Compare commits

...

36 Commits
f21 ... rawhide

Author SHA1 Message Date
Gwyn Ciesla
de6e01c1d5 migrated to SPDX license 2023-03-02 14:54:04 -06:00
Fedora Release Engineering
d7aaaf98a1 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-18 22:26:29 +00:00
Michel Alexandre Salim
1a711dd2b0 Rebuilt for flac 1.4.0
Signed-off-by: Michel Alexandre Salim <salimma@fedoraproject.org>
2022-09-13 05:49:25 -05:00
Gwyn Ciesla
d145f75426 Disable checks to fix FTBFS 2022-08-05 13:18:16 -05:00
Fedora Release Engineering
9d83631bdc Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-20 21:32:19 +00:00
Fedora Release Engineering
dd17fb9f76 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-19 21:55:21 +00:00
Gwyn Ciesla
4f7f2512d7 Drop rpath. 2021-07-30 09:07:13 -05:00
Fedora Release Engineering
5d17cc649a - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 18:11:51 +00:00
Fedora Release Engineering
f3d31be16c - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 13:15:47 +00:00
Gwyn Ciesla
69b19c2a06 Remove rpath 2021-05-27 08:55:11 -05:00
Fedora Release Engineering
83a00f8e6d - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 00:44:19 +00:00
Timm Bäder
e89bf8be7a Fix an integer overflow warning
Recent GCC versions emit warnings like this during compilation:

<source>:10:31: warning: integer overflow in expression of type 'int' results in '-2147483648' [-Woverflow]
   10 |   const uint32_t limits[] = { -minInt, maxInt };
      |                               ^~~~~~~
<source>:10:31: warning: narrowing conversion of '-2147483648' from 'int' to 'uint32_t' {aka 'unsigned int'} [-Wnarrowing]

And clang even treats them like an error.
2021-01-04 13:43:36 +01:00
Tom Stellard
f045e3df04 Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2020-12-17 02:33:35 +00:00
Fedora Release Engineering
c2de4b1116 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 12:41:54 +00:00
Fedora Release Engineering
1b925f26fc - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 12:26:27 +00:00
Fedora Release Engineering
25abac2c40 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 18:47:03 +00:00
Fedora Release Engineering
a4174b09a2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-01-31 14:09:21 +00:00
Igor Gnatenko
a41f2588ca Remove obsolete Group tag
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
2019-01-28 20:23:56 +01:00
Igor Gnatenko
7f3f5c1d20
Remove obsolete ldconfig scriptlets
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-01-22 18:38:32 +01:00
Gwyn Ciesla
0b51fee3ed Patches for CVE-2018-13440. 2018-10-09 09:16:31 -05:00
Gwyn Ciesla
ea15332b60 Fix for CVE-2018-17095. 2018-10-09 08:46:57 -05:00
leigh123linux
af707bc203 Fix build 2018-08-13 14:22:46 +01:00
Igor Gnatenko
b2a0cbe738 add BuildRequires: gcc-c++
Reference: https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
2018-07-19 20:56:42 +02:00
Fedora Release Engineering
8cd6ce3da6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-12 20:46:21 +00:00
Igor Gnatenko
5354f12e68
Escape macros in %changelog
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-09 09:04:09 +01:00
Fedora Release Engineering
c96c267f4d - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-07 03:18:19 +00:00
Fedora Release Engineering
bbaf5585b5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 17:59:04 +00:00
Fedora Release Engineering
b2fcfa7166 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 03:32:59 +00:00
Michael Schwendt
1fab1a93b7 more CVEs assigned: CVE-2017-6827, CVE-2017-6828 2017-03-15 10:22:01 +01:00
Michael Schwendt
b990eec955 CVEs assigned now: CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835, CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839 2017-03-13 23:42:38 +01:00
Michael Schwendt
c604cfc957 Merge upstream pull requests #42,#43,#44 from Agostino Sarubbo to fix
security issues.
2017-03-12 11:49:48 +01:00
Fedora Release Engineering
74f0693a64 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 06:33:10 +00:00
Michael Schwendt
b441c769b5 char on ARM is unsigned by default 2016-02-04 10:40:54 +01:00
Michael Schwendt
a4d2feea0b avoid int overflow too 2016-02-04 10:16:55 +01:00
Michael Schwendt
1f75efdeaa patch to compile with GCC 6 2016-02-03 22:19:55 +01:00
Dennis Gilmore
2c0ee4d763 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 16:42:19 +00:00
10 changed files with 532 additions and 16 deletions

