diff --git a/.libdmapsharing.metadata b/.libdmapsharing.metadata new file mode 100644 index 0000000..f78c3ba --- /dev/null +++ b/.libdmapsharing.metadata @@ -0,0 +1 @@ +7cdf9c83b829475c30c33b53282e74c58c699ec6 SOURCES/libdmapsharing-2.9.16.tar.gz diff --git a/README.md b/README.md deleted file mode 100644 index 0e7897f..0000000 --- a/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 - -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/0001-Use-strlen-instead-of-hard-coding-string-length.patch b/SOURCES/0001-Use-strlen-instead-of-hard-coding-string-length.patch new file mode 100644 index 0000000..9d1375c --- /dev/null +++ b/SOURCES/0001-Use-strlen-instead-of-hard-coding-string-length.patch @@ -0,0 +1,29 @@ +From 617164b22dbbe17490377c56f8a859541e9fcfdb Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Tue, 29 Oct 2013 11:34:20 +0100 +Subject: [PATCH 1/3] Use strlen() instead of hard-coding string length + +This avoids hard to detect bugs when we want a different string length, +and will be optimised by the compiler anyway. + +https://bugzilla.gnome.org/show_bug.cgi?id=711063 +--- + libdmapsharing/daap-share.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libdmapsharing/daap-share.c b/libdmapsharing/daap-share.c +index 6b719f5..66cdfe6 100644 +--- a/libdmapsharing/daap-share.c ++++ b/libdmapsharing/daap-share.c +@@ -922,7 +922,7 @@ databases_items_xxx (DMAPShare * share, + const gchar *s; + gchar *content_range; + +- s = range_header + 6; /* bytes= */ ++ s = range_header + strlen ("bytes="); /* bytes= */ + offset = atoll (s); + + content_range = +-- +1.8.3.1 + diff --git a/SOURCES/0002-Avoid-OOB-read-with-buggy-servers.patch b/SOURCES/0002-Avoid-OOB-read-with-buggy-servers.patch new file mode 100644 index 0000000..45c74c1 --- /dev/null +++ b/SOURCES/0002-Avoid-OOB-read-with-buggy-servers.patch @@ -0,0 +1,39 @@ +From 3e347fd3e8e7e20afc562268f27fd3c2b79f4d0e Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Tue, 29 Oct 2013 11:37:15 +0100 +Subject: [PATCH 2/3] Avoid OOB read with buggy servers + +If the server doesn't start the Content-Range field with "bytes=" +we would have an out-of-bounds read trying to parse the content +of that field. Fall back to a 0 offset when a parsing error occurs. + +See https://bugzilla.redhat.com/show_bug.cgi?id=1024020 + +https://bugzilla.gnome.org/show_bug.cgi?id=711063 +--- + libdmapsharing/daap-share.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/libdmapsharing/daap-share.c b/libdmapsharing/daap-share.c +index 66cdfe6..e182055 100644 +--- a/libdmapsharing/daap-share.c ++++ b/libdmapsharing/daap-share.c +@@ -922,8 +922,13 @@ databases_items_xxx (DMAPShare * share, + const gchar *s; + gchar *content_range; + +- s = range_header + strlen ("bytes="); /* bytes= */ +- offset = atoll (s); ++ if (!g_ascii_strncasecmp (range_header, "bytes=", strlen("bytes="))) { ++ /* Not starting with "bytes=" ? */ ++ offset = 0; ++ } else { ++ s = range_header + strlen ("bytes="); /* bytes= */ ++ offset = atoll (s); ++ } + + content_range = + g_strdup_printf ("bytes %" G_GUINT64_FORMAT "-%" +-- +1.8.3.1 + diff --git a/SOURCES/0003-Fix-clang-warning.patch b/SOURCES/0003-Fix-clang-warning.patch new file mode 100644 index 0000000..59afb74 --- /dev/null +++ b/SOURCES/0003-Fix-clang-warning.patch @@ -0,0 +1,36 @@ +From 28d26ba51dac6565a796a4e2c68ad28f89af398f Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Tue, 29 Oct 2013 11:42:31 +0100 +Subject: [PATCH 3/3] Fix clang warning + +dmap-md5.c:187:26: warning: 'memset' call operates on objects of type 'MD5_CTX' +while the size is based on a different + type 'MD5_CTX *' [-Wsizeof-pointer-memaccess] + memset (ctx, 0, sizeof (ctx)); /* In case it's sensitive */ + ~~~ ^~~ + +That should be "sizeof(*ctx)" instead. + +See https://bugzilla.redhat.com/show_bug.cgi?id=1023528 + +https://bugzilla.gnome.org/show_bug.cgi?id=711063 +--- + libdmapsharing/dmap-md5.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libdmapsharing/dmap-md5.c b/libdmapsharing/dmap-md5.c +index 4472472..c646d6c 100644 +--- a/libdmapsharing/dmap-md5.c ++++ b/libdmapsharing/dmap-md5.c +@@ -176,7 +176,7 @@ DMAP_MD5Final (DMAPHashContext * ctx, unsigned char digest[16]) + MD5Transform (ctx->buf, (guint32 *) ctx->in, ctx->version); + byteReverse ((unsigned char *) ctx->buf, 4); + memcpy (digest, ctx->buf, 16); +- memset (ctx, 0, sizeof (ctx)); /* In case it's sensitive */ ++ memset (ctx, 0, sizeof (*ctx)); /* In case it's sensitive */ + + return; + } +-- +1.8.3.1 + diff --git a/SPECS/libdmapsharing.spec b/SPECS/libdmapsharing.spec new file mode 100644 index 0000000..3ea6840 --- /dev/null +++ b/SPECS/libdmapsharing.spec @@ -0,0 +1,162 @@ +Name: libdmapsharing +Version: 2.9.16 +Release: 2%{?dist} +License: LGPLv2+ +Source: http://www.flyn.org/projects/libdmapsharing/%{name}-%{version}.tar.gz +URL: http://www.flyn.org/projects/libdmapsharing/ +Summary: A DMAP client and server library +Group: Development/Libraries +BuildRequires: pkgconfig, glib2-devel, libsoup-devel >= 2.32 +BuildRequires: avahi-glib-devel, gdk-pixbuf2-devel, gstreamer1-plugins-base-devel +BuildRequires: git + +Patch0: 0001-Use-strlen-instead-of-hard-coding-string-length.patch +Patch1: 0002-Avoid-OOB-read-with-buggy-servers.patch +Patch2: 0003-Fix-clang-warning.patch + +%description +libdmapsharing implements the DMAP protocols. This includes support for +DAAP and DPAP. + +%files +%{_libdir}/libdmapsharing-3.0.so.* +%doc AUTHORS COPYING ChangeLog NEWS README + + +%package devel +Summary: Files needed to develop applications using libdmapsharing +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +libdmapsharing implements the DMAP protocols. This includes support for +DAAP and DPAP. This package provides the libraries, include files, and +other resources needed for developing applications using libdmapsharing. + +%files devel +%{_libdir}/pkgconfig/libdmapsharing-3.0.pc +%{_includedir}/libdmapsharing-3.0/ +%{_libdir}/libdmapsharing-3.0.so +%{_datadir}/gtk-doc/html/libdmapsharing-3.0 + +%prep +%setup -q + +git init +if [ -z "$GIT_COMMITTER_NAME" ]; then + git config user.email "libdmapsharing-owner@fedoraproject.org" + git config user.name "Fedora libdmapsharing maintainers" +fi +git add . +git commit -a -q -m "%{version} baseline." + +git am -p1 %{patches} < /dev/null + +%build +%configure --disable-static +make %{?_smp_mflags} + +%install +make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" +rm -f ${RPM_BUILD_ROOT}%{_libdir}/libdmapsharing-3.0.la + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%changelog +* Wed Nov 06 2013 Bastien Nocera 2.9.16-2 +- Add upstream patches +Resolves: #1024020, #1023528 + +* Sun Apr 07 2013 Kalev Lember - 2.9.16-1 +- Update to 2.9.16 + +* Thu Feb 14 2013 Fedora Release Engineering - 2.9.14-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Jul 19 2012 Fedora Release Engineering - 2.9.14-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 2.9.14-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Dec 05 2011 W. Michael Petullo - 2.9.14-1 +- new upstream version +- Remove patch from previous release (upstreamed) + +* Tue Nov 08 2011 Adam Jackson 2.9.12-2 +- libdmapsharing-2.9.12-glib.patch: Fix FTBFS against new glib + +* Mon Aug 22 2011 Adam Williamson - 2.9.12-1 +- new upstream version + +* Mon Mar 21 2011 W. Michael Petullo - 2.9.6-1 +- New upstream version. + +* Mon Feb 07 2011 Fedora Release Engineering - 2.9.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Feb 07 2011 W. Michael Petullo - 2.9.5-1 +- New upstream version, fixes problem compiling without libgee. + +* Mon Feb 07 2011 W. Michael Petullo - 2.9.4-1 +- New upstream version (API 3 series). + +* Sun Dec 19 2010 W. Michael Petullo - 2.1.13-1 +- New upstream version. + +* Sun Nov 28 2010 W. Michael Petullo - 2.1.12-1 +- New upstream version. + +* Sun Oct 31 2010 W. Michael Petullo - 2.1.8-1 +- New upstream version. +- Update Source and URL. +- BuildRequire gdk-pixbuf2-devel for DACP. +- BuildRequire libsoup-devel >= 2.32 for DACP. +- BuildRequire gstreamer-plugins-base-devel >= for transcoding. + +* Fri Jun 04 2010 W. Michael Petullo - 1.9.0.21-1 +- New upstream version. + +* Fri May 28 2010 W. Michael Petullo - 1.9.0.18-1 +- New upstream version. + +* Fri Aug 28 2009 W. Michael Petullo - 1.9.0.13-1 +- New upstream version. + +* Thu Aug 27 2009 W. Michael Petullo - 1.9.0.12-1 +- New upstream version. + +* Sat Aug 15 2009 W. Michael Petullo - 1.9.0.11-1 +- New upstream version. +- Add gtk-doc documentation to devel package. + +* Wed Jul 29 2009 W. Michael Petullo - 1.9.0.10-1 +- New upstream version. + +* Fri Jul 24 2009 Fedora Release Engineering - 1.9.0.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Jul 23 2009 W. Michael Petullo - 1.9.0.9-1 +- New upstream version. + +* Tue Mar 10 2009 W. Michael Petullo - 1.9.0.4-1 +- New upstream version. + +* Fri Mar 06 2009 W. Michael Petullo - 1.9.0.3-1 +- New upstream version. +- Use "-p /sbin/ldconfig." +- Remove requires that are already known by RPM. +- libdmapsharing-devel package now requires pkgconfig. +- Remove irrelevant INSTALL documentation. + +* Sun Feb 22 2009 W. Michael Petullo - 1.9.0.1-3 +- Require libsoup >= 2.25.92, as this version supports SOUP_ENCODING_EOF +message encoding, required for HTTP 1.0 clients. + +* Sat Feb 07 2009 W. Michael Petullo - 1.9.0.1-2 +- Fix BuildRequires. + +* Sun Dec 28 2008 W. Michael Petullo - 1.9.0.1-1 +- Initial package