Date: Friday, November 28, 2014 @ 02:53:36 Author: eric Revision: 227161
archrelease: copy trunk to extra-i686, extra-x86_64 Added: flac/repos/extra-i686/PKGBUILD (from rev 227160, flac/trunk/PKGBUILD) flac/repos/extra-x86_64/PKGBUILD (from rev 227160, flac/trunk/PKGBUILD) Deleted: flac/repos/extra-i686/PKGBUILD flac/repos/extra-i686/flac-CVE-2014-8962.patch flac/repos/extra-i686/flac-CVE-2014-9028.patch flac/repos/extra-i686/flac-divby0.patch flac/repos/extra-i686/flac-realloc.patch flac/repos/extra-x86_64/PKGBUILD flac/repos/extra-x86_64/flac-CVE-2014-8962.patch flac/repos/extra-x86_64/flac-CVE-2014-9028.patch flac/repos/extra-x86_64/flac-divby0.patch flac/repos/extra-x86_64/flac-realloc.patch ---------------------------------------+ /PKGBUILD | 90 ++++++++++++++++++++++++++++++++ extra-i686/PKGBUILD | 58 -------------------- extra-i686/flac-CVE-2014-8962.patch | 40 -------------- extra-i686/flac-CVE-2014-9028.patch | 34 ------------ extra-i686/flac-divby0.patch | 47 ---------------- extra-i686/flac-realloc.patch | 15 ----- extra-x86_64/PKGBUILD | 58 -------------------- extra-x86_64/flac-CVE-2014-8962.patch | 40 -------------- extra-x86_64/flac-CVE-2014-9028.patch | 34 ------------ extra-x86_64/flac-divby0.patch | 47 ---------------- extra-x86_64/flac-realloc.patch | 15 ----- 11 files changed, 90 insertions(+), 388 deletions(-) Deleted: extra-i686/PKGBUILD =================================================================== --- extra-i686/PKGBUILD 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-i686/PKGBUILD 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,58 +0,0 @@ -# $Id$ -# Maintainer: Eric Bélanger <e...@archlinux.org> - -pkgbase=flac -pkgname=('flac' 'flac-doc') -pkgver=1.3.0 -pkgrel=5 -arch=('i686' 'x86_64') -url="http://flac.sourceforge.net/" -license=('BSD' 'GPL') -depends=('gcc-libs' 'libogg') -makedepends=('nasm' 'doxygen') -options=('!makeflags') -source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz - flac-realloc.patch flac-divby0.patch flac-CVE-2014-8962.patch flac-CVE-2014-9028.patch) -sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b' - '22bf08219c289d747f399e351c701d0f195d3ce0' - 'ceecf0603895267eda112c1cf85e3096e3d3acde' - 'f78547bc7a085a47273ad85c3ec86a2960739944' - '18f7a66fc0faf857e3c82b462619acf5b5a19af4') - -prepare() { - cd ${pkgbase}-${pkgver} - patch -p1 -i "${srcdir}/flac-realloc.patch" - patch -p1 -i "${srcdir}/flac-divby0.patch" - patch -p1 -i "${srcdir}/flac-CVE-2014-8962.patch" - patch -p1 -i "${srcdir}/flac-CVE-2014-9028.patch" -} - -build() { - cd ${pkgbase}-${pkgver} - ./configure --prefix=/usr --disable-sse - make -} - -check() { - cd ${pkgbase}-${pkgver} - make check -} - -package_flac() { - pkgdesc="Free Lossless Audio Codec" - options=('!docs') - - cd ${pkgbase}-${pkgver} - make DESTDIR="${pkgdir}" install - install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} - -package_flac-doc() { - pkgdesc="Developer documentation for the Free Lossless Audio Codec" - depends=('flac') - - cd ${pkgbase}-${pkgver} - make DESTDIR="${pkgdir}" -C doc install - sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag" - install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} Copied: flac/repos/extra-i686/PKGBUILD (from rev 227160, flac/trunk/PKGBUILD) =================================================================== --- extra-i686/PKGBUILD (rev 0) +++ extra-i686/PKGBUILD 2014-11-28 01:53:36 UTC (rev 227161) @@ -0,0 +1,45 @@ +# $Id$ +# Maintainer: Eric Bélanger <e...@archlinux.org> + +pkgbase=flac +pkgname=('flac' 'flac-doc') +pkgver=1.3.1 +pkgrel=1 +arch=('i686' 'x86_64') +url="http://flac.sourceforge.net/" +license=('BSD' 'GPL') +depends=('gcc-libs' 'libogg') +makedepends=('nasm' 'doxygen') +options=('!makeflags') +source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz) +sha1sums=('38e17439d11be26207e4af0ff50973815694b26f') + +build() { + cd ${pkgbase}-${pkgver} + ./configure --prefix=/usr --disable-sse + make +} + +check() { + cd ${pkgbase}-${pkgver} + make check +} + +package_flac() { + pkgdesc="Free Lossless Audio Codec" + options=('!docs') + + cd ${pkgbase}-${pkgver} + make DESTDIR="${pkgdir}" install + install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} + +package_flac-doc() { + pkgdesc="Developer documentation for the Free Lossless Audio Codec" + depends=('flac') + + cd ${pkgbase}-${pkgver} + make DESTDIR="${pkgdir}" -C doc install + sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag" + install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} Deleted: extra-i686/flac-CVE-2014-8962.patch =================================================================== --- extra-i686/flac-CVE-2014-8962.