From 021fbc13dbc7d59300da1a43eb067f4cc0f9e46c Mon Sep 17 00:00:00 2001
From: Silvan Calarco <silvan.calarco@mambasoft.it>
Date: Sat, 6 Jan 2024 05:04:12 +0100
Subject: [PATCH] update to 0.4.9 [release 0.4.9-1mamba;Fri May 07 2021]

---
 libming-0.4.4-perl-5.16.patch |  43 ---------
 libming-0.4.9-multilib.patch  |  12 +++
 libming-0.4.9-perl-5.16.patch |  24 +++++
 libming-0.4.9-pr145.patch     | 175 ++++++++++++++++++++++++++++++++++
 libming-0.4.9-version.patch   |  12 +++
 libming.spec                  |  91 ++++++++++--------
 6 files changed, 275 insertions(+), 82 deletions(-)
 delete mode 100644 libming-0.4.4-perl-5.16.patch
 create mode 100644 libming-0.4.9-multilib.patch
 create mode 100644 libming-0.4.9-perl-5.16.patch
 create mode 100644 libming-0.4.9-pr145.patch
 create mode 100644 libming-0.4.9-version.patch

diff --git a/libming-0.4.4-perl-5.16.patch b/libming-0.4.4-perl-5.16.patch
deleted file mode 100644
index e34eb0f..0000000
--- a/libming-0.4.4-perl-5.16.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From a0ea1cc47330a3ab316713d720892b6272401890 Mon Sep 17 00:00:00 2001
-From: Niko Tyni <ntyni@debian.org>
-Date: Sun, 10 Jul 2011 21:46:09 +0300
-Subject: [PATCH] GvCV() isn't an lvalue since Perl 5.13.10
-
-GvCV() can't be assigned to anymore with recent perls, so use the new
-GvCV_set() macro when available or implement it the old way if it isn't.
----
- perl_ext/Exports.c  |    2 +-
- perl_ext/perl_swf.h |    4 ++++
- 2 files changed, 5 insertions(+), 1 deletions(-)
-
-diff --git a/perl_ext/Exports.c b/perl_ext/Exports.c
-index 65f8912..5529728 100644
---- a/perl_ext/Exports.c
-+++ b/perl_ext/Exports.c
-@@ -190,7 +190,7 @@ void export_cv(SV *class, SV *caller, char *sub)
-             SvPVX(caller), sub, SvPVX(class), sub); 
- #endif 
-     gv = gv_fetchpv(form("%s::%s",SvPVX( caller), sub), TRUE, SVt_PVCV); 
--    GvCV(gv) = perl_get_cv(form("%s::%s", SvPVX(class), sub), TRUE); 
-+    GvCV_set(gv, perl_get_cv(form("%s::%s", SvPVX(class), sub), TRUE)); 
-     GvIMPORTED_CV_on(gv); 
-     GvMULTI_on(gv);
- } 
-diff --git a/perl_ext/perl_swf.h b/perl_ext/perl_swf.h
-index b960229..1a3656e 100644
---- a/perl_ext/perl_swf.h
-+++ b/perl_ext/perl_swf.h
-@@ -58,6 +58,10 @@ typedef SWFFontCollection  SWF__FontCollection;
- #define aTHXo_
- #endif
- 
-+#ifndef GvCV_set
-+# define GvCV_set(G, C) (GvCV(G) = (C))
-+#endif
-+
- #ifndef S_DEBUG
- #define swf_debug 0   /* Should we get this from, say, $SWF::debug? */
- #define S_DEBUG(level,code)  if (swf_debug >= level) { code; }
--- 
-1.7.5.4
-
diff --git a/libming-0.4.9-multilib.patch b/libming-0.4.9-multilib.patch
new file mode 100644
index 0000000..ccd7d44
--- /dev/null
+++ b/libming-0.4.9-multilib.patch
@@ -0,0 +1,12 @@
+diff -up ming-0.4.5/util/ming-config.in.multilib ming-0.4.5/util/ming-config.in
