# Contributor: Leo <thinkabit.ukim@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sox
pkgver=14.4.2
pkgrel=12
pkgdesc="The Swiss Army knife of sound processing tools"
url="https://sox.sourceforge.net/"
arch="all"
license="GPL-2.0-or-later LGPL-2.1-or-later"
makedepends="libao-dev libvorbis-dev libogg-dev lame-dev
	libmad-dev bash alsa-lib-dev libsndfile-dev libsamplerate-dev
	file-dev libid3tag-dev flac-dev gsm-dev opusfile-dev libpng-dev
	autoconf automake libtool
	"
subpackages="$pkgname-static $pkgname-doc $pkgname-dev"
source="https://downloads.sourceforge.net/sourceforge/sox/sox-$pkgver.tar.gz
	CVE-2017-15371.patch::https://github.com/mansr/sox/commit/818bdd0.patch
	CVE-2017-11358.patch::https://github.com/mansr/sox/commit/6cb44a4.patch
	CVE-2017-15370.patch::https://github.com/mansr/sox/commit/ef3d8be.patch
	CVE-2017-11332.patch::https://github.com/mansr/sox/commit/7405bca.patch
	CVE-2017-11359.patch::https://github.com/mansr/sox/commit/8b590b3.patch
	CVE-2017-15372.patch::https://github.com/mansr/sox/commit/001c337.patch
	CVE-2017-15642.patch::https://github.com/mansr/sox/commit/0be259e.patch
	CVE-2017-18189.patch
	update-exported-symbol-list.patch
	add-destdir.patch
	cleanup-lsx_malloc.patch
	CVE-2019-8354.patch
	CVE-2019-8355.patch
	CVE-2019-8356.patch
	CVE-2019-8357.patch
	sox-14.4.2-hcom_stopwrite_big_endian_bug_fix.patch
	fix-musl.patch
	CVE-2021-23159.patch
	CVE-2021-33844.patch
	CVE-2021-3643.patch
	CVE-2021-40426.patch
	CVE-2022-31650.patch
	CVE-2022-31651.patch
	fix-resource-leak-hcom.patch
	fix-regression-in-CVE-2017-11358.patch
	fix-resource-leak-comments.patch
	"

# secfixes:
#   14.4.2-r10:
#     - CVE-2021-23159
#     - CVE-2021-33844
#     - CVE-2021-3643
#     - CVE-2021-40426
#     - CVE-2022-31650
#     - CVE-2022-31651
#   14.4.2-r5:
#     - CVE-2017-13571
#     - CVE-2017-11358
#     - CVE-2017-15370
#     - CVE-2017-11332
#     - CVE-2017-11359
#     - CVE-2017-15372
#     - CVE-2017-13642
#     - CVE-2017-18189
#     - CVE-2019-8354
#     - CVE-2019-8355
#     - CVE-2019-8356
#     - CVE-2019-8357

prepare() {
	default_prepare

	# Fix man page installation
	sed -e 's|man1/sox.1 soxeffect.7|man1/sox.1.gz soxeffect.7.gz|' \
		-i Makefile.in

	# test fails with CVE-2017-11359.patch
	sed -e '/hcom/d' -i src/tests.sh

	autoreconf -vif
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--with-dyn-default \
		--with-distro="${DISTRO_NAME:-Alpine Linux}"
	make
}

check() {
	# -j1 to work around bug in gnu make
	# http://savannah.gnu.org/bugs/index.php?58365
	make -j1 bindir=. installcheck
}