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-i686/flac-CVE-2014-8962.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,40 +0,0 @@ -From 5b3033a2b355068c11fe637e14ac742d273f076e Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Tue, 18 Nov 2014 07:20:25 -0800 -Subject: [PATCH] src/libFLAC/stream_decoder.c : Fix buffer read overflow. - -This is CVE-2014-8962. - -Reported-by: Michele Spagnuolo, - Google Security Team <mikis...@google.com> ---- - src/libFLAC/stream_decoder.c | 6 +++++- - 1 files changed, 5 insertions(+), 1 deletions(-) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index cb66fe2..88a656d 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC = - * - ***********************************************************************/ - --static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; -+static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; - - /*********************************************************************** - * -@@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder) - id = 0; - continue; - } -+ -+ if(id >= 3) -+ return false; -+ - if(x == ID3V2_TAG_[id]) { - id++; - i = 0; --- -1.7.2.5 - Deleted: extra-i686/flac-CVE-2014-9028.patch =================================================================== --- extra-i686/flac-CVE-2014-9028.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-i686/flac-CVE-2014-9028.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,34 +0,0 @@ -From fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Wed, 19 Nov 2014 19:35:59 -0800 -Subject: [PATCH] src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow. - -A file provided by the reporters caused the stream decoder to write to -un-allocated heap space resulting in a segfault. The solution is to -error out (by returning false from read_residual_partitioned_rice_()) -instead of trying to continue to decode. - -Fixes: CVE-2014-9028 -Reported-by: Michele Spagnuolo, - Google Security Team <mikis...@google.com> ---- - src/libFLAC/stream_decoder.c | 3 ++- - 1 files changed, 2 insertions(+), 1 deletions(-) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index 88a656d..54e84d4 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -2736,7 +2736,8 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne - if(decoder->private_->frame.header.blocksize < predictor_order) { - send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC); - decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC; -- return true; -+ /* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */ -+ return false; - } - } - else { --- -1.7.2.5 - Deleted: extra-i686/flac-divby0.patch =================================================================== --- extra-i686/flac-divby0.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-i686/flac-divby0.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,47 +0,0 @@ -From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Tue, 8 Jul 2014 18:25:11 +1000 -Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0. - -Previous version of get_console_width() may return 0 which will result in -a division by 0 in stats_print_name(): - - console_width = get_console_width(); - len = strlen_console(name)+2; - console_chars_left = console_width - (len % console_width); - -Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613 -Patch-from: lvqcl <lvqcl.m...@gmail.com> ---- - src/flac/utils.c | 7 +++++-- - 1 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/flac/utils.c b/src/flac/utils.c -index 557477e..52b2c43 100644 ---- a/src/flac/utils.c -+++ b/src/flac/utils.c -@@ -176,7 +176,7 @@ static int console_chars_left; - - int get_console_width(void) - { -- int width = 80; -+ int width = 0; - #if defined _WIN32 - width = win_get_console_width(); - #elif defined __EMX__ -@@ -185,8 +185,11 @@ int get_console_width(void) - width = s[0]; - #elif defined GWINSZ_IN_SYS_IOCTL - struct winsize w; -- if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) width = w.ws_col; -+ if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) -+ width = w.ws_col; - #endif -+ if (width <= 0) -+ width = 80; - return width; - } - --- -1.7.2.5 - Deleted: extra-i686/flac-realloc.patch =================================================================== --- extra-i686/flac-realloc.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-i686/flac-realloc.