[jackhill/guix/guix.git] / gnu / packages / patches / audiofile-CVE-2015-7747.patch

Description: fix buffer overflow when changing both sample format and
 number of channels
Origin: https://github.com/mpruett/audiofile/pull/25
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
Bug-Debian: https://bugs.debian.org/801102

--- a/libaudiofile/modules/ModuleState.cpp
+++ b/libaudiofile/modules/ModuleState.cpp
@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
 		addModule(new Transform(outfc, in.pcm, out.pcm));
 
 	if (in.channelCount != out.channelCount)
-		addModule(new ApplyChannelMatrix(infc, isReading,
+		addModule(new ApplyChannelMatrix(outfc, isReading,
 			in.channelCount, out.channelCount,
 			in.pcm.minClip, in.pcm.maxClip,
 			track->channelMatrix));
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -26,6 +26,7 @@ TESTS = \
 	VirtualFile \
 	floatto24 \
 	query2 \
+	sixteen-stereo-to-eight-mono \
 	sixteen-to-eight \
 	testchannelmatrix \
 	testdouble \
@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
 printmarkers_LDADD = $(LIBAUDIOFILE) -lm
 
 sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
+sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
 
 testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
 
--- /dev/null
+++ b/test/sixteen-stereo-to-eight-mono.c
@@ -0,0 +1,118 @@
+/*
+	Audio File Library
+
+	Copyright 2000, Silicon Graphics, Inc.
+
+	This program is free software; you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation; either version 2 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License along
+	with this program; if not, write to the Free Software Foundation, Inc.,
+	51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+/*
+	sixteen-stereo-to-eight-mono.c
+
+	This program tests the conversion from 2-channel 16-bit integers to
+	1-channel 8-bit	integers.
+*/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <limits.h>
+
+#include <audiofile.h>
+
+#include "TestUtilities.h"
+
+int main (int argc, char **argv)
+{
+	AFfilehandle file;
+	AFfilesetup setup;
+	int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
+	int8_t frames8[] = {28, 6, -2};
+	int i, frameCount = 3;
+	int8_t byte;
+	AFframecount result;
+
+	setup = afNewFileSetup();
+
+	afInitFileFormat(setup, AF_FILE_WAVE);
+
+	afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
+	afInitChannels(setup, AF_DEFAULT_TRACK, 2);
+
+	char *testFileName;
+	if (!createTemporaryFile("sixteen-to-eight", &testFileName))
+	{
+		fprintf(stderr, "Could not create temporary file.\n");
+		exit(EXIT_FAILURE);
+	}
+
+	file = afOpenFile(testFileName, "w", setup);
+	if (file == AF_NULL_FILEHANDLE)
+	{
+		fprintf(stderr, "could not open file for writing\n");
+		exit(EXIT_FAILURE);
+	}
+
+	afFreeFileSetup(setup);
+
+	afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
+
+	afCloseFile(file);
+
+	file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
+	if (file == AF_NULL_FILEHANDLE)
+	{
+		fprintf(stderr, "could not open file for reading\n");
+		exit(EXIT_FAILURE);
+	}
+
+	afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
+	afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
+
+	for (i=0; i<frameCount; i++)
+	{
+		/* Read one frame. */
+		result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
+
+		if (result != 1)
+			break;
+
+		/* Compare the byte read with its precalculated value. */
+		if (memcmp(&byte, &frames8[i], 1) != 0)
+		{
+			printf("error\n");
+			printf("expected %d, got %d\n", frames8[i], byte);
+			exit(EXIT_FAILURE);
+		}
+		else
+		{
+#ifdef DEBUG
+			printf("got what was expected: %d\n", byte);
+#endif
+		}
+	}
+
+	afCloseFile(file);
+	unlink(testFileName);
+	free(testFileName);
+
+	exit(EXIT_SUCCESS);
+}
Commit	Line	Data
a8e14943 HG	1	Description: fix buffer overflow when changing both sample format and
	2	number of channels
	3	Origin: https://github.com/mpruett/audiofile/pull/25
	4	Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
	5	Bug-Debian: https://bugs.debian.org/801102
	6
	7	--- a/libaudiofile/modules/ModuleState.cpp
	8	+++ b/libaudiofile/modules/ModuleState.cpp
	9	@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
	10	addModule(new Transform(outfc, in.pcm, out.pcm));