+--- ming-0.4.5/util/ming-config.in.multilib	2010-10-10 09:19:23.000000000 +0200
++++ ming-0.4.5/util/ming-config.in	2014-05-27 19:01:32.183275535 +0200
+@@ -33,7 +33,7 @@ while test $# -gt 0; do
+ 		echo -I@includedir@
+ 		;;
+ 	    --libs)
+-		echo -L@libdir@ @ZLIB@ @MATHLIB@ @GIFLIB@ @PNGLIB@ -lming
++		echo @ZLIB@ @MATHLIB@ @GIFLIB@ @PNGLIB@ $(pkg-config --libs libming)
+ 		;;
+ 	    --bindir)
+ 		echo @bindir@
diff --git a/libming-0.4.9-perl-5.16.patch b/libming-0.4.9-perl-5.16.patch
new file mode 100644
index 0000000..ff3a78e
--- /dev/null
+++ b/libming-0.4.9-perl-5.16.patch
@@ -0,0 +1,24 @@
+diff -up ming-0.4.5/perl_ext/Makefile.am.p ming-0.4.5/perl_ext/Makefile.am
+--- ming-0.4.5/perl_ext/Makefile.am.p	2010-10-10 09:19:23.000000000 +0200
++++ ming-0.4.5/perl_ext/Makefile.am	2014-05-28 22:45:29.283815352 +0200
+@@ -38,7 +38,7 @@ install: Makefile.perl
+ 	$(MAKE) -f Makefile.perl install PREFIX=$(prefix)
+ 
+ Makefile.perl: Makefile.PL
+-	srcdir=$(srcdir) builddir=$(abs_builddir) $(PERL) $< PREFIX=$(prefix) FIRST_MAKEFILE=Makefile.perl
++	srcdir=$(srcdir) builddir=$(abs_builddir) $(PERL) $< PREFIX=$(prefix) FIRST_MAKEFILE=Makefile.perl INSTALLDIRS=vendor
+ 
+ clean-local: Makefile.perl
+ 	$(MAKE) -f Makefile.perl realclean
+diff -up ming-0.4.5/perl_ext/Makefile.PL.p ming-0.4.5/perl_ext/Makefile.PL
+--- ming-0.4.5/perl_ext/Makefile.PL.p	2013-06-08 16:56:17.000000000 +0200
++++ ming-0.4.5/perl_ext/Makefile.PL	2014-05-28 22:44:46.830226503 +0200
+@@ -163,7 +163,7 @@ sub MY::install {
+ 
+ sub ming_is_compiled
+ {
+-	my $libming = $MING_TOP_BUILDDIR."/src/.libs/libming.a";
++	my $libming = $MING_TOP_BUILDDIR."/src/.libs/libming.so";
+ 
+ 	if ( -e $libming )
+ 	{
diff --git a/libming-0.4.9-pr145.patch b/libming-0.4.9-pr145.patch
new file mode 100644
index 0000000..e3deea4
--- /dev/null
+++ b/libming-0.4.9-pr145.patch
@@ -0,0 +1,175 @@
+diff --git a/NEWS b/NEWS
+index 129d55fe..7eb256ca 100644
+--- a/NEWS
++++ b/NEWS
+@@ -43,6 +43,11 @@
+     with empty acts (NULL act->p.String). Perform deep copy in pushdup,
+     instead of shallow copy (issue #121).
+   * Fix heap-buffer-overflow in getString (CVE-2018-7867, issue #116).
++  * Fix null pointer dereference in getInt (CVE-2018-9132, issue #133).
++  * Fix heap-use-after-free in decompileJUMP (CVE-2018-9009, issue #131).
++  * Fix memory exhaustion in parseSWF_ACTIONRECORD (CVE-2018-7876, #109).
++  * Fix heap-buffer-overflow in function getString (CVE-2018-7873, #111).
++  * Fix null pointer dereference in newVar3 (CVE-2018-7866, #118).
+ 
+ 0.4.8 - 2017-04-07
+ 
+diff --git a/util/decompile.c b/util/decompile.c
+index e9341356..cf1a372d 100644
+--- a/util/decompile.c
++++ b/util/decompile.c
+@@ -358,9 +358,19 @@ getString(struct SWF_ACTIONPUSHPARAM *act)
+ 		return t;
+ 	}
+ 	case PUSH_INT: /* INTEGER */