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,15 +0,0 @@ -X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff - -diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c -index 097537b..8a31daa 100644 ---- a/src/metaflac/utils.c -+++ b/src/metaflac/utils.c -@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source) - *dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1); - if(0 == *dest) - die("out of memory growing string"); -- safe_strncpy((*dest)+ndest, source, ndest + nsource + 1); -+ safe_strncpy((*dest)+ndest, source, nsource + 1); - } - - static inline int local_isprint(int c) Deleted: extra-x86_64/PKGBUILD =================================================================== --- extra-x86_64/PKGBUILD 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-x86_64/PKGBUILD 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,58 +0,0 @@ -# $Id$ -# Maintainer: Eric Bélanger <e...@archlinux.org> - -pkgbase=flac -pkgname=('flac' 'flac-doc') -pkgver=1.3.0 -pkgrel=5 -arch=('i686' 'x86_64') -url="http://flac.sourceforge.net/" -license=('BSD' 'GPL') -depends=('gcc-libs' 'libogg') -makedepends=('nasm' 'doxygen') -options=('!makeflags') -source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz - flac-realloc.patch flac-divby0.patch flac-CVE-2014-8962.patch flac-CVE-2014-9028.patch) -sha1sums=('a136e5748f8fb1e6c524c75000a765fc63bb7b1b' - '22bf08219c289d747f399e351c701d0f195d3ce0' - 'ceecf0603895267eda112c1cf85e3096e3d3acde' - 'f78547bc7a085a47273ad85c3ec86a2960739944' - '18f7a66fc0faf857e3c82b462619acf5b5a19af4') - -prepare() { - cd ${pkgbase}-${pkgver} - patch -p1 -i "${srcdir}/flac-realloc.patch" - patch -p1 -i "${srcdir}/flac-divby0.patch" - patch -p1 -i "${srcdir}/flac-CVE-2014-8962.patch" - patch -p1 -i "${srcdir}/flac-CVE-2014-9028.patch" -} - -build() { - cd ${pkgbase}-${pkgver} - ./configure --prefix=/usr --disable-sse - make -} - -check() { - cd ${pkgbase}-${pkgver} - make check -} - -package_flac() { - pkgdesc="Free Lossless Audio Codec" - options=('!docs') - - cd ${pkgbase}-${pkgver} - make DESTDIR="${pkgdir}" install - install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} - -package_flac-doc() { - pkgdesc="Developer documentation for the Free Lossless Audio Codec" - depends=('flac') - - cd ${pkgbase}-${pkgver} - make DESTDIR="${pkgdir}" -C doc install - sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag" - install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} Copied: flac/repos/extra-x86_64/PKGBUILD (from rev 227160, flac/trunk/PKGBUILD) =================================================================== --- extra-x86_64/PKGBUILD (rev 0) +++ extra-x86_64/PKGBUILD 2014-11-28 01:53:36 UTC (rev 227161) @@ -0,0 +1,45 @@ +# $Id$ +# Maintainer: Eric Bélanger <e...@archlinux.org> + +pkgbase=flac +pkgname=('flac' 'flac-doc') +pkgver=1.3.1 +pkgrel=1 +arch=('i686' 'x86_64') +url="http://flac.sourceforge.net/" +license=('BSD' 'GPL') +depends=('gcc-libs' 'libogg') +makedepends=('nasm' 'doxygen') +options=('!makeflags') +source=(http://downloads.xiph.org/releases/flac/${pkgbase}-${pkgver}.tar.xz) +sha1sums=('38e17439d11be26207e4af0ff50973815694b26f') + +build() { + cd ${pkgbase}-${pkgver} + ./configure --prefix=/usr --disable-sse + make +} + +check() { + cd ${pkgbase}-${pkgver} + make check +} + +package_flac() { + pkgdesc="Free Lossless Audio Codec" + options=('!docs') + + cd ${pkgbase}-${pkgver} + make DESTDIR="${pkgdir}" install + install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} + +package_flac-doc() { + pkgdesc="Developer documentation for the Free Lossless Audio Codec" + depends=('flac') + + cd ${pkgbase}-${pkgver} + make DESTDIR="${pkgdir}" -C doc install + sed -i "s|$srcdir/${pkgbase}-${pkgver}|/usr|" "${pkgdir}/usr/share/doc/${pkgbase}-${pkgver}/FLAC.tag" + install -D -m644 COPYING.Xiph "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} Deleted: extra-x86_64/flac-CVE-2014-8962.patch =================================================================== --- extra-x86_64/flac-CVE-2014-8962.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-x86_64/flac-CVE-2014-8962.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,40 +0,0 @@ -From 5b3033a2b355068c11fe637e14ac742d273f076e Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Tue, 18 Nov 2014 07:20:25 -0800 -Subject: [PATCH] src/libFLAC/stream_decoder.c : Fix buffer read overflow. - -This is CVE-2014-8962. - -Reported-by: Michele Spagnuolo, - Google Security Team <mikis...