View File

@ -0,0 +1,26 @@
From 822b732fd31ffcb78f6920001e9b1fbd815fa712 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Thu, 27 Sep 2018 12:11:12 +0200
Subject: [PATCH] SimpleModule: set output chunk framecount after pull
After pulling the data, set the output chunk to the amount of
frames we pulled so that the next module in the chain has the correct
frame count.
Fixes #50 and #51
---
libaudiofile/modules/SimpleModule.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/libaudiofile/modules/SimpleModule.cpp b/libaudiofile/modules/SimpleModule.cpp
index 2bae1eb..e87932c 100644
--- a/libaudiofile/modules/SimpleModule.cpp
+++ b/libaudiofile/modules/SimpleModule.cpp
@@ -26,6 +26,7 @@
void SimpleModule::runPull()
{
pull(m_outChunk->frameCount);
+ m_outChunk->frameCount = m_inChunk->frameCount;
run(*m_inChunk, *m_outChunk);
}

View File

@ -0,0 +1,21 @@
From 941774c8c0e79007196d7f1e7afdc97689f869b3 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Thu, 27 Sep 2018 12:09:45 +0200
Subject: [PATCH] ALAC: set chunk frameCount to 0 on short read
---
libaudiofile/modules/ALAC.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/libaudiofile/modules/ALAC.cpp b/libaudiofile/modules/ALAC.cpp
index 7593c11..478e2af 100644
--- a/libaudiofile/modules/ALAC.cpp
+++ b/libaudiofile/modules/ALAC.cpp
@@ -240,6 +240,7 @@ void ALAC::runPull()
if (read(m_inChunk->buffer, bytesPerPacket) < bytesPerPacket)
{
reportReadError(0, m_track->f.framesPerPacket);
+ m_outChunk->frameCount = 0;
return;
}

View File

@ -0,0 +1,48 @@
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/libaudiofile/modules/SimpleModule.h audiofile-0.3.6/libaudiofile/modules/SimpleModule.h
--- audiofile-0.3.6-orig/libaudiofile/modules/SimpleModule.h 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6/libaudiofile/modules/SimpleModule.h 2016-02-03 21:19:43.065454454 +0100
@@ -123,7 +123,7 @@
typedef typename IntTypes<Format>::UnsignedType UnsignedType;
static const int kScaleBits = (Format + 1) * CHAR_BIT - 1;
- static const int kMinSignedValue = -1 << kScaleBits;
+ static const int kMinSignedValue = 0-(1U<<kScaleBits);
struct signedToUnsigned : public std::unary_function<SignedType, UnsignedType>
{
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/test/FloatToInt.cpp audiofile-0.3.6/test/FloatToInt.cpp
--- audiofile-0.3.6-orig/test/FloatToInt.cpp 2013-02-11 18:23:26.000000000 +0100
+++ audiofile-0.3.6/test/FloatToInt.cpp 2016-02-03 21:21:14.714510229 +0100
@@ -115,7 +115,7 @@
EXPECT_EQ(readData[i], expectedData[i]);
}
-static const int32_t kMinInt24 = -1<<23;
+static const int32_t kMinInt24 = 0-(1U<<23);
static const int32_t kMaxInt24 = (1<<23) - 1;
TEST_F(FloatToIntTest, Int24)
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/test/IntToFloat.cpp audiofile-0.3.6/test/IntToFloat.cpp
--- audiofile-0.3.6-orig/test/IntToFloat.cpp 2013-02-11 18:23:26.000000000 +0100
+++ audiofile-0.3.6/test/IntToFloat.cpp 2016-02-03 21:20:57.380445355 +0100
@@ -117,7 +117,7 @@
EXPECT_EQ(readData[i], expectedData[i]);
}
-static const int32_t kMinInt24 = -1<<23;
+static const int32_t kMinInt24 = 0-(1U<<23);
static const int32_t kMaxInt24 = (1<<23) - 1;
TEST_F(IntToFloatTest, Int24)
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/test/Sign.cpp audiofile-0.3.6/test/Sign.cpp
--- audiofile-0.3.6-orig/test/Sign.cpp 2013-02-11 18:23:26.000000000 +0100
+++ audiofile-0.3.6/test/Sign.cpp 2016-02-03 21:20:38.742450826 +0100
@@ -116,7 +116,7 @@
EXPECT_EQ(readData[i], expectedData[i]);
}
-static const int32_t kMinInt24 = -1<<23;
+static const int32_t kMinInt24 = 0-(1U<<23);
static const int32_t kMaxInt24 = (1<<23) - 1;
static const uint32_t kMaxUInt24 = (1<<24) - 1;

