me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/packages/patches/audiofile-CVE-2015-7747.patch
Hartmut Goebel a8e149434e
gnu: Add audiofile. 
Patches should fix all CVEs reported by `guix lint`:
CVE-2015-7747; CVE-2017-6827, CVE-2017-6828, CVE-2017-6829,
CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833,
CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837,
CVE-2017-6838, CVE-2017-6839; CVE-2018-13440; CVE-2018-17095

Since the patches do not reference to CVEs, it's a bit hard to tell which
patch actually closes which CVE.  Debian reports all these to be closed by
the patches below and NixPkgs provides references.

* gnu/packages/audio.scm (audiofile): New variable.
* gnu/packages/patches/audiofile-fix-datatypes-in-tests.patch,
  gnu/packages/patches/audiofile-fix-sign-conversion.patch,
  gnu/packages/patches/audiofile-CVE-2015-7747.patch,
  gnu/packages/patches/audiofile-CVE-2018-13440.patch,
  gnu/packages/patches/audiofile-CVE-2018-17095.patch,
  gnu/packages/patches/audiofile-Check-the-number-of-coefficients.patch,
  gnu/packages/patches/audiofile-Fail-on-error-in-parseFormat.patch,
  gnu/packages/patches/audiofile-Fix-index-overflow-in-IMA.cpp.patch,
  gnu/packages/patches/audiofile-Fix-multiply-overflow-sfconvert.patch,
  gnu/packages/patches/audiofile-Fix-overflow-in-MSADPCM-decodeSam.patch,
  gnu/packages/patches/audiofile-division-by-zero-BlockCodec-runPull.patch,
  gnu/packages/patches/audiofile-hurd.patch,
  gnu/packages/patches/audiofile-signature-of-multiplyCheckOverflow.patch:
  New files.
* gnu/local.mk: Add them.
2019-12-26 16:44:53 +01:00

156 lines
4.2 KiB
Diff
Raw Blame History

Description: fix buffer overflow when changing both sample format and
number of channels
Origin: https://github.com/mpruett/audiofile/pull/25
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
Bug-Debian: https://bugs.debian.org/801102
--- a/libaudiofile/modules/ModuleState.cpp
+++ b/libaudiofile/modules/ModuleState.cpp
@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
addModule(new Transform(outfc, in.pcm, out.pcm));
if (in.channelCount != out.channelCount)
- addModule(new ApplyChannelMatrix(infc, isReading,
+ addModule(new ApplyChannelMatrix(outfc, isReading,
in.channelCount, out.channelCount,
in.pcm.minClip, in.pcm.maxClip,
track->channelMatrix));
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -26,6 +26,7 @@ TESTS = \
VirtualFile \
floatto24 \
query2 \
+ sixteen-stereo-to-eight-mono \
sixteen-to-eight \
testchannelmatrix \
testdouble \
@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
printmarkers_LDADD = $(LIBAUDIOFILE) -lm
sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
+sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
--- /dev/null
+++ b/test/sixteen-stereo-to-eight-mono.c
@@ -0,0 +1,118 @@
+/*
+ Audio File Library
+
+ Copyright 2000, Silicon Graphics, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+/*
+ sixteen-stereo-to-eight-mono.c
+
+ This program tests the conversion from 2-channel 16-bit integers to
+ 1-channel 8-bit integers.
+*/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <limits.h>
+
+#include <audiofile.h>
+
+#include "TestUtilities.h"
+
+int main (int argc, char **argv)
+{
+ AFfilehandle file;
+ AFfilesetup setup;
+ int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
+ int8_t frames8[] = {28, 6, -2};
+ int i, frameCount = 3;
+ int8_t byte;
+ AFframecount result;
+
+ setup = afNewFileSetup();
+
+ afInitFileFormat(setup, AF_FILE_WAVE);
+
+ afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
+ afInitChannels(setup, AF_DEFAULT_TRACK, 2);
+
+ char *testFileName;
+ if (!createTemporaryFile("sixteen-to-eight", &testFileName))
+ {
+ fprintf(stderr, "Could not create temporary file.\n");
+ exit(EXIT_FAILURE);
+ }
+
+ file = afOpenFile(testFileName, "w", setup);
+ if (file == AF_NULL_FILEHANDLE)
+ {
+ fprintf(stderr, "could not open file for writing\n");
+ exit(EXIT_FAILURE);
+ }
+
+ afFreeFileSetup(setup);
+
+ afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
+
+ afCloseFile(file);
+
+ file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
+ if (file == AF_NULL_FILEHANDLE)
+ {
+ fprintf(stderr, "could not open file for reading\n");
+ exit(EXIT_FAILURE);
+ }
+
+ afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
+ afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
+
+ for (i=0; i<frameCount; i++)
+ {
+ /* Read one frame. */
+ result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
+
+ if (result != 1)
+ break;
+
+ /* Compare the byte read with its precalculated value. */
+ if (memcmp(&byte, &frames8[i], 1) != 0)
+ {
+ printf("error\n");
+ printf("expected %d, got %d\n", frames8[i], byte);
+ exit(EXIT_FAILURE);
+ }
+ else
+ {
+#ifdef DEBUG
+ printf("got what was expected: %d\n", byte);
+#endif
+ }
+ }
+
+ afCloseFile(file);
+ unlink(testFileName);
+ free(testFileName);
+
+ exit(EXIT_SUCCESS);
+}
View git blame Copy permalink