uint8_t buf[30])
{
printf("Mode sense %d information\n", i_mmc_size);
if (buf[2] & 0x01) {
@@ -461,7 +461,7 @@
break;
case OP_MODE_SENSE_2A:
{
- uint8_t buf[22] = { 0, }; /* Place to hold returned data */
+ uint8_t buf[30] = { 0, }; /* Place to hold returned data */
if (p_op->arg.i_num == 10) {
rc = mmc_mode_sense_10(p_cdio, buf, sizeof(buf),
CDIO_MMC_CAPABILITIES_PAGE);
--- example/udf1.c 2005/11/02 03:42:49 1.17
+++ example/udf1.c 2008/01/09 04:27:16 1.18 (reduced patch)
@@ -127,7 +127,7 @@
printf("volume id: %s\n", vol_id);
if (0 < udf_get_volume_id(p_udf, volset_id, sizeof(volset_id)) ) {
- volset_id[UDF_VOLSET_ID_SIZE+1]='\0';
+ volset_id[UDF_VOLSET_ID_SIZE]='\0';
printf("volume set id: %s\n", volset_id);
}

5
libcdio-mini.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed Jan 9 17:52:24 CET 2008 - sbrabec@suse.cz
- Fixed buffer overflows for long Joliet names (#351127).
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Dec 5 14:52:36 CET 2007 - ro@suse.de Wed Dec 5 14:52:36 CET 2007 - ro@suse.de

60
libcdio-mini.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package libcdio-mini (Version 0.79) # spec file for package libcdio-mini (Version 0.79)
# #
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine # This file and all modifications and additions to the pristine
# package are under the same license as the package itself. # package are under the same license as the package itself.
# #
@ -23,7 +23,7 @@ BuildRequires: libcddb-devel libcdio-devel ncurses-devel vcdimager-devel
#BuildRequires: cdparanoia #BuildRequires: cdparanoia
%endif %endif
Version: 0.79 Version: 0.79
Release: 3 Release: 4
# WARNING: After changing versions please call Re or rpmbuild to auto-update spec file: # WARNING: After changing versions please call Re or rpmbuild to auto-update spec file:
%define libcdio_name 7 %define libcdio_name 7
%define libcdio_paranoia_name 0 %define libcdio_paranoia_name 0
@ -44,6 +44,7 @@ Provides: %{_name} = %{version}
%endif %endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Patch0: libcdio-gcc43.patch Patch0: libcdio-gcc43.patch
Patch1: libcdio-joliet-name-overflow.patch
%description %description
This library encapsulates CD-ROM reading and control. Applications This library encapsulates CD-ROM reading and control. Applications
@ -197,6 +198,7 @@ Authors:
%prep %prep
%setup -q -n %{_name}-%{version} %setup -q -n %{_name}-%{version}
%patch0 %patch0
%patch1
%build %build
%configure --disable-static --with-pic %configure --disable-static --with-pic
@ -295,12 +297,14 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/pkgconfig/*.pc %{_libdir}/pkgconfig/*.pc
%changelog %changelog
* Wed Dec 05 2007 - ro@suse.de * Wed Jan 09 2008 sbrabec@suse.cz
- Fixed buffer overflows for long Joliet names (#351127).
* Wed Dec 05 2007 ro@suse.de
- provide main package name in library package for debuginfo - provide main package name in library package for debuginfo
for mini package for mini package
* Fri Nov 16 2007 - sbrabec@suse.cz * Fri Nov 16 2007 sbrabec@suse.cz
- Removed unwanted NoSource preventing mirroring to Factory. - Removed unwanted NoSource preventing mirroring to Factory.
* Fri Nov 09 2007 - crrodriguez@suse.de * Fri Nov 09 2007 crrodriguez@suse.de
- fix build with gcc43 - fix build with gcc43
- update to version 0.79 - update to version 0.79
* libcdio cdparanoia doing the wrong thing on a single-sector read. Savannah patch #5999. * libcdio cdparanoia doing the wrong thing on a single-sector read. Savannah patch #5999.
@ -310,11 +314,11 @@ rm -rf $RPM_BUILD_ROOT
* more than 30 other bugfixes * more than 30 other bugfixes
- remove libtool archives with empty dependency_libs - remove libtool archives with empty dependency_libs
- exclude static libraries - exclude static libraries
* Tue Aug 07 2007 - sbrabec@suse.cz * Tue Aug 07 2007 sbrabec@suse.cz
- Fixed mini file list. - Fixed mini file list.