View File

@ -0,0 +1,52 @@
diff -Nur audiofile-0.3.6-orig/test/NeXT.cpp audiofile-0.3.6/test/NeXT.cpp
--- audiofile-0.3.6-orig/test/NeXT.cpp 2013-02-11 18:23:26.000000000 +0100
+++ audiofile-0.3.6/test/NeXT.cpp 2016-02-04 10:37:32.457140823 +0100
@@ -37,13 +37,13 @@
#include "TestUtilities.h"
-const char kDataUnspecifiedLength[] =
+const signed char kDataUnspecifiedLength[] =
{
'.', 's', 'n', 'd',
0, 0, 0, 24, // offset of 24 bytes
- 0xff, 0xff, 0xff, 0xff, // unspecified length
+ -1, -1, -1, -1, // unspecified length
0, 0, 0, 3, // 16-bit linear
- 0, 0, 172, 68, // 44100 Hz
+ 0, 0, -84, 68, // 44100 Hz (0xAC44)
0, 0, 0, 1, // 1 channel
0, 1,
0, 1,
@@ -57,13 +57,13 @@
0, 55
};
-const char kDataTruncated[] =
+const signed char kDataTruncated[] =
{
'.', 's', 'n', 'd',
0, 0, 0, 24, // offset of 24 bytes
0, 0, 0, 20, // length of 20 bytes
0, 0, 0, 3, // 16-bit linear
- 0, 0, 172, 68, // 44100 Hz
+ 0, 0, -84, 68, // 44100 Hz (0xAC44)
0, 0, 0, 1, // 1 channel
0, 1,
0, 1,
@@ -152,13 +152,13 @@
ASSERT_EQ(::unlink(testFileName.c_str()), 0);
}
-const char kDataZeroChannels[] =
+const signed char kDataZeroChannels[] =
{
'.', 's', 'n', 'd',
0, 0, 0, 24, // offset of 24 bytes
0, 0, 0, 2, // 2 bytes
0, 0, 0, 3, // 16-bit linear
- 0, 0, 172, 68, // 44100 Hz
+ 0, 0, -84, 68, // 44100 Hz (0xAC44)
0, 0, 0, 0, // 0 channels
0, 1
};

