From a1a4788cf9fa5e422d392a11a1c3421e466cab56 Mon Sep 17 00:00:00 2001
From: Schrijvers Luc <begasus@gmail.com>
Date: Mon, 2 Dec 2024 12:53:24 +0100
Subject: [PATCH] mpg321, revbump, add patches to fix the build +
 CVE-2019-14247 (#11402)

---
 media-sound/mpg321/mpg321-0.3.2.recipe        |  7 +-
 .../patches/mpg321-0.3.2-CVE-2019-14247.patch | 20 +++++
 .../mpg321/patches/mpg321-0.3.2-gcc10.patch   | 83 +++++++++++++++++++
 3 files changed, 108 insertions(+), 2 deletions(-)
 create mode 100644 media-sound/mpg321/patches/mpg321-0.3.2-CVE-2019-14247.patch
 create mode 100644 media-sound/mpg321/patches/mpg321-0.3.2-gcc10.patch

diff --git a/media-sound/mpg321/mpg321-0.3.2.recipe b/media-sound/mpg321/mpg321-0.3.2.recipe
index 4d91388a9..279a9e823 100644
--- a/media-sound/mpg321/mpg321-0.3.2.recipe
+++ b/media-sound/mpg321/mpg321-0.3.2.recipe
@@ -6,11 +6,14 @@ HOMEPAGE="http://mpg321.sourceforge.net/"
 COPYRIGHT="2001 Joe Drew
 	2006-2012 Nanakos Chrysostomos"
 LICENSE="GNU GPL v2"
-REVISION="2"
+REVISION="3"
 SOURCE_URI="https://downloads.sourceforge.net/mpg321/mpg321_$portVersion.orig.tar.gz"
 CHECKSUM_SHA256="056fcc03e3f5c5021ec74bb5053d32c4a3b89b4086478dcf81adae650eac284e"
 SOURCE_DIR="mpg321-$portVersion-orig"
-PATCHES="mpg321-$portVersion.patchset"
+# added Gentoo patches
+PATCHES="mpg321-$portVersion.patchset
+	mpg321-0.3.2-gcc10.patch
+	mpg321-0.3.2-CVE-2019-14247.patch"
 
 ARCHITECTURES="all !x86_gcc2"
 SECONDARY_ARCHITECTURES="x86"
diff --git a/media-sound/mpg321/patches/mpg321-0.3.2-CVE-2019-14247.patch b/media-sound/mpg321/patches/mpg321-0.3.2-CVE-2019-14247.patch
new file mode 100644
index 000000000..ff8aea8f8
--- /dev/null
+++ b/media-sound/mpg321/patches/mpg321-0.3.2-CVE-2019-14247.patch
@@ -0,0 +1,20 @@
+Description: Handle illegal bitrate value
+Author: Chrysostomos Nanakos <cnanakos@debian.org>
+Bug-Debian: https://bugs.debian.org/870406
+Bug-Debian: https://bugs.debian.org/887057
+
+--- mpg321-0.3.2.orig/mad.c
++++ mpg321-0.3.2/mad.c
+@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len,
+ 
+     if (!is_vbr)
+     {
++	if (header.bitrate <= 0)                                                
++        {                                                                       
++            fprintf(stderr, "Illegal bit allocation value\n");                                                                              
++            return;                                                             
++        }    
++
+         double time = (len * 8.0) / (header.bitrate); /* time in seconds */
+         double timefrac = (double)time - ((long)(time));
+         long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */
diff --git a/media-sound/mpg321/patches/mpg321-0.3.2-gcc10.patch b/media-sound/mpg321/patches/mpg321-0.3.2-gcc10.patch
new file mode 100644
index 000000000..8966d9f7c
--- /dev/null
+++ b/media-sound/mpg321/patches/mpg321-0.3.2-gcc10.patch
@@ -0,0 +1,83 @@
+From f930c3b81bdf9c05152fb005562b3869f6e36f34 Mon Sep 17 00:00:00 2001
+From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
+Date: Thu, 4 Jun 2020 20:41:25 +0300
+Subject: [PATCH] Fix GCC10 compilation
+
+---
+ mpg321.c |  8 ++++++++
+ mpg321.h | 16 ++++++++--------
+ 2 files changed, 16 insertions(+), 8 deletions(-)
+
+diff --git a/mpg321.c b/mpg321.c
+index 19282bb..663882e 100644
+--- a/mpg321.c
++++ b/mpg321.c
+@@ -63,6 +63,14 @@
+ #include <pthread.h>
+ #include <semaphore.h>
+ 
++output_frame *Output_Queue;
++decoded_frames *Decoded_Frames;
++int semarray;
++int mad_decoder_position;
++int output_buffer_position;
++double real[FFT_BUFFER_SIZE];
++double imag[FFT_BUFFER_SIZE];
++int loop_remaining;
+ 
+ int pflag = 0;
+ int volume = 0;
+diff --git a/mpg321.h b/mpg321.h
+index 798bff0..235cf4a 100644
+--- a/mpg321.h
++++ b/mpg321.h
+@@ -116,7 +116,7 @@ extern char *playlist_file;
+ extern int quit_now;
+ extern char remote_input_buf[PATH_MAX + 5];
+ extern int file_change;
+-int loop_remaining;
++extern int loop_remaining;
+ 
+ extern int status;
+ extern int scrobbler_time;
+@@ -233,8 +233,8 @@ RETSIGTYPE handle_sigchld(int sig);
+ #define FFT_BUFFER_SIZE_LOG 9
+ #define FFT_BUFFER_SIZE (1 << FFT_BUFFER_SIZE_LOG) /* 512 */
+ /*Temporary data stores to perform FFT in */
+-double real[FFT_BUFFER_SIZE];
+-double imag[FFT_BUFFER_SIZE];
++extern double real[FFT_BUFFER_SIZE];
++extern double imag[FFT_BUFFER_SIZE];
+ 
+ typedef struct {
+ 	double real[FFT_BUFFER_SIZE];
+@@ -258,10 +258,10 @@ fft_state *fft_init(void);
+ /* Output buffer process */
+ void frame_buffer_p();
+ /* Semaphore array */
+-int semarray;
++extern int semarray;
+ /* Input/Output buffer position */
+-int mad_decoder_position;
+-int output_buffer_position;
++extern int mad_decoder_position;
++extern int output_buffer_position;
+ /* Output Frame including needed information */
+ typedef struct {
+ 	unsigned char data[4*1152];
+@@ -285,10 +285,10 @@ typedef struct {
+ } decoded_frames;
+ 
+ /* Output frame queue pointer */
+-output_frame *Output_Queue;
++extern output_frame *Output_Queue;
+ 
+ /* Shared total decoded frames */
+-decoded_frames *Decoded_Frames;
++extern decoded_frames *Decoded_Frames;
+ 
+ #if defined(__GNU_LIBRARY__) && !defined(_SEM_SEMUN_UNDEFINED)
+ /* */
+-- 
+2.26.2
+