From 82360ca8f738853cf42718a8764d225e486adceb Mon Sep 17 00:00:00 2001
From: oreo639 <oreo6391@gmail.com>
Date: Mon, 9 Oct 2023 17:18:39 -0700
Subject: [PATCH] libcue: add patch for CVE-2023-43641

---
 ...2c8bded8d24cfa0608b8e97f2eed210a920e.patch | 24 +++++++++++++++++++
 srcpkgs/libcue/template                       |  2 +-
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/libcue/patches/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch

diff --git a/srcpkgs/libcue/patches/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch b/srcpkgs/libcue/patches/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch
new file mode 100644
index 00000000000..b38727fdcea
--- /dev/null
+++ b/srcpkgs/libcue/patches/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch
@@ -0,0 +1,24 @@
+From fdf72c8bded8d24cfa0608b8e97f2eed210a920e Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Wed, 27 Sep 2023 20:22:43 +0100
+Subject: [PATCH] Check that the array index isn't negative. This fixes
+ CVE-2023-43641.
+
+Signed-off-by: Kevin Backhouse <kevinbackhouse@github.com>
+---
+ cd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/cd.c b/cd.c
+index cf77a18..4bbea19 100644
+--- a/cd.c
++++ b/cd.c
+@@ -339,7 +339,7 @@ track_get_rem(const Track* track)
+ 
+ void track_set_index(Track *track, int i, long ind)
+ {
+-	if (i > MAXINDEX) {
++	if (i < 0 || i > MAXINDEX) {
+ 		fprintf(stderr, "too many indexes\n");
+                 return;
+         }
diff --git a/srcpkgs/libcue/template b/srcpkgs/libcue/template
index 496fd7927bc..dd21eb67027 100644
--- a/srcpkgs/libcue/template
+++ b/srcpkgs/libcue/template
@@ -1,7 +1,7 @@
 # Template file for 'libcue'
 pkgname=libcue
 version=2.2.1
-revision=1
+revision=2
 build_style=cmake
 configure_args="-DBUILD_SHARED_LIBS=ON"
 hostmakedepends="bison flex"