View File

@ -0,0 +1,176 @@
diff -Nur audiofile-0.3.6/libaudiofile/modules/BlockCodec.cpp audiofile-0.3.6-pull42/libaudiofile/modules/BlockCodec.cpp
--- audiofile-0.3.6/libaudiofile/modules/BlockCodec.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull42/libaudiofile/modules/BlockCodec.cpp 2017-03-10 15:40:02.000000000 +0100
@@ -52,8 +52,9 @@
// Decompress into m_outChunk.
for (int i=0; i<blocksRead; i++)
{
- decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
- static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount);
+ if (decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
+ static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0)
+ break;
framesRead += m_framesPerPacket;
}
diff -Nur audiofile-0.3.6/libaudiofile/modules/MSADPCM.cpp audiofile-0.3.6-pull42/libaudiofile/modules/MSADPCM.cpp
--- audiofile-0.3.6/libaudiofile/modules/MSADPCM.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull42/libaudiofile/modules/MSADPCM.cpp 2017-03-10 15:40:02.000000000 +0100
@@ -101,24 +101,60 @@
768, 614, 512, 409, 307, 230, 230, 230
};
+int firstBitSet(int x)
+{
+ int position=0;
+ while (x!=0)
+ {
+ x>>=1;
+ ++position;
+ }
+ return position;
+}
+
+#ifndef __has_builtin
+#define __has_builtin(x) 0
+#endif
+
+bool multiplyCheckOverflow(int a, int b, int *result)
+{
+#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+#else
+ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
+ return true;
+ *result = a * b;
+ return false;
+#endif
+}
+
+
// Compute a linear PCM value from the given differential coded value.
static int16_t decodeSample(ms_adpcm_state &state,
- uint8_t code, const int16_t *coefficient)
+ uint8_t code, const int16_t *coefficient, bool *ok=NULL)
{
int linearSample = (state.sample1 * coefficient[0] +
state.sample2 * coefficient[1]) >> 8;
+ int delta;
linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta;
linearSample = clamp(linearSample, MIN_INT16, MAX_INT16);
- int delta = (state.delta * adaptationTable[code]) >> 8;
+ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta))
+ {
+ if (ok) *ok=false;
+ _af_error(AF_BAD_COMPRESSION, "Error decoding sample");
+ return 0;
+ }
+ delta >>= 8;
if (delta < 16)
delta = 16;
state.delta = delta;
state.sample2 = state.sample1;
state.sample1 = linearSample;
+ if (ok) *ok=true;
return static_cast<int16_t>(linearSample);
}
@@ -212,13 +248,16 @@
{
uint8_t code;
int16_t newSample;
+ bool ok;
code = *encoded >> 4;
- newSample = decodeSample(*state[0], code, coefficient[0]);
+ newSample = decodeSample(*state[0], code, coefficient[0], &ok);
+ if (!ok) return 0;
*decoded++ = newSample;
code = *encoded & 0x0f;
- newSample = decodeSample(*state[1], code, coefficient[1]);
+ newSample = decodeSample(*state[1], code, coefficient[1], &ok);
+ if (!ok) return 0;
*decoded++ = newSample;
encoded++;
diff -Nur audiofile-0.3.6/libaudiofile/WAVE.cpp audiofile-0.3.6-pull42/libaudiofile/WAVE.cpp
--- audiofile-0.3.6/libaudiofile/WAVE.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull42/libaudiofile/WAVE.cpp 2017-03-10 15:40:02.000000000 +0100
@@ -281,6 +281,12 @@
/* numCoefficients should be at least 7. */
assert(numCoefficients >= 7 && numCoefficients <= 255);
+ if (numCoefficients < 7 || numCoefficients > 255)
+ {
+ _af_error(AF_BAD_HEADER,
+ "Bad number of coefficients");
+ return AF_FAIL;
+ }
m_msadpcmNumCoefficients = numCoefficients;
@@ -834,6 +840,8 @@
}
TrackSetup *track = setup->getTrack();
+ if (!track)
+ return AF_NULL_FILESETUP;
if (track->f.isCompressed())
{
diff -Nur audiofile-0.3.6/sfcommands/sfconvert.c audiofile-0.3.6-pull42/sfcommands/sfconvert.c
--- audiofile-0.3.6/sfcommands/sfconvert.c 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull42/sfcommands/sfconvert.c 2017-03-10 15:40:02.000000000 +0100
@@ -45,6 +45,33 @@
void usageerror (void);
bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+int firstBitSet(int x)
+{
+ int position=0;
+ while (x!=0)
+ {
+ x>>=1;
+ ++position;
+ }
+ return position;
+}
+
+#ifndef __has_builtin
+#define __has_builtin(x) 0
+#endif
+
+bool multiplyCheckOverflow(int a, int b, int *result)
+{
+#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+#else
+ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
+ return true;
+ *result = a * b;
+ return false;
+#endif
+}
+
int main (int argc, char **argv)
{
if (argc == 2)
@@ -323,8 +350,11 @@
{
int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
- const int kBufferFrameCount = 65536;
- void *buffer = malloc(kBufferFrameCount * frameSize);
+ int kBufferFrameCount = 65536;
+ int bufferSize;
+ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
+ kBufferFrameCount /= 2;
+ void *buffer = malloc(bufferSize);
AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
AFframecount totalFramesWritten = 0;

