From 4867b112ebf21ce502a56855388a32085f33fcad Mon Sep 17 00:00:00 2001
From: Dominyk Tiller <dominyktiller@gmail.com>
Date: Fri, 24 Aug 2018 02:44:16 +0100
Subject: [PATCH] gpac: fix CVE-2018-7752, CVE-2018-13005, CVE-2018-13006

Closes #31409.

Signed-off-by: Dominyk Tiller <dominyktiller@gmail.com>
---
 Formula/gpac.rb | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/Formula/gpac.rb b/Formula/gpac.rb
index ccd42f0d10..47aea73b24 100644
--- a/Formula/gpac.rb
+++ b/Formula/gpac.rb
@@ -9,10 +9,37 @@
 class Gpac < Formula
   desc "Multimedia framework for research and academic purposes"
   homepage "https://gpac.wp.mines-telecom.fr/"
-  url "https://github.com/gpac/gpac/archive/v0.7.1.tar.gz"
-  sha256 "c7a18b9eea1264fee392e7222d16b180e0acdd6bb173ff6b8baadbf50b3b1d7f"
+  revision 1
   head "https://github.com/gpac/gpac.git"
 
+  stable do
+    url "https://github.com/gpac/gpac/archive/v0.7.1.tar.gz"
+    sha256 "c7a18b9eea1264fee392e7222d16b180e0acdd6bb173ff6b8baadbf50b3b1d7f"
+
+    # Fix for CVE-2018-7752.
+    patch do
+      url "https://github.com/gpac/gpac/commit/90dc7f853d31b0a4e9441cba97feccf36d8b69a4.patch?full_index=1"
+      sha256 "a31790cab731633e13fba815d851371314842bf8dedbdd4c749c9df9b5205312"
+    end
+
+    # Fix for CVE-2018-13005 & CVE-2018-13006.
+    patch do
+      url "https://github.com/gpac/gpac/commit/bceb03fd2be95097a7b409ea59914f332fb6bc86.patch?full_index=1"
+      sha256 "716579315fa7ee9880f5b94d4bc906163a5d0e7b123041a66d69b27cfb22babe"
+    end
+
+    # Below two patches fix compile when building against recent versions of ffmpeg.
+    patch do
+      url "https://github.com/gpac/gpac/commit/b12b86e995db235e9a7e0c4fcd0fd54eb37bcee4.patch?full_index=1"
+      sha256 "714bc320e9aac54782e5f4c661d5ae18f0fe002e23805d60bec4946725466d20"
+    end
+
+    patch do
+      url "https://github.com/gpac/gpac/commit/855aafe47677de558a7dd5f772b8094b54bfe61a.patch?full_index=1"
+      sha256 "dac3d143aef7fb399efefac16217902090b3868d624ff9d77317d71176a99f9b"
+    end
+  end
+
   bottle do
     sha256 "021729c23e8abaa578ae4ddee580dc5788b8b287ab664a43bfee9c45465efc7b" => :mojave
     sha256 "f804e53b18a3ce388ebd48b0e14ee159835b38bc0c917b7f8ee09858f809b40a" => :high_sierra