+-		t=malloc(10); /* 32-bit decimal */
+-		sprintf(t,"%ld", act->p.Integer );
++	{
++		char length_finder[1];
++		int needed_length = snprintf(length_finder, 1, "%ld", act->p.Integer) + 1;
++		if (needed_length <= 0)
++		{
++		        SWF_warn("WARNING: could not evaluate size of buffer (memory issue ?).\n");
++		        break;
++		}
++
++		t = malloc(needed_length);
++		sprintf(t, "%ld", act->p.Integer );
+ 		return t;
++	}
+ 	case PUSH_CONSTANT: /* CONSTANT8 */
+ 		if (act->p.Constant8 > poolcounter)
+ 		{
+@@ -387,7 +397,14 @@ getString(struct SWF_ACTIONPUSHPARAM *act)
+ 	case 12:
+ 	case 11: /* INCREMENTED or DECREMENTED VARIABLE */
+ 	case PUSH_VARIABLE: /* VARIABLE */
+-		return act->p.String;
++		if (!act->p.String)
++		{
++		        SWF_warn("WARNING: Call to getString with PUSH_VARIABLE defining NULL string.\n");
++		        break;
++		}
++		t=malloc(strlen(act->p.String)+1); /* NULL character */
++		strcpy(t,act->p.String);
++		return t;
+ 	default: 
+ 		fprintf (stderr,"  Can't get string for type: %d\n", act->Type);
+ 		break;
+@@ -481,7 +498,15 @@ getInt(struct SWF_ACTIONPUSHPARAM *act)
+ 	case PUSH_NULL: /* NULL */
+ 		return 0;
+ 	case PUSH_REGISTER: /* REGISTER */
+-		return getInt(regs[act->p.RegisterNumber]);
++		if (regs[act->p.RegisterNumber])
++		{
++			return getInt(regs[act->p.RegisterNumber]);
++		}
++		else
++		{
++			SWF_warn("WARNING: retrieving undefined register values.\n");
++			break;
++		}
+ 	case PUSH_DOUBLE: /* DOUBLE */
+ 		return (int)act->p.Double;
+ 	case PUSH_INT: /* INTEGER */
+@@ -939,6 +964,24 @@ decompileGETURL2 (SWF_ACTION *act)
+ 	return 0;
+ }
+ 
++static inline int Offset(SWF_ACTION *actions, int n, int maxn)
++{
++	if(!n || n >= maxn)
++	{
++#if DEBUG
++		SWF_warn("Offset: want %i, max %i\n", n, maxn);
++#endif
++		return -999;
++	} else if (n < 1) {
++
++#if DEBUG
++		SWF_warn("Offset: want %i < 1\n", n);
++#endif
++		return -998;
++	}
++	return actions[n].SWF_ACTIONRECORD.Offset;
++}
++
+ static inline int OpCode(SWF_ACTION *actions, int n, int maxn)
+ {
+ 	if(!n || n >= maxn)
+@@ -1929,7 +1972,7 @@ decompileJUMP(int n, SWF_ACTION *actions, int maxn)
+ 			{
+ 				sactif = (struct SWF_ACTIONIF *)&(actions[n+i+j]);
+ 				/* chk whether last jump does lead us back to start of loop */
+-				if (sactif->Actions[sactif->numActions-1].SWF_ACTIONRECORD.ActionCode==SWFACTION_JUMP
++				if (OpCode(sactif->Actions, sactif->numActions-1, maxn) == SWFACTION_JUMP
+ 				    && sactif->Actions[sactif->numActions-1].SWF_ACTIONJUMP.BranchOffset+
+ 				    sactif->Actions[sactif->numActions-1].SWF_ACTIONJUMP.Offset==
+ 				    actions[n].SWF_ACTIONRECORD.Offset )
+@@ -2101,7 +2144,7 @@ decompile_SWITCH(int n, SWF_ACTION *actions, int maxn, int off1end)
+ 	int offSave;
+ 	for (i=0; i<n_firstactions; i++) // seek last op in 1st if
+ 	{