View File

@ -0,0 +1,21 @@
diff -Nur audiofile-0.3.6/libaudiofile/modules/IMA.cpp audiofile-0.3.6-pull43/libaudiofile/modules/IMA.cpp
--- audiofile-0.3.6/libaudiofile/modules/IMA.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull43/libaudiofile/modules/IMA.cpp 2017-03-06 18:06:35.000000000 +0100
@@ -169,7 +169,7 @@
if (encoded[1] & 0x80)
m_adpcmState[c].previousValue -= 0x10000;
- m_adpcmState[c].index = encoded[2];
+ m_adpcmState[c].index = clamp(encoded[2], 0, 88);
*decoded++ = m_adpcmState[c].previousValue;
@@ -210,7 +210,7 @@
predictor -= 0x10000;
state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16);
- state.index = encoded[1] & 0x7f;
+ state.index = clamp(encoded[1] & 0x7f, 0, 88);
encoded += 2;
for (int n=0; n<m_framesPerPacket; n+=2)

View File

@ -0,0 +1,31 @@
diff -Nur audiofile-0.3.6/libaudiofile/modules/BlockCodec.cpp audiofile-0.3.6-pull44/libaudiofile/modules/BlockCodec.cpp
--- audiofile-0.3.6/libaudiofile/modules/BlockCodec.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull44/libaudiofile/modules/BlockCodec.cpp 2017-03-09 10:21:18.000000000 +0100
@@ -47,7 +47,7 @@
// Read the compressed data.
ssize_t bytesRead = read(m_inChunk->buffer, m_bytesPerPacket * blockCount);
- int blocksRead = bytesRead >= 0 ? bytesRead / m_bytesPerPacket : 0;
+ int blocksRead = (bytesRead >= 0 && m_bytesPerPacket > 0) ? bytesRead / m_bytesPerPacket : 0;
// Decompress into m_outChunk.
for (int i=0; i<blocksRead; i++)
diff -Nur audiofile-0.3.6/libaudiofile/WAVE.cpp audiofile-0.3.6-pull44/libaudiofile/WAVE.cpp
--- audiofile-0.3.6/libaudiofile/WAVE.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6-pull44/libaudiofile/WAVE.cpp 2017-03-09 10:21:18.000000000 +0100
@@ -326,6 +326,7 @@
{
_af_error(AF_BAD_NOT_IMPLEMENTED,
"IMA ADPCM compression supports only 4 bits per sample");
+ return AF_FAIL;
}
int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount;
@@ -333,6 +334,7 @@
{
_af_error(AF_BAD_CODEC_CONFIG,
"Invalid samples per block for IMA ADPCM compression");
+ return AF_FAIL;
}
track->f.sampleWidth = 16;

