From cddc4701f9bbc52e84ac997ffc724e70e9b6a532 Mon Sep 17 00:00:00 2001
From: Michal Hlavinka <mhlavink@redhat.com>
Date: Tue, 26 Nov 2024 15:59:55 +0100
Subject: [PATCH] fix static analysis issue in prerequisite patch

resolves: RHEL-65093
---
 libsndfile-1.0.28-cve-2024-50612prereq.patch | 18 ++++++++++++++++--
 libsndfile.spec                              |  5 ++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/libsndfile-1.0.28-cve-2024-50612prereq.patch b/libsndfile-1.0.28-cve-2024-50612prereq.patch
index 686f059..60a9085 100644
--- a/libsndfile-1.0.28-cve-2024-50612prereq.patch
+++ b/libsndfile-1.0.28-cve-2024-50612prereq.patch
@@ -1,6 +1,6 @@
 diff -up libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq libsndfile-1.0.28/src/ogg.c
 --- libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq	2017-04-01 09:18:02.000000000 +0200
-+++ libsndfile-1.0.28/src/ogg.c	2024-11-25 23:46:59.292296272 +0100
++++ libsndfile-1.0.28/src/ogg.c	2024-11-26 15:06:33.595446443 +0100
 @@ -45,6 +45,16 @@ static int	ogg_stream_classify (SF_PRIVA
  static int	ogg_page_classify (SF_PRIVATE * psf, const ogg_page * og) ;
  
@@ -18,9 +18,23 @@ diff -up libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq libsndfile-1.0.28/src/
  ogg_open (SF_PRIVATE *psf)
  {	OGG_PRIVATE* odata = calloc (1, sizeof (OGG_PRIVATE)) ;
  	sf_count_t pos = psf_ftell (psf) ;
+diff -up libsndfile-1.0.28/src/ogg.h.cve-2024-50612prereq libsndfile-1.0.28/src/ogg.h
+--- libsndfile-1.0.28/src/ogg.h.cve-2024-50612prereq	2024-11-26 15:06:45.023560621 +0100
++++ libsndfile-1.0.28/src/ogg.h	2024-11-26 15:06:57.731687587 +0100
+@@ -48,5 +48,10 @@ typedef struct
+ 								(buf [base] & 0xff))
+ 
+ 
++/*
++** Write the whole Ogg page out. Convenience function as the ogg_page struct
++** splits header and body data into separate buffers.
++*/
++int	ogg_write_page	(SF_PRIVATE *, ogg_page *) ;
+ 
+ #endif /* SF_SRC_OGG_H */
 diff -up libsndfile-1.0.28/src/ogg_vorbis.c.cve-2024-50612prereq libsndfile-1.0.28/src/ogg_vorbis.c
 --- libsndfile-1.0.28/src/ogg_vorbis.c.cve-2024-50612prereq	2017-04-01 09:18:02.000000000 +0200
-+++ libsndfile-1.0.28/src/ogg_vorbis.c	2024-11-25 23:49:55.084077011 +0100
++++ libsndfile-1.0.28/src/ogg_vorbis.c	2024-11-26 15:06:33.595446443 +0100
 @@ -423,8 +423,7 @@ vorbis_write_header (SF_PRIVATE *psf, in
  		 * audio data will start on a new page, as per spec
  		 */
diff --git a/libsndfile.spec b/libsndfile.spec
index 89c25af..ec15180 100644
--- a/libsndfile.spec
+++ b/libsndfile.spec
@@ -1,7 +1,7 @@
 Summary:	Library for reading and writing sound files
 Name:		libsndfile
 Version:	1.0.28
-Release:	15%{?dist}
+Release:	16%{?dist}
 License:	LGPLv2+ and GPLv2+ and BSD
 Group:		System Environment/Libraries
 URL:		http://www.mega-nerd.com/libsndfile/
@@ -180,6 +180,9 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check
 
 
 %changelog
+* Tue Nov 26 2024 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-16
+- fix prerequisit patch (#RHEL-65093)
+
 * Wed Nov 20 2024 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-15
 - fix crash in ogg vorbis (#RHEL-65093) (CVE-2024-50612)