+-		if (actions[i+1].SWF_ACTIONRECORD.Offset==off1end)
++		if (Offset(actions, i+1, maxn) == off1end)
+ 		{
+ 			// println("found #off end first= %d",i+1);
+ 			if (OpCode(actions, i, maxn) == SWFACTION_JUMP)
+@@ -2334,7 +2377,7 @@ decompileIF(int n, SWF_ACTION *actions, int maxn)
+ 	 * that points to a JUMP above the IF statement.
+ 	 */
+ 	if(n && isLogicalOp(n-1, actions, maxn) &&
+-	   (sact->Actions[sact->numActions-1].SWF_ACTIONRECORD.ActionCode == SWFACTION_JUMP) &&
++	   (OpCode(sact->Actions, sact->numActions-1, maxn) == SWFACTION_JUMP) &&
+ 	   ( (sact->Actions[sact->numActions-1].SWF_ACTIONJUMP.Offset +
+ 	      sact->Actions[sact->numActions-1].SWF_ACTIONJUMP.BranchOffset) < actions[n].SWF_ACTIONRECORD.Offset) &&
+ 	      isLogicalOp(sact->numActions-2, sact->Actions, maxn) ) 
+@@ -2424,7 +2467,7 @@ decompileIF(int n, SWF_ACTION *actions, int maxn)
+ 	 */
+ 	
+ 	if( isLogicalOp(n-1, actions, maxn) &&
+-	    ( (sact->Actions[sact->numActions-1].SWF_ACTIONRECORD.ActionCode == SWFACTION_JUMP) &&
++	    ((OpCode(sact->Actions, sact->numActions-1, maxn) == SWFACTION_JUMP) &&
+ 	       sact->Actions[sact->numActions-1].SWF_ACTIONJUMP.BranchOffset < 0) ) 
+ 	{
+ 		if(0)	    dumpRegs();
+@@ -2460,7 +2503,7 @@ decompileIF(int n, SWF_ACTION *actions, int maxn)
+ 	}
+ 	{ // WTF ???
+ #define SOME_IF_DEBUG 0	/* coders only */
+-		int has_else_or_break= ((sact->Actions[sact->numActions-1].SWF_ACTIONRECORD.ActionCode == SWFACTION_JUMP) &&
++		int has_else_or_break= ((OpCode(sact->Actions, sact->numActions-1, maxn) == SWFACTION_JUMP) &&
+ 			(sact->Actions[sact->numActions-1].SWF_ACTIONJUMP.BranchOffset > 0 )) ? 1:0;
+ 		int has_lognot=(OpCode(actions, n-1, maxn) == SWFACTION_LOGICALNOT) ? 1:0;
+ 		int else_action_cnt=0,is_logor=0,is_logand=0,sbi,sbe;
+@@ -3154,7 +3197,7 @@ decompileSETTARGET(int n, SWF_ACTION *actions, int maxn, int is_type2)
+ 	{
+ 		INDENT
+ 		println("tellTarget('%s') {" ,name);
+-		while(action_cnt+n<maxn)
++		for (; action_cnt+n < maxn-1; action_cnt++)
+ 		{
+ 			if (OpCode(actions, n+1+action_cnt, maxn)==SWFACTION_SETTARGET
+ 			    || OpCode(actions, n+1+action_cnt, maxn)==SWFACTION_SETTARGET2
+@@ -3164,7 +3207,6 @@ decompileSETTARGET(int n, SWF_ACTION *actions, int maxn, int is_type2)
+ 			{
+ 				break;
+ 			}
+-			action_cnt++;
+ 		}
+ 		decompileActions(action_cnt,&actions[n+1],gIndent+1);
+ 		INDENT
+diff --git a/util/swftypes.h b/util/swftypes.h
+index fe80eb2c..9648c628 100644
+--- a/util/swftypes.h
++++ b/util/swftypes.h
+@@ -363,7 +363,7 @@ struct SWF_ACTIONDEFINEFUNCTION {
+ 	UI16	Length;
+ 	UI32	Offset;
+ 	STRING	FunctionName;
+-	WORD	NumParams;
++	UI16    NumParams;
+ 	STRING	*Params;
+ 	WORD	CodeSize;
+ 	int	numActions;
diff --git a/libming-0.4.9-version.patch b/libming-0.4.9-version.patch
new file mode 100644
index 0000000..97df624
--- /dev/null