	11
	12	if (in.channelCount != out.channelCount)
	13	- addModule(new ApplyChannelMatrix(infc, isReading,
	14	+ addModule(new ApplyChannelMatrix(outfc, isReading,
	15	in.channelCount, out.channelCount,
	16	in.pcm.minClip, in.pcm.maxClip,
	17	track->channelMatrix));
	18	--- a/test/Makefile.am
	19	+++ b/test/Makefile.am
	20	@@ -26,6 +26,7 @@ TESTS = \
	21	VirtualFile \
	22	floatto24 \
	23	query2 \
	24	+ sixteen-stereo-to-eight-mono \
	25	sixteen-to-eight \
	26	testchannelmatrix \
	27	testdouble \
	28	@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
	29	printmarkers_LDADD = $(LIBAUDIOFILE) -lm
	30
	31	sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
	32	+sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
	33
	34	testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
	35
	36	--- /dev/null
	37	+++ b/test/sixteen-stereo-to-eight-mono.c
	38	@@ -0,0 +1,118 @@
	39	+/*
	40	+ Audio File Library
	41	+
	42	+ Copyright 2000, Silicon Graphics, Inc.
	43	+
	44	+ This program is free software; you can redistribute it and/or modify
	45	+ it under the terms of the GNU General Public License as published by
	46	+ the Free Software Foundation; either version 2 of the License, or
	47	+ (at your option) any later version.
	48	+
	49	+ This program is distributed in the hope that it will be useful,
	50	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
	51	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	52	+ GNU General Public License for more details.
	53	+
	54	+ You should have received a copy of the GNU General Public License along
	55	+ with this program; if not, write to the Free Software Foundation, Inc.,
	56	+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	57	+*/
	58	+
	59	+/*
	60	+ sixteen-stereo-to-eight-mono.c
	61	+
	62	+ This program tests the conversion from 2-channel 16-bit integers to
	63	+ 1-channel 8-bit integers.
	64	+*/
65	+
66	+#ifdef HAVE_CONFIG_H
67	+#include <config.h>
68	+#endif
69	+
70	+#include <stdint.h>
71	+#include <stdio.h>
72	+#include <stdlib.h>
73	+#include <string.h>
74	+#include <unistd.h>
75	+#include <limits.h>
76	+
77	+#include <audiofile.h>
78	+
79	+#include "TestUtilities.h"
80	+
81	+int main (int argc, char **argv)
82	+{
83	+ AFfilehandle file;
84	+ AFfilesetup setup;
85	+ int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
86	+ int8_t frames8[] = {28, 6, -2};
87	+ int i, frameCount = 3;
88	+ int8_t byte;
89	+ AFframecount result;
90	+
91	+ setup = afNewFileSetup();
92	+
93	+ afInitFileFormat(setup, AF_FILE_WAVE);
94	+
95	+ afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
96	+ afInitChannels(setup, AF_DEFAULT_TRACK, 2);
97	+
98	+ char *testFileName;
99	+ if (!createTemporaryFile("sixteen-to-eight", &testFileName))
100	+ {
101	+ fprintf(stderr, "Could not create temporary file.\n");
102	+ exit(EXIT_FAILURE);
103	+ }
104	+
105	+ file = afOpenFile(testFileName, "w", setup);
106	+ if (file == AF_NULL_FILEHANDLE)
107	+ {
108	+ fprintf(stderr, "could not open file for writing\n");
109	+ exit(EXIT_FAILURE);
110	+ }
111	+
112	+ afFreeFileSetup(setup);
113	+
114	+ afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
115	+
116	+ afCloseFile(file);
117	+
118	+ file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
119	+ if (file == AF_NULL_FILEHANDLE)
120	+ {
121	+ fprintf(stderr, "could not open file for reading\n");
122	+ exit(EXIT_FAILURE);
123	+ }
124	+
125	+ afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
126	+ afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
127	+
128	+ for (i=0; i<frameCount; i++)
129	+ {
130	+ /* Read one frame. */
131	+ result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
132	+
133	+ if (result != 1)
134	+ break;
135	+
136	+ /* Compare the byte read with its precalculated value. */
137	+ if (memcmp(&byte, &frames8[i], 1) != 0)
138	+ {
139	+ printf("error\n");
140	+ printf("expected %d, got %d\n", frames8[i], byte);
141	+ exit(EXIT_FAILURE);
142	+ }
143	+ else
144	+ {
145	+#ifdef DEBUG
146	+ printf("got what was expected: %d\n", byte);
147	+#endif
148	+ }
149	+ }
150	+
151	+ afCloseFile(file);
152	+ unlink(testFileName);
153	+ free(testFileName);
154	+
155	+ exit(EXIT_SUCCESS);
156	+}