* Sun Aug 05 2007 - coolo@suse.de * Sun Aug 05 2007 coolo@suse.de
- adding versioned provides for upgrade - adding versioned provides for upgrade
* Fri Jul 20 2007 - sbrabec@suse.cz * Fri Jul 20 2007 sbrabec@suse.cz
- Updated to version 0.78.2: - Updated to version 0.78.2:
* Fixed bug in libcdio.so version numbering. * Fixed bug in libcdio.so version numbering.
* Added mmc-tool and mmc-close-tray. * Added mmc-tool and mmc-close-tray.
@ -326,9 +330,9 @@ rm -rf $RPM_BUILD_ROOT
- Split package according to shared library packaging policy. - Split package according to shared library packaging policy.
- Added script to convert libcdio.spec to libcdio-mini.spec and - Added script to convert libcdio.spec to libcdio-mini.spec and
update library package names. update library package names.
* Mon Mar 12 2007 - sbrabec@suse.cz * Mon Mar 12 2007 sbrabec@suse.cz
- Fixed NoSrc and Provides of temporary package. - Fixed NoSrc and Provides of temporary package.
* Fri Oct 06 2006 - sbrabec@suse.cz * Fri Oct 06 2006 sbrabec@suse.cz
- Updated to version 0.77: - Updated to version 0.77:
* Added object-oriented C++ wrapper. * Added object-oriented C++ wrapper.
* Replaced libpopt with getopt in binaries. * Replaced libpopt with getopt in binaries.
@ -346,43 +350,43 @@ rm -rf $RPM_BUILD_ROOT
* Revised and improved example programs. * Revised and improved example programs.
* Replaced all uses of strcat and strcpy with strncat and * Replaced all uses of strcat and strcpy with strncat and
strncpy. strncpy.
* Mon Jul 03 2006 - max@suse.de * Mon Jul 03 2006 max@suse.de
- Added gcc-c++ to neededforbuild. - Added gcc-c++ to neededforbuild.
* Fri Jun 30 2006 - sbrabec@suse.cz * Fri Jun 30 2006 sbrabec@suse.cz
- Fixed cyclic dependencies in a correct way. - Fixed cyclic dependencies in a correct way.
* Tue Jun 27 2006 - sbrabec@suse.cz * Tue Jun 27 2006 sbrabec@suse.cz
- Use NoSource in libcdio-mini. - Use NoSource in libcdio-mini.
* Thu Jun 22 2006 - sbrabec@suse.cz * Thu Jun 22 2006 sbrabec@suse.cz
- Simpler solution of cyclic dependencies. - Simpler solution of cyclic dependencies.
* Tue Jan 31 2006 - sbrabec@suse.cz * Tue Jan 31 2006 sbrabec@suse.cz
- Do not link with invalid rpath. - Do not link with invalid rpath.
- Enabled parallel build. - Enabled parallel build.
- Fixed devel splitting. - Fixed devel splitting.
* Thu Jan 26 2006 - sbrabec@suse.cz * Thu Jan 26 2006 sbrabec@suse.cz
- Added %%install_info_prereq. - Added %%install_info_prereq.
* Wed Jan 25 2006 - mls@suse.de * Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires - converted neededforbuild to BuildRequires
* Tue Nov 08 2005 - sbrabec@suse.cz * Tue Nov 08 2005 sbrabec@suse.cz
- Fixed libiso9660.la circular dependency prevention trick. - Fixed libiso9660.la circular dependency prevention trick.
* Wed Oct 26 2005 - sbrabec@suse.cz * Wed Oct 26 2005 sbrabec@suse.cz
- Updated to version 0.76. - Updated to version 0.76.
- Build as user. - Build as user.
* Fri Aug 05 2005 - sbrabec@suse.cz * Fri Aug 05 2005 sbrabec@suse.cz
- Build with libcddb-1.2.1. - Build with libcddb-1.2.1.
* Fri Jul 29 2005 - sbrabec@suse.cz * Fri Jul 29 2005 sbrabec@suse.cz
- Updated to version 0.75. - Updated to version 0.75.
* Mon May 09 2005 - sbrabec@suse.cz * Mon May 09 2005 sbrabec@suse.cz
- Build with libcddb-1.0.2. - Build with libcddb-1.0.2.
* Tue Apr 26 2005 - sbrabec@suse.cz * Tue Apr 26 2005 sbrabec@suse.cz
- Updated to version 0.73. - Updated to version 0.73.
* Fri Apr 01 2005 - meissner@suse.de * Fri Apr 01 2005 meissner@suse.de
- fixed gcc4 compile problem. - fixed gcc4 compile problem.
* Thu Feb 03 2005 - sbrabec@suse.cz * Thu Feb 03 2005 sbrabec@suse.cz
- Updated to version 0.72. - Updated to version 0.72.
* Mon Jan 31 2005 - sbrabec@suse.cz * Mon Jan 31 2005 sbrabec@suse.cz
- Updated to version 0.72rc2. - Updated to version 0.72rc2.
* Mon Jan 24 2005 - sbrabec@suse.cz * Mon Jan 24 2005 sbrabec@suse.cz
- Updated to version 0.71. - Updated to version 0.71.
* Tue Nov 09 2004 - sbrabec@suse.cz * Tue Nov 09 2004 sbrabec@suse.cz
- New SuSE package, version 0.70. - New SuSE package, version 0.70.
- Work-around of circular dependency on libcddb and vcdimager. - Work-around of circular dependency on libcddb and vcdimager.

5
libcdio.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed Jan 9 17:52:24 CET 2008 - sbrabec@suse.cz
- Fixed buffer overflows for long Joliet names (#351127).
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Dec 5 14:52:36 CET 2007 - ro@suse.de Wed Dec 5 14:52:36 CET 2007 - ro@suse.de

60
libcdio.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package libcdio (Version 0.79) # spec file for package libcdio (Version 0.79)
# #
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine # This file and all modifications and additions to the pristine
# package are under the same license as the package itself. # package are under the same license as the package itself.
# #
@ -23,7 +23,7 @@ BuildRequires: libcddb-devel libcdio-devel ncurses-devel vcdimager-devel
#BuildRequires: cdparanoia #BuildRequires: cdparanoia
%endif %endif
Version: 0.79 Version: 0.79
Release: 3 Release: 4
# WARNING: After changing versions please call Re or rpmbuild to auto-update spec file: # WARNING: After changing versions please call Re or rpmbuild to auto-update spec file:
%define libcdio_name 7 %define libcdio_name 7
%define libcdio_paranoia_name 0 %define libcdio_paranoia_name 0
@ -44,6 +44,7 @@ Provides: %{_name} = %{version}
%endif %endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Patch0: libcdio-gcc43.patch Patch0: libcdio-gcc43.patch
Patch1: libcdio-joliet-name-overflow.patch
%description %description
This library encapsulates CD-ROM reading and control. Applications This library encapsulates CD-ROM reading and control. Applications
@ -196,6 +197,7 @@ Authors:
%prep %prep
%setup -q -n %{_name}-%{version} %setup -q -n %{_name}-%{version}
%patch0 %patch0
%patch1
%build %build
%configure --disable-static --with-pic %configure --disable-static --with-pic
@ -294,12 +296,14 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/pkgconfig/*.pc %{_libdir}/pkgconfig/*.pc
%changelog %changelog
* Wed Dec 05 2007 - ro@suse.de * Wed Jan 09 2008 sbrabec@suse.cz
- Fixed buffer overflows for long Joliet names (#351127).
* Wed Dec 05 2007 ro@suse.de
- provide main package name in library package for debuginfo - provide main package name in library package for debuginfo
for mini package for mini package
* Fri Nov 16 2007 - sbrabec@suse.cz * Fri Nov 16 2007 sbrabec@suse.cz
- Removed unwanted NoSource preventing mirroring to Factory. - Removed unwanted NoSource preventing mirroring to Factory.
* Fri Nov 09 2007 - crrodriguez@suse.de * Fri Nov 09 2007 crrodriguez@suse.de
- fix build with gcc43 - fix build with gcc43
- update to version 0.79 - update to version 0.79
* libcdio cdparanoia doing the wrong thing on a single-sector read. Savannah patch #5999. * libcdio cdparanoia doing the wrong thing on a single-sector read. Savannah patch #5999.
@ -309,11 +313,11 @@ rm -rf $RPM_BUILD_ROOT
* more than 30 other bugfixes * more than 30 other bugfixes
- remove libtool archives with empty dependency_libs - remove libtool archives with empty dependency_libs
- exclude static libraries - exclude static libraries
* Tue Aug 07 2007 - sbrabec@suse.cz * Tue Aug 07 2007 sbrabec@suse.cz
- Fixed mini file list. - Fixed mini file list.
* Sun Aug 05 2007 - coolo@suse.de * Sun Aug 05 2007 coolo@suse.de
- adding versioned provides for upgrade - adding versioned provides for upgrade
* Fri Jul 20 2007 - sbrabec@suse.cz * Fri Jul 20 2007 sbrabec@suse.cz
- Updated to version 0.78.2: - Updated to version 0.78.2:
* Fixed bug in libcdio.so version numbering. * Fixed bug in libcdio.so version numbering.
* Added mmc-tool and mmc-close-tray. * Added mmc-tool and mmc-close-tray.
@ -325,9 +329,9 @@ rm -rf $RPM_BUILD_ROOT
- Split package according to shared library packaging policy. - Split package according to shared library packaging policy.