package() {
	make DESTDIR="$pkgdir" install
	ln -sf play "$pkgdir"/usr/bin/rec
	ln -sf ../man1/sox.1.gz "$pkgdir"/usr/share/man/man7/soxeffect.7
	rm "$pkgdir"/usr/lib/sox/*.a
}
sha512sums="
b5c6203f4f5577503a034fe5b3d6a033ee97fe4d171c533933e2b036118a43a14f97c9668433229708609ccf9ee16abdeca3fc7501aa0aafe06baacbba537eca  sox-14.4.2.tar.gz
9f61fc979d0e0232aa2004a455a139950ceb998338577b94cd3bebfdf230896bde9765f9afef1af515ae0679b3afd245142027de3b7ce87eced3fbdb86558668  CVE-2017-15371.patch
b2a096659cc98bd50322441d3611e607b71c54025feaf7c2acc322fff8c0ef5a83f06bef31099c4adf1794009b050a3f2dca71c7926892c60081261384891ac4  CVE-2017-11358.patch
e5c079f8e8e4603e068a092db86ec6dea4da395f75fb4bfa284736edce2d8ea3441deda51ca7dce8865e1ac5914cdf9c6767ed74203726f26992e9d76f4d8b0b  CVE-2017-15370.patch
8c26bea077b503c8ec420880539f2a6e275d2b3c26eb5b4c5af38aae16b258a29ceb946aeb2252e47aeea22e5b6513c628a7ee3eb3d201d6fa541456b16bd399  CVE-2017-11332.patch
6fb075c09cfedaec6bb6760ba2e0d55446478c8e2873884b6a940d42f44ad8e840809f8b31b59ff3d40307dd48d74dadf809859dfef190269da8800185b462a6  CVE-2017-11359.patch
b1936686a7dff2b42629d05cb59cfdb86c2a42ef843fe0cd031607d1c7174479ed8cfc0d5c6ffd3be80c9c20894dd919547e8bd861ed5b49d596ee89a19db372  CVE-2017-15372.patch
e44a2327a8808bf94acb8db1d8ea13f77bbe0600be47079b7c77dab3daab44a67c3ca9be93b32db6807c2c96c6b67529884d38bf03d02dda6be04794e711cb71  CVE-2017-15642.patch
f67e5c2ab0ef358af137685d5ac9efa4595f5a607b72a10e706fb2bd5f7bfcf22a15af950b0592893e849243353765d0adc3b2e9f5bef1a84ae4023e16f931ff  CVE-2017-18189.patch
71147aff997e647afada2ca4f837e525133970c3420a67784e42e0ebd8b08bc063b20b3e6c72323c6e5980956946c9a6e1222e7ff0249587987bf863f4294da7  update-exported-symbol-list.patch
1703f3bb21cd2553929cb1e625c6d537ea92ba7873252f4e3738795ae801b3cf887ca27823eda59466f27faa50e318817f63add7b87051531ab5381e71787552  add-destdir.patch
c9aaaf8a75675cadeedb7db7660f6e438946302a48b1d7ed66ca2e5beb3e7303fd94539c97eddf4c049a761406d29ed78dcadfac9bb851f701e26d5031875042  cleanup-lsx_malloc.patch
345132037594513a74fb875634408da1748ef005506835dd248e2e57918a72c343967c5f5316ca8bcc5967fc2d1e0df4026b9e17616d5d8e405ead0336911bca  CVE-2019-8354.patch
1d3d10e7d598ccddeda9138268d8fb86ac253a61e7ee980feb6c0c4da16d72a2b27bcf6fb078334c1a90e8e6ea031c33eedf304999a9f5ef18c6d9594b2603aa  CVE-2019-8355.patch
8bc3fe9800a878bd9920937321dd75f0a19328dd6dcc88bba9c30e7ac12b2ba3a1d53f0e8e3ee3e0bbd42e953590f2e96c3c64e287b58c646bacbc69362917fa  CVE-2019-8356.patch
8890ff942e25e94c3458ed5e1f5e587e779b3be34d7da2d3fbd5b9b8cc631738c5c76a0c25a7a2be6a7fe05c60b8efb6f784d544f573b8354c6b2cc3b573d066  CVE-2019-8357.patch
aea1bcfdddd315d05654814e386512f0254d1707564a8370d6b2a8a2d12ecb527a7a566da8f2cfa9f0ee99369fab0f19819263d0d74de0616c9175362965e04c  sox-14.4.2-hcom_stopwrite_big_endian_bug_fix.patch
7322b297bae36530756d44ca9b11db8f682e97f55e9ca51164d48713486d405121c9e6557bb1ea3739a61b9dccf19257dce806b28b363062d635abbc00d2d9f6  fix-musl.patch
ea959ea04d498352d040519e63b053ad01f6bc2164e46dfb0b5ba673200075df652ccf2869be419d27cc34c6c5ae00161c8bcbcffdd460a88124858924796cb5  CVE-2021-23159.patch
eef1014ccfce344f03eae4ede810a66db221c952dd2342943ee089f09420dac5bdb3820b5fb7975d488c58c80d448be6e6b80e8a61cf273d1ddfd0cc169c3ca9  CVE-2021-33844.patch
51f7e8515fc20d7c85ac27fc229b233d8adf6c8a68ad35ba694fd146b24de8e5442fcb8102ed75687a0abb10e06fb224a544b17c4feb474e2422d4db14485c0c  CVE-2021-3643.patch
1e3468494ccf5e3905134e9c4c00513469d66b8fd6294093d122060259114aa8ad93db928aba3eb35cfe00cad3efda4d208b96aad38fc411294998057a6676ee  CVE-2021-40426.patch
84f243f6f15a640b04133f3b73c5483e6284b1f06192573d6a3378caf0c6fb37d8a1a536cbeee04d6e4b5f9046f9fa0cd79593dbb5887566a1ef59c3b8ec3e48  CVE-2022-31650.patch
64623b7c5fd2f6fb3af2103847d32552a2a5b227a9d1e619b1996077aee79dcd4243a761569f6c696d0d452ccb0bf0f0bcc774b44ae17dd9e5efa8772e7819ba  CVE-2022-31651.patch
648431fddd81b2bda4ba614cde2a6f15caf8c26e5529788025f454c46e7617a6fc46433b5e863a0d9e51abcc5fd98db4ff6771a6fc910280423224c863da2bda  fix-resource-leak-hcom.patch
67d4b8f4d7b240f4ee38c78d86b52a1113d2403429035fc7ba58d94966cb0e2661e419b36e2a352adc07fd5db24d2daff587447c65932315faf38a640fcadb1a  fix-regression-in-CVE-2017-11358.patch
86d75bbbca5bfd70d4b9e8c7997849052feb6abfa20a658d7b1d5eb03f49077a0260fa62be85589c95fe55d4d9327a6d7c2c0870936af41533d0d28a5fce71d4  fix-resource-leak-comments.patch
"