head 1.3; access; symbols pkgsrc-2015Q1:1.1.0.50 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.48 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.46 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.44 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.42 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.40 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.38 pkgsrc-2013Q3-base:1.1 pkgsrc-2013Q2:1.1.0.36 pkgsrc-2013Q2-base:1.1 pkgsrc-2013Q1:1.1.0.34 pkgsrc-2013Q1-base:1.1 pkgsrc-2012Q4:1.1.0.32 pkgsrc-2012Q4-base:1.1 pkgsrc-2012Q3:1.1.0.30 pkgsrc-2012Q3-base:1.1 pkgsrc-2012Q2:1.1.0.28 pkgsrc-2012Q2-base:1.1 pkgsrc-2012Q1:1.1.0.26 pkgsrc-2012Q1-base:1.1 pkgsrc-2011Q4:1.1.0.24 pkgsrc-2011Q4-base:1.1 pkgsrc-2011Q3:1.1.0.22 pkgsrc-2011Q3-base:1.1 pkgsrc-2011Q2:1.1.0.20 pkgsrc-2011Q2-base:1.1 pkgsrc-2011Q1:1.1.0.18 pkgsrc-2011Q1-base:1.1 pkgsrc-2010Q4:1.1.0.16 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.14 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.12 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.10 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.8 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.6 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.4 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.2 pkgsrc-2009Q1-base:1.1; locks; strict; comment @# @; 1.3 date 2015.04.21.03.22.58; author rodent; state dead; branches; next 1.2; commitid MYmCA0aNjWYJgpiy; 1.2 date 2015.04.20.13.38.23; author rodent; state Exp; branches; next 1.1; commitid KaaoUGCoaGiBGkiy; 1.1 date 2009.01.13.12.38.49; author drochner; state Exp; branches; next ; desc @@ 1.3 log @Fix MIDI support via portsmf. The patches we had were integrated in 1.3.5, (CVE-2007-6061) so they're no longer relevant. @ text @$NetBSD: patch-bc,v 1.2 2015/04/20 13:38:23 rodent Exp $ Bounds checking. --- lib-src/portsmf/allegrord.cpp.orig 2015-03-02 01:07:05.000000000 +0000 +++ lib-src/portsmf/allegrord.cpp @@@@ -169,9 +169,9 @@@@ bool Alg_reader::parse() Alg_parameters_ptr attributes = NULL; if (line_parser.peek() == '#') { // look for #track - line_parser.get_nonspace_quoted(field); + line_parser.get_nonspace_quoted(field, field_max); if (streql(field.c_str(), "#track")) { - line_parser.get_nonspace_quoted(field); // number + line_parser.get_nonspace_quoted(field, field_max - strlen(field)); // number field.insert(0, " "); // need char at beginning because // parse_int ignores the first character of the argument track_num = parse_int(field); @@@@ -204,7 +204,7 @@@@ bool Alg_reader::parse() parse_error(field, 0, "#offset specified twice"); } offset_found = true; - line_parser.get_nonspace_quoted(field); // number + line_parser.get_nonspace_quoted(field, field_max); // number field.insert(0, " "); // need char at beginning because // parse_real ignores first character in the argument offset = parse_real(field); @@@@ -212,7 +212,7 @@@@ bool Alg_reader::parse() } else { // we must have a track to insert into if (seq->tracks() == 0) seq->add_track(0); - line_parser.get_nonspace_quoted(field); + line_parser.get_nonspace_quoted(field, field_max - strlen(field)); char pk = line_parser.peek(); // attributes are parsed as two adjacent nonspace_quoted tokens // so we have to conditionally call get_nonspace_quoted() again @ 1.2 log @There are quite a lot of changes to this package. They are spread across eight (8) wiki pages here: http://wiki.audacityteam.org/wiki/Release_Notes. For pkgsrc changes, some patches were removed which were integrated upstream or don't exist in source anymore. PKG_OPTIONS framework was added to enable the user to built with gtk{2,3}, jack, alsa, NLS, ladspa, and debug options. gtk3, jack, and alsa options need work and aren't supported currently. This package uses a cc-by-v3.0-license which needs to be imported sometime too. Using portaudio-devel from pkgsrc is disabled, due to requiring the Pa_GetStreamHostApiType() function which is not present in our stable version. The in-tree portaudio is used instead. Nyquist support is not building as well at the moment along with the portsmf midi support. Package adds many additional dependencies like lv2, lilv, libogg, twolame, libsbsms, libsndfile, and more. Enjoy. @ text @d1 1 a1 1 $NetBSD: patch-bc,v 1.1 2009/01/13 12:38:49 drochner Exp $ @ 1.1 log @patch around SA33356: Audacity "String_parse::get_nonspace_quoted()" Buffer Overflow (homegrown patch, might be sufficient or not) bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ d3 18 a20 25 --- ./lib-src/allegro/allegrord.cpp.orig 2006-11-15 05:12:11.000000000 +0100 +++ ./lib-src/allegro/allegrord.cpp @@@@ -109,10 +109,10 @@@@ bool Allegro_reader::parse() bool new_note_flag = false; // "A"-"G" syntax int new_note = 0; Parameters_ptr attributes = NULL; - line_parser.get_nonspace_quoted(field); + line_parser.get_nonspace_quoted(field, field_max); char pk = line_parser.peek(); if (pk && !isspace(pk)) { - line_parser.get_nonspace_quoted(field + strlen(field)); + line_parser.get_nonspace_quoted(field + strlen(field), field_max - strlen(field)); } while (field[0]) { // print "field", "|";field;"|", "|";line_parser.string;"|", line_parser.pos @@@@ -203,10 +203,10 @@@@ bool Allegro_reader::parse() if (error_flag) { field[0] = 0; // exit the loop } else { - line_parser.get_nonspace_quoted(field); + line_parser.get_nonspace_quoted(field, field_max); pk = line_parser.peek(); if (pk && !isspace(pk)) { - line_parser.get_nonspace_quoted(field + strlen(field)); + line_parser.get_nonspace_quoted(field + strlen(field), field_max - strlen(field)); d22 15 a36 2 } } @