View File

@ -3,20 +3,33 @@
Summary: Library for accessing various audio file formats Summary: Library for accessing various audio file formats
Name: audiofile Name: audiofile
Version: 0.3.6 Version: 0.3.6
Release: 9%{?dist} Release: 34%{?dist}
Epoch: 1 Epoch: 1
# library is LGPL / the two programs GPL / see README # library is LGPL / the two programs GPL / see README
License: LGPLv2+ and GPLv2+ License: LGPL-2.1-or-later and GPL-2.0-or-later
Group: System Environment/Libraries
Source: http://audiofile.68k.org/%{name}-%{version}.tar.gz Source: http://audiofile.68k.org/%{name}-%{version}.tar.gz
URL: http://audiofile.68k.org/ URL: http://audiofile.68k.org/
BuildRequires: gcc-c++
BuildRequires: libtool BuildRequires: libtool
BuildRequires: alsa-lib-devel BuildRequires: alsa-lib-devel
BuildRequires: flac-devel BuildRequires: flac-devel
BuildRequires: make
BuildRequires: chrpath
# optional for rebuilding manual pages from .txt # optional for rebuilding manual pages from .txt
#BuildRequires: asciidoc #BuildRequires: asciidoc
Patch0: audiofile-0.3.6-CVE-2015-7747.patch Patch0: audiofile-0.3.6-CVE-2015-7747.patch
# fixes to make build with GCC 6
Patch1: audiofile-0.3.6-left-shift-neg.patch
Patch2: audiofile-0.3.6-narrowing.patch
# pull requests #42,#43,#44
Patch3: audiofile-0.3.6-pull42.patch
Patch4: audiofile-0.3.6-pull43.patch
Patch5: audiofile-0.3.6-pull44.patch
Patch6: 822b732fd31ffcb78f6920001e9b1fbd815fa712.patch
Patch7: 941774c8c0e79007196d7f1e7afdc97689f869b3.patch
Patch8: fde6d79fb8363c4a329a184ef0b107156602b225.patch
Patch9: integer-overflow.patch
%description %description
The Audio File library is an implementation of the Audio File Library The Audio File library is an implementation of the Audio File Library
@ -29,7 +42,6 @@ any of the sound file formats it can handle.
%package devel %package devel
Summary: Development files for Audio File applications Summary: Development files for Audio File applications
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
%description devel %description devel
@ -39,27 +51,37 @@ other resources you can use to develop Audio File applications.
%prep %prep
%setup -q %setup -q
%patch0 -p1 -b .CVE-2015-7747 %patch0 -p1 -b .CVE-2015-7747
%patch1 -p1 -b .left-shift-neg
%patch2 -p1 -b .narrowing-conversion
%patch3 -p1 -b .pull42
%patch4 -p1 -b .pull43
%patch5 -p1 -b .pull44
%patch6 -p1 -b .CVE-2018-17095
%patch7 -p1 -b .CVE-2018-13440
%patch8 -p1 -b .CVE-2018-13440
%patch9 -p1 -b .integer-overflow
%build %build
%configure --disable-static %configure --disable-rpath
make %{?_smp_mflags} LIBTOOL="/usr/bin/libtool" %make_build
%install %install
make DESTDIR="$RPM_BUILD_ROOT" install %make_install
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
chrpath --delete $RPM_BUILD_ROOT%{_bindir}/sfconvert
chrpath --delete $RPM_BUILD_ROOT%{_bindir}/sfinfo
%check #%check
%if %{make_check} #%if %{make_check}
make check #make check
%endif #%endif
%post -p /sbin/ldconfig %ldconfig_scriptlets
%postun -p /sbin/ldconfig
%files %files
@ -78,6 +100,85 @@ make check
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Thu Mar 02 2023 Gwyn Ciesla <gwync@protonmail.com> - 1:0.3.6-34
- migrated to SPDX license
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Sep 13 2022 Michel Alexandre Salim <salimma@fedoraproject.org> - 1:0.3.6-32
- Rebuilt for flac 1.4.0
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-30
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-29
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu May 27 2021 Gwyn Ciesla <gwync@protonmail.com> - 1:0.3.6-28
- Disable RPATH.
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-27
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 04 2021 Timm Bäder <tbaeder@redhat.com> - 1:0.3.6-26
- Fix a integer overflow warning with gcc and error with clang
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Oct 09 2018 Gwyn Ciesla <limburgher@gmail.com> - 1:0.3.6-21
- Fixes for CVE-2018-13440.
* Tue Oct 09 2018 Gwyn Ciesla <limburgher@gmail.com> - 1:0.3.6-20
- Fix for CVE-2018-17095.
* Mon Aug 13 2018 Leigh Scott <leigh123linux@googlemail.com> - 1:0.3.6-19
- Fix build
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:0.3.6-17
- Escape macros in %%changelog
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sun Mar 12 2017 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-13
- Merge upstream pull requests #42,#43,#44 from Agostino Sarubbo to fix
security issues. CVE-2017-6827, CVE-2017-6828,
CVE-2017-6829, CVE-2017-6830, CVE-2017-6831,
CVE-2017-6832, CVE-2017-6833, CVE-2017-6834, CVE-2017-6835,
CVE-2017-6836, CVE-2017-6837, CVE-2017-6838, CVE-2017-6839
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Feb 3 2016 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-11
- patch to compile with GCC 6
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.3.6-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Oct 8 2015 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-9 * Thu Oct 8 2015 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-9
- Merge fix from upstream pull request #25 for CVE-2015-7747. - Merge fix from upstream pull request #25 for CVE-2015-7747.
Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
@ -235,7 +336,7 @@ make check
- upgrade to 0.1.11. - upgrade to 0.1.11.
* Mon Aug 14 2000 Than Ngo <than@redhat.com> * Mon Aug 14 2000 Than Ngo <than@redhat.com>
- add ldconfig to %post and %postun (Bug #15413) - add ldconfig to %%post and %%postun (Bug #15413)
* Fri Aug 11 2000 Jonathan Blandford <jrb@redhat.com> * Fri Aug 11 2000 Jonathan Blandford <jrb@redhat.com>
- Up Epoch and release - Up Epoch and release
@ -268,7 +369,7 @@ make check
- Version 0.1.6 - Version 0.1.6
* Sun Feb 21 1999 Michael Fulbright <drmike@redhat.com> * Sun Feb 21 1999 Michael Fulbright <drmike@redhat.com>
- Removed libtoolize from %build - Removed libtoolize from %%build
* Wed Feb 3 1999 Jonathan Blandfor <jrb@redhat.com> * Wed Feb 3 1999 Jonathan Blandfor <jrb@redhat.com>
- Newer version with bug fix. Upped release. - Newer version with bug fix. Upped release.

