fix memory corruption in metaflac (#969259)

flac-metaflac_strcat.patch

@@ -0,0 +1,29 @@
+From 78055800dd8fd2563e9248fcafda81a211fcc4d2 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Mon, 3 Jun 2013 12:54:59 +0200
+Subject: [PATCH 1/2] metaflac : Fix local_strcat() to terminate string
+ correctly.
+
+The NUL char is written at incorrect place when the destination string
+is longer than 0, which causes memory corruption. It was broken by
+commit 2d6354ff2a618a79d40edbd4f208b4b07c5422f1.
+---
+ src/metaflac/utils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/metaflac/utils.c b/src/metaflac/utils.c
+index 097537b..8a31daa 100644
+--- a/src/metaflac/utils.c
++++ b/src/metaflac/utils.c
+@@ -75,7 +75,7 @@ void local_strcat(char **dest, const char *source)
+ 	*dest = safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1);
+ 	if(0 == *dest)
+ 		die("out of memory growing string");
+-	safe_strncpy((*dest)+ndest, source, ndest + nsource + 1);
++	safe_strncpy((*dest)+ndest, source, nsource + 1);
+ }
+ 
+ static inline int local_isprint(int c)
+-- 
+1.8.1.4
+

flac.spec

@@ -17,6 +17,8 @@ BuildRequires: automake autoconf libtool gettext-devel doxygen
 BuildRequires: nasm >= 2.0
 %endif
 
+Patch1: flac-metaflac_strcat.patch
+
 %description
 FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC
 is similar to Ogg Vorbis, but lossless. The FLAC project consists of
@@ -54,6 +56,7 @@ will use the Free Lossless Audio Codec.
 
 %prep
 %setup -q
+%patch1 -p1 -b .metaflac-strcat
 
 %build
 # use our libtool to avoid problems with RPATH