audiofile/patches/audiofile-0.3.6-Always-check-the-number-of-coefficients.patch

From: Antonio Larrosa <larrosa@kde.org>
Date: Mon, 6 Mar 2017 12:51:22 +0100
Subject: Always check the number of coefficients

When building the library with NDEBUG, asserts are eliminated
so it's better to always check that the number of coefficients
is inside the array range.

This fixes the 00191-audiofile-indexoob issue in #41
---
 libaudiofile/WAVE.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
index 9dd8511..0fc48e8 100644
--- a/libaudiofile/WAVE.cpp
+++ b/libaudiofile/WAVE.cpp
@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
 
 			/* numCoefficients should be at least 7. */
 			assert(numCoefficients >= 7 && numCoefficients <= 255);
+			if (numCoefficients < 7 || numCoefficients > 255)
+			{
+				_af_error(AF_BAD_HEADER,
+						"Bad number of coefficients");
+				return AF_FAIL;
+			}
 
 			m_msadpcmNumCoefficients = numCoefficients;
 
1	From: Antonio Larrosa <larrosa@kde.org>
2	Date: Mon, 6 Mar 2017 12:51:22 +0100
3	Subject: Always check the number of coefficients
4
5	When building the library with NDEBUG, asserts are eliminated
6	so it's better to always check that the number of coefficients
7	is inside the array range.
8
9	This fixes the 00191-audiofile-indexoob issue in #41
10	---
11	libaudiofile/WAVE.cpp \| 6 ++++++
12	1 file changed, 6 insertions(+)
13
14	diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
15	index 9dd8511..0fc48e8 100644
16	--- a/libaudiofile/WAVE.cpp
17	+++ b/libaudiofile/WAVE.cpp
18	@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
19
20	/* numCoefficients should be at least 7. */
21	assert(numCoefficients >= 7 && numCoefficients <= 255);
22	+ if (numCoefficients < 7 \|\| numCoefficients > 255)
23	+ {
24	+ _af_error(AF_BAD_HEADER,
25	+ "Bad number of coefficients");
26	+ return AF_FAIL;
27	+ }
28
29	m_msadpcmNumCoefficients = numCoefficients;
30