+++ b/libming-0.4.9-version.patch
@@ -0,0 +1,12 @@
+diff -up libming-50098023446a5412efcfbd40552821a8cba983a6/configure.ac.ver libming-50098023446a5412efcfbd40552821a8cba983a6/configure.ac
+--- libming-50098023446a5412efcfbd40552821a8cba983a6/configure.ac.ver	2019-02-25 09:54:55.616748926 +0100
++++ libming-50098023446a5412efcfbd40552821a8cba983a6/configure.ac	2019-02-25 09:59:25.012116890 +0100
+@@ -4,7 +4,7 @@ dnl --
+ AC_INIT(ming, 0.4.9)
+ MAJOR_VERSION=0
+ MINOR_VERSION=4
+-MICRO_VERSION=9-dev
++MICRO_VERSION=9
+ 
+ MING_VERSION=${MAJOR_VERSION}.${MINOR_VERSION}.${MICRO_VERSION}
+ 
diff --git a/libming.spec b/libming.spec
index 6dd859d..96522f5 100644
--- a/libming.spec
+++ b/libming.spec
@@ -1,29 +1,35 @@
 %define        perl_major_ver       %(eval `perl -V:version`; echo ${version%*.[0-9]*}.0)
-%define        with_python_binding  1
-
+%define        with_python_binding  0
+%define commit 50098023446a5412efcfbd40552821a8cba983a6
 Name:          libming
-Version:       0.4.4
+Version:       0.4.9
 Release:       1mamba
 Summary:       Ming is a library for generating Macromedia Flash files (.swf)
 Group:         System/Libraries
 Vendor:        openmamba
 Distribution:  openmamba
-Packager:      Stefano Cotta Ramusino <stefano.cotta@qilinux.it>
+Packager:      Silvan Calarco <silvan.calarco@mambasoft.it>
 URL:           http://ming.sourceforge.net/
-Source:        http://downloads.sourceforge.net/sourceforge/ming/ming-%{version}.tar.bz2
+Source:        https://github.com/libming/libming.git/master@%{commit}/libming-%{version}.tar.bz2
 Patch0:        %{name}-0.4.2-php_install.patch
-Patch1:        libming-0.4.4-perl-5.16.patch
+Patch1:        libming-0.4.9-perl-5.16.patch
 Patch2:        libming-0.4.4-libtcl-0.8.5.patch
-#Source1:       http://downloads.sourceforge.net/sourceforge/ming/ming-perl-%{version}-beta5.tar.gz
-#Source2:       http://downloads.sourceforge.net/sourceforge/ming/ming-py-%{version}-beta5.tar.gz
+Patch3:        libming-0.4.9-multilib.patch
+Patch5:        libming-0.4.9-pr145.patch
+Patch6:        libming-0.4.9-version.patch
 License:       LGPL
 ## AUTOBUILDREQ-BEGIN
 BuildRequires: glibc-devel
+BuildRequires: libbrotli-devel
 BuildRequires: libbzip2-devel
 BuildRequires: libfreetype-devel
+BuildRequires: libgif-devel
+BuildRequires: libglib-devel
+BuildRequires: libgraphite2-devel
+BuildRequires: libharfbuzz-devel
+BuildRequires: libpcre-devel
+BuildRequires: libperl
 BuildRequires: libpng-devel
-BuildRequires: libpython-devel
-BuildRequires: libungif-devel
 BuildRequires: libz-devel
 BuildRequires: perl-devel
 ## AUTOBUILDREQ-END
@@ -31,8 +37,6 @@ BuildRequires: perl-devel >= %{perl_major_ver}
 %if "%{stage1}" != "1"
 BuildRequires: php-devel
 %endif
-BuildRequires: python >= 2.4
-BuildRoot:     %{_tmppath}/%{name}-%{version}-root
 
