From 5fc49beef1a783391a613d12b36f2543ce0585d6 Mon Sep 17 00:00:00 2001
From: Michael Schwendt <mschwendt@fedoraproject.org>
Date: Fri, 9 Oct 2015 18:15:51 +0200
Subject: [PATCH] Merge fix from upstream pull request #25 for CVE-2015-7747.

  Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
  no longer causes corruption.
---
 audiofile-0.3.6-CVE-2015-7747.patch | 12 ++++++++++++
 audiofile.spec                      | 10 +++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 audiofile-0.3.6-CVE-2015-7747.patch

diff --git a/audiofile-0.3.6-CVE-2015-7747.patch b/audiofile-0.3.6-CVE-2015-7747.patch
new file mode 100644
index 0000000..fae65f6
--- /dev/null
+++ b/audiofile-0.3.6-CVE-2015-7747.patch
@@ -0,0 +1,12 @@
+diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp
+--- audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp	2013-03-06 06:30:03.000000000 +0100
++++ audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp	2015-10-08 11:29:51.846082162 +0200
+@@ -402,7 +402,7 @@
+ 		addModule(new Transform(outfc, in.pcm, out.pcm));
+ 
+ 	if (in.channelCount != out.channelCount)
+-		addModule(new ApplyChannelMatrix(infc, isReading,
++		addModule(new ApplyChannelMatrix(outfc, isReading,
+ 			in.channelCount, out.channelCount,
+ 			in.pcm.minClip, in.pcm.maxClip,
+ 			track->channelMatrix));
diff --git a/audiofile.spec b/audiofile.spec
index df4633e..8623c83 100644
--- a/audiofile.spec
+++ b/audiofile.spec
@@ -3,7 +3,7 @@
 Summary: Library for accessing various audio file formats
 Name: audiofile
 Version: 0.3.6
-Release: 8%{?dist}
+Release: 9%{?dist}
 Epoch: 1
 # library is LGPL / the two programs GPL / see README
 License: LGPLv2+ and GPLv2+
@@ -16,6 +16,8 @@ BuildRequires: flac-devel
 # optional for rebuilding manual pages from .txt
 #BuildRequires: asciidoc
 
+Patch0: audiofile-0.3.6-CVE-2015-7747.patch
+
 %description
 The Audio File library is an implementation of the Audio File Library
 from SGI, which provides an API for accessing audio file formats like
@@ -36,6 +38,7 @@ other resources you can use to develop Audio File applications.
 
 %prep
 %setup -q
+%patch0 -p1 -b .CVE-2015-7747
 
 %build
 %configure --disable-static
@@ -75,6 +78,11 @@ make check
 %{_mandir}/man3/*
 
 %changelog
+* Thu Oct  8 2015 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-9
+- Merge fix from upstream pull request #25 for CVE-2015-7747.
+  Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
+  no longer causes corruption.
+
 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.3.6-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild