Contents of /trunk/audiofile/patches/audiofile-0.3.6-CVE-2015-7747.patch
Parent Directory | Revision Log
Revision 3077 -
(show annotations)
(download)
Mon Jan 22 12:38:50 2018 UTC (6 years, 8 months ago) by niro
File size: 4300 byte(s)
Mon Jan 22 12:38:50 2018 UTC (6 years, 8 months ago) by niro
File size: 4300 byte(s)
-added several security and build fixes
1 | Description: fix buffer overflow when changing both sample format and |
2 | number of channels |
3 | Origin: https://github.com/mpruett/audiofile/pull/25 |
4 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721 |
5 | Bug-Debian: https://bugs.debian.org/801102 |
6 | |
7 | --- a/libaudiofile/modules/ModuleState.cpp |
8 | +++ b/libaudiofile/modules/ModuleState.cpp |
9 | @@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle |
10 | addModule(new Transform(outfc, in.pcm, out.pcm)); |
11 | |
12 | if (in.channelCount != out.channelCount) |
13 | - addModule(new ApplyChannelMatrix(infc, isReading, |
14 | + addModule(new ApplyChannelMatrix(outfc, isReading, |
15 | in.channelCount, out.channelCount, |
16 | in.pcm.minClip, in.pcm.maxClip, |
17 | track->channelMatrix)); |
18 | --- a/test/Makefile.am |
19 | +++ b/test/Makefile.am |
20 | @@ -26,6 +26,7 @@ TESTS = \ |
21 | VirtualFile \ |
22 | floatto24 \ |
23 | query2 \ |
24 | + sixteen-stereo-to-eight-mono \ |
25 | sixteen-to-eight \ |
26 | testchannelmatrix \ |
27 | testdouble \ |
28 | @@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c |
29 | printmarkers_LDADD = $(LIBAUDIOFILE) -lm |
30 | |
31 | sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h |
32 | +sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h |
33 | |
34 | testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h |
35 | |
36 | --- /dev/null |
37 | +++ b/test/sixteen-stereo-to-eight-mono.c |
38 | @@ -0,0 +1,118 @@ |
39 | +/* |
40 | + Audio File Library |
41 | + |
42 | + Copyright 2000, Silicon Graphics, Inc. |
43 | + |
44 | + This program is free software; you can redistribute it and/or modify |
45 | + it under the terms of the GNU General Public License as published by |
46 | + the Free Software Foundation; either version 2 of the License, or |
47 | + (at your option) any later version. |
48 | + |
49 | + This program is distributed in the hope that it will be useful, |
50 | + but WITHOUT ANY WARRANTY; without even the implied warranty of |
51 | + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
52 | + GNU General Public License for more details. |
53 | + |
54 | + You should have received a copy of the GNU General Public License along |
55 | + with this program; if not, write to the Free Software Foundation, Inc., |
56 | + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
57 | +*/ |
58 | + |
59 | +/* |
60 | + sixteen-stereo-to-eight-mono.c |
61 | + |
62 | + This program tests the conversion from 2-channel 16-bit integers to |
63 | + 1-channel 8-bit integers. |
64 | +*/ |
65 | + |
66 | +#ifdef HAVE_CONFIG_H |
67 | +#include <config.h> |
68 | +#endif |
69 | + |
70 | +#include <stdint.h> |
71 | +#include <stdio.h> |
72 | +#include <stdlib.h> |
73 | +#include <string.h> |
74 | +#include <unistd.h> |
75 | +#include <limits.h> |
76 | + |
77 | +#include <audiofile.h> |
78 | + |
79 | +#include "TestUtilities.h" |
80 | + |
81 | +int main (int argc, char **argv) |
82 | +{ |
83 | + AFfilehandle file; |
84 | + AFfilesetup setup; |
85 | + int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921}; |
86 | + int8_t frames8[] = {28, 6, -2}; |
87 | + int i, frameCount = 3; |
88 | + int8_t byte; |
89 | + AFframecount result; |
90 | + |
91 | + setup = afNewFileSetup(); |
92 | + |
93 | + afInitFileFormat(setup, AF_FILE_WAVE); |
94 | + |
95 | + afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16); |
96 | + afInitChannels(setup, AF_DEFAULT_TRACK, 2); |
97 | + |
98 | + char *testFileName; |
99 | + if (!createTemporaryFile("sixteen-to-eight", &testFileName)) |
100 | + { |
101 | + fprintf(stderr, "Could not create temporary file.\n"); |
102 | + exit(EXIT_FAILURE); |
103 | + } |
104 | + |
105 | + file = afOpenFile(testFileName, "w", setup); |
106 | + if (file == AF_NULL_FILEHANDLE) |
107 | + { |
108 | + fprintf(stderr, "could not open file for writing\n"); |
109 | + exit(EXIT_FAILURE); |
110 | + } |
111 | + |
112 | + afFreeFileSetup(setup); |
113 | + |
114 | + afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount); |
115 | + |
116 | + afCloseFile(file); |
117 | + |
118 | + file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP); |
119 | + if (file == AF_NULL_FILEHANDLE) |
120 | + { |
121 | + fprintf(stderr, "could not open file for reading\n"); |
122 | + exit(EXIT_FAILURE); |
123 | + } |
124 | + |
125 | + afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8); |
126 | + afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1); |
127 | + |
128 | + for (i=0; i<frameCount; i++) |
129 | + { |
130 | + /* Read one frame. */ |
131 | + result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1); |
132 | + |
133 | + if (result != 1) |
134 | + break; |
135 | + |
136 | + /* Compare the byte read with its precalculated value. */ |
137 | + if (memcmp(&byte, &frames8[i], 1) != 0) |
138 | + { |
139 | + printf("error\n"); |
140 | + printf("expected %d, got %d\n", frames8[i], byte); |
141 | + exit(EXIT_FAILURE); |
142 | + } |
143 | + else |
144 | + { |
145 | +#ifdef DEBUG |
146 | + printf("got what was expected: %d\n", byte); |
147 | +#endif |
148 | + } |
149 | + } |
150 | + |
151 | + afCloseFile(file); |
152 | + unlink(testFileName); |
153 | + free(testFileName); |
154 | + |
155 | + exit(EXIT_SUCCESS); |
156 | +} |