Bug#594008: Unescaped character in man page Package: fapg Version: 0.41-1 Severity: minor Tags: patch Hi! The '\' in the man page is unescaped. The attached patch should make it clear. Thanks. Kumar -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.36-rc1+ (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages fapg depends on: ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii liburiparser1 0.7.5-1 URI parsing library compliant with fapg recommends no packages. fapg suggests no packages. -- no debconf information -- In this playhouse of infinite forms I have had my play, and here have I caught sight of him that is formless. - Rabindranath Tagore (Gitanjali, 1912)
Security flaws in FAPG 0.41 and related patches Hello Antoine! As part of a security course at university our group has studied code of FAPG 0.38. With the help of Splint [1] we were able to find two security flaws that are still present in FAPG 0.41. I have attached a patch to this mail for each flaw. Would be cool if you could include these patches in the next FAPG release. Best regards, Sebastian [1] http://www.splint.org/ Signed-off-by: Antoine Jacquet <royale@zerezo.com>
increase buffer size for ID3 with images > Peter Cherriman wrote: >> Here's the bug report.... >> >> FAPG outputs the following message: >> >> Warning >> ID3 header is huge (217974 bytes) ! trying anyway : >> /media/SANSA CLIP/GPODDER/scc18_final_kunle_olukotun.mp3 >> >> It then doesn't output a #EXTINF line for the file. Antoine Jacquet wrote: > I think there is a hard limit in FAPG on the number of bytes I read in > the file to avoid performance issues, so I think the ID3 artist/title > tag is after the image in your particular file, and this is why FAPG > never reaches it. Thanks for your advice. I fixed it by increasing the size of the "MAX" read size in bytes slightly from 200*1024 to 250*1024. The problem file I had a header of 217974 bytes. Signed-off-by: Antoine Jacquet <royale@zerezo.com>
ignore "ALBUM ARTIST" Ogg tag Hi Antoine, I've found a bug in FAPG version 0.41. If an .ogg file has a tag "ALBUM ARTIST", the program will crash. The tag is detected and processed as a normal "ARTIST" tag, however with an incorrect (huge) length. This causes a buffer overflow in the strncpy to the artist buffer. I've created a patch which adds a check on the "ALBUM ARTIST" tag (only for .ogg) before the check on the "ARTIST" tag. I've tested it locally and it seems to do the job. Kind Regards, Patrick Smits Signed-off-by: Antoine Jacquet <royale@zerezo.com>
version 0.39 (by Sebastian Pipping) * XSPF support added * now using Autoconf/Automake
version 0.35 (by Andreas Neuper) * BUG fix: no more ampersand in RSS feeds are passed * BUG fix: no more spaces or non-printables in links of RSS feeds * BUG fix: potential access violations removed * speed up printing by using table assignment (since predictiv) * added hook to get additional info for RSS feeds (default is to use internal only) * remove multiple slashes like ./// and //// as well * clean with gnu compiler V3.3 (you might add but never remove 'unsigned'!) * RSS feed successfully tested with iPod/iTunes and German language
version 0.34 (by Andreas Neuper) * BUG fix: "unsigned char" (like in 0.31) to get complete output and avoid core dumps * BUG fix: disabled "skip" variable to use multiple args * added first attempt to generate RSS feeds (i.e. XML output) * allow plain file arguments (before: only directories) * raised defaults for inodes and file systems * adapt man page, etc
version 0.31 * a flag was added to avoid parsing twice the hardlinked files (patch by Andreas Neuper) * Makefile was improved to easily build packages