 %description
 Ming is a C library for generating SWF ("Flash") format movies, plus a set of wrappers for using the library from C++ and popular scripting languages like PHP, Perl, Python, and Ruby.
@@ -68,7 +72,7 @@ Summary:       Perl bindings for Ming
 Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}
 Requires:      perl >= %{perl_major_ver}
 Provides:      ming-perl
-Obsoletes:     ming-perl
+Obsoletes:     ming-perl < 0.4.9
 
 %description -n perl-ming
 Ming is a C library for generating SWF ("Flash") format movies, plus a set of wrappers for using the library from C++ and popular scripting languages like PHP, Perl, Python, and Ruby.
@@ -107,25 +111,33 @@ Obsoletes:     ming-python
 
 %description -n python-ming
 Ming is a C library for generating SWF ("Flash") format movies, plus a set of wrappers for using the library from C++ and popular scripting languages like PHP, Perl, Python, and Ruby.
-
 This package contains Python bindings for Ming.
 %endif
 
+%debug_package
+
 %prep
-%setup -q -n ming-%{version}
-#%patch0 -p1
+%setup -q
 %patch1 -p1
-%patch2 -p1
+%patch3 -p1
+%patch5 -p1
+%patch6 -p1
+
+sed -i "s|lungif|lgif|" perl_ext/Makefile.*
+
+./autogen.sh
 
 %build
 %configure \
-  --enable-python \
+  --disable-silent-rules \
+  --disable-static \
+  --enable-cpp \
   --enable-perl \
-%if "%{stage1}" != "1"
-  --enable-php \
-%endif
-  --enable-tcl \
-  PYTHON=%{__python}
+  --disable-php \
+  --disable-python \
+  --disable-tcl \
+  PYTHON=%{__python3} \
+  CFLAGS="%{optflags} -fcommon"
 
 %make -j1
 
@@ -175,22 +187,20 @@ done
 [ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
 rm -f .packlist
 
-%post   -p /sbin/ldconfig
+%post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
 
 %files
 %defattr(-,root,root)
-%{_libdir}/*.so.*
-#%{_mandir}/man1/*
+%{_libdir}/libming.so.*
 %doc LICENSE
 
 %files devel
 %defattr(-,root,root)
 %{_bindir}/ming-config
 %{_includedir}/*.h
-%{_libdir}/*.a
-%{_libdir}/*.la
-%{_libdir}/*.so
+%{_libdir}/libming.la
+%{_libdir}/libming.so
 %{_libdir}/pkgconfig/libming.pc
 #%{_mandir}/man3/*.3.gz
 %doc NEWS README TODO
@@ -236,19 +246,22 @@ rm -f .packlist
 %doc py_ext/{README,TODO}
 %endif
 
-%if "%{stage1}" != "1"
-%files -n php-ming
-%defattr(-,root,root)
-%{_libdir}/php/extensions/ming.so
-%endif
+#%if "%{stage1}" != "1"
+#%files -n php-ming
+#%defattr(-,root,root)
+#%{_libdir}/php/extensions/ming.so
+#%endif
 
-%files -n ming-tcl
-%defattr(-,root,root)
-%{_libdir}/ming/tcl/mingc.a
-%{_libdir}/ming/tcl/mingc.la
-%{_libdir}/ming/tcl/mingc.so
+#%files -n ming-tcl
+#%defattr(-,root,root)
+#%{_libdir}/ming/tcl/mingc.a
+#%{_libdir}/ming/tcl/mingc.la
+#%{_libdir}/ming/tcl/mingc.so
 
 %changelog
+* Fri May 07 2021 Silvan Calarco <silvan.calarco@mambasoft.it> 0.4.9-1mamba
+- update to 0.4.9
+
 * Wed Dec 12 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 0.4.4-1mamba
 - update to 0.4.4