@google.com> ---- - src/libFLAC/stream_decoder.c | 6 +++++- - 1 files changed, 5 insertions(+), 1 deletions(-) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index cb66fe2..88a656d 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC = - * - ***********************************************************************/ - --static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; -+static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; - - /*********************************************************************** - * -@@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder) - id = 0; - continue; - } -+ -+ if(id >= 3) -+ return false; -+ - if(x == ID3V2_TAG_[id]) { - id++; - i = 0; --- -1.7.2.5 - Deleted: extra-x86_64/flac-CVE-2014-9028.patch =================================================================== --- extra-x86_64/flac-CVE-2014-9028.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-x86_64/flac-CVE-2014-9028.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,34 +0,0 @@ -From fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Wed, 19 Nov 2014 19:35:59 -0800 -Subject: [PATCH] src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow. - -A file provided by the reporters caused the stream decoder to write to -un-allocated heap space resulting in a segfault. The solution is to -error out (by returning false from read_residual_partitioned_rice_()) -instead of trying to continue to decode. - -Fixes: CVE-2014-9028 -Reported-by: Michele Spagnuolo, - Google Security Team <mikis...@google.com> ---- - src/libFLAC/stream_decoder.c | 3 ++- - 1 files changed, 2 insertions(+), 1 deletions(-) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index 88a656d..54e84d4 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -2736,7 +2736,8 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne - if(decoder->private_->frame.header.blocksize < predictor_order) { - send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC); - decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC; -- return true; -+ /* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */ -+ return false; - } - } - else { --- -1.7.2.5 - Deleted: extra-x86_64/flac-divby0.patch =================================================================== --- extra-x86_64/flac-divby0.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-x86_64/flac-divby0.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,47 +0,0 @@ -From 9443151da38d25430f0683dfdcd7f6076ecabe0a Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <er...@mega-nerd.com> -Date: Tue, 8 Jul 2014 18:25:11 +1000 -Subject: [PATCH] src/flac/utils.c : Make sure get_console_width() returns value > 0. - -Previous version of get_console_width() may return 0 which will result in -a division by 0 in stats_print_name(): - - console_width = get_console_width(); - len = strlen_console(name)+2; - console_chars_left = console_width - (len % console_width); - -Bug-report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739613 -Patch-from: lvqcl <lvqcl.m...@gmail.com> ---- - src/flac/utils.c | 7 +++++-- - 1 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/src/flac/utils.c b/src/flac/utils.c -index 557477e..52b2c43 100644 ---- a/src/flac/utils.c -+++ b/src/flac/utils.c -@@ -176,7 +176,7 @@ static int console_chars_left; - - int get_console_width(void) - { -- int width = 80; -+ int width = 0; - #if defined _WIN32 - width = win_get_console_width(); - #elif defined __EMX__ -@@ -185,8 +185,11 @@ int get_console_width(void) - width = s[0]; - #elif defined GWINSZ_IN_SYS_IOCTL - struct winsize w; -- if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) width = w.ws_col; -+ if (ioctl(STDOUT_FILENO, TIOCGWINSZ, &w) != -1) -+ width = w.ws_col; - #endif -+ if (width <= 0) -+ width = 80; - return width; - } - --- -1.7.2.5 - Deleted: extra-x86_64/flac-realloc.patch =================================================================== --- extra-x86_64/flac-realloc.patch 2014-11-28 01:50:49 UTC (rev 227160) +++ extra-x86_64/flac-realloc.patch 2014-11-28 01:53:36 UTC (rev 227161) @@ -1,15 +0,0 @@ -X-Git-Url: http://git.xiph.org/?p=flac.git;a=blobdiff_plain;f=src%2Fmetaflac%2Futils.c;h=8a31daaddd47f8ea2d7b1e66445d180b4151e0db;hp=097537b2d39ea302269a16e7da9bc413e02ffb6e;hb=606fdfcaece19d3e05434bde57c289102a369069;hpb=d42c04260bf9e27cbb8c61a5529ecab3b20e25ff - -diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c -index 097537b..8a31daa 100644 ---- a/src/metaflac/utils.c -+++ b/src/metaflac/utils.c -@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source) - *dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1); - if(0 == *dest) - die("out of memory growing string"); -- safe_strncpy((*dest)+ndest, source, ndest + nsource + 1); -+ safe_strncpy((*dest)+ndest, source, nsource + 1); - } - - static inline int local_isprint(int c)