- Added script to convert libcdio.spec to libcdio-mini.spec and - Added script to convert libcdio.spec to libcdio-mini.spec and
update library package names. update library package names.
* Mon Mar 12 2007 - sbrabec@suse.cz * Mon Mar 12 2007 sbrabec@suse.cz
- Fixed NoSrc and Provides of temporary package. - Fixed NoSrc and Provides of temporary package.
* Fri Oct 06 2006 - sbrabec@suse.cz * Fri Oct 06 2006 sbrabec@suse.cz
- Updated to version 0.77: - Updated to version 0.77:
* Added object-oriented C++ wrapper. * Added object-oriented C++ wrapper.
* Replaced libpopt with getopt in binaries. * Replaced libpopt with getopt in binaries.
@ -345,43 +349,43 @@ rm -rf $RPM_BUILD_ROOT
* Revised and improved example programs. * Revised and improved example programs.
* Replaced all uses of strcat and strcpy with strncat and * Replaced all uses of strcat and strcpy with strncat and
strncpy. strncpy.
* Mon Jul 03 2006 - max@suse.de * Mon Jul 03 2006 max@suse.de
- Added gcc-c++ to neededforbuild. - Added gcc-c++ to neededforbuild.
* Fri Jun 30 2006 - sbrabec@suse.cz * Fri Jun 30 2006 sbrabec@suse.cz
- Fixed cyclic dependencies in a correct way. - Fixed cyclic dependencies in a correct way.
* Tue Jun 27 2006 - sbrabec@suse.cz * Tue Jun 27 2006 sbrabec@suse.cz
- Use NoSource in libcdio-mini. - Use NoSource in libcdio-mini.
* Thu Jun 22 2006 - sbrabec@suse.cz * Thu Jun 22 2006 sbrabec@suse.cz
- Simpler solution of cyclic dependencies. - Simpler solution of cyclic dependencies.
* Tue Jan 31 2006 - sbrabec@suse.cz * Tue Jan 31 2006 sbrabec@suse.cz
- Do not link with invalid rpath. - Do not link with invalid rpath.
- Enabled parallel build. - Enabled parallel build.
- Fixed devel splitting. - Fixed devel splitting.
* Thu Jan 26 2006 - sbrabec@suse.cz * Thu Jan 26 2006 sbrabec@suse.cz
- Added %%install_info_prereq. - Added %%install_info_prereq.
* Wed Jan 25 2006 - mls@suse.de * Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires - converted neededforbuild to BuildRequires
* Tue Nov 08 2005 - sbrabec@suse.cz * Tue Nov 08 2005 sbrabec@suse.cz
- Fixed libiso9660.la circular dependency prevention trick. - Fixed libiso9660.la circular dependency prevention trick.
* Wed Oct 26 2005 - sbrabec@suse.cz * Wed Oct 26 2005 sbrabec@suse.cz
- Updated to version 0.76. - Updated to version 0.76.
- Build as user. - Build as user.
* Fri Aug 05 2005 - sbrabec@suse.cz * Fri Aug 05 2005 sbrabec@suse.cz
- Build with libcddb-1.2.1. - Build with libcddb-1.2.1.
* Fri Jul 29 2005 - sbrabec@suse.cz * Fri Jul 29 2005 sbrabec@suse.cz
- Updated to version 0.75. - Updated to version 0.75.
* Mon May 09 2005 - sbrabec@suse.cz * Mon May 09 2005 sbrabec@suse.cz
- Build with libcddb-1.0.2. - Build with libcddb-1.0.2.
* Tue Apr 26 2005 - sbrabec@suse.cz * Tue Apr 26 2005 sbrabec@suse.cz
- Updated to version 0.73. - Updated to version 0.73.
* Fri Apr 01 2005 - meissner@suse.de * Fri Apr 01 2005 meissner@suse.de
- fixed gcc4 compile problem. - fixed gcc4 compile problem.
* Thu Feb 03 2005 - sbrabec@suse.cz * Thu Feb 03 2005 sbrabec@suse.cz
- Updated to version 0.72. - Updated to version 0.72.
* Mon Jan 31 2005 - sbrabec@suse.cz * Mon Jan 31 2005 sbrabec@suse.cz
- Updated to version 0.72rc2. - Updated to version 0.72rc2.
* Mon Jan 24 2005 - sbrabec@suse.cz * Mon Jan 24 2005 sbrabec@suse.cz
- Updated to version 0.71. - Updated to version 0.71.
* Tue Nov 09 2004 - sbrabec@suse.cz * Tue Nov 09 2004 sbrabec@suse.cz
- New SuSE package, version 0.70. - New SuSE package, version 0.70.
- Work-around of circular dependency on libcddb and vcdimager. - Work-around of circular dependency on libcddb and vcdimager.