View File

@ -0,0 +1,28 @@
From fde6d79fb8363c4a329a184ef0b107156602b225 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Thu, 27 Sep 2018 10:48:45 +0200
Subject: [PATCH] ModuleState: handle compress/decompress init failure
When the unit initcompress or initdecompress function fails,
m_fileModule is NULL. Return AF_FAIL in that case instead of
causing NULL pointer dereferences later.
Fixes #49
---
libaudiofile/modules/ModuleState.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libaudiofile/modules/ModuleState.cpp b/libaudiofile/modules/ModuleState.cpp
index 0c29d7a..070fd9b 100644
--- a/libaudiofile/modules/ModuleState.cpp
+++ b/libaudiofile/modules/ModuleState.cpp
@@ -75,6 +75,9 @@ status ModuleState::initFileModule(AFfilehandle file, Track *track)
m_fileModule = unit->initcompress(track, file->m_fh, file->m_seekok,
file->m_fileFormat == AF_FILE_RAWDATA, &chunkFrames);
+ if (!m_fileModule)
+ return AF_FAIL;
+
if (unit->needsRebuffer)
{
assert(unit->nativeSampleFormat == AF_SAMPFMT_TWOSCOMP);

12
integer-overflow.patch Normal file
View File

@ -0,0 +1,12 @@
diff -ruN audiofile-0.3.6.orig/test/Sign.cpp audiofile-0.3.6/test/Sign.cpp
--- audiofile-0.3.6.orig/test/Sign.cpp 2021-01-04 12:50:58.563336280 +0100
+++ audiofile-0.3.6/test/Sign.cpp 2021-01-04 13:00:55.536214264 +0100
@@ -157,7 +157,7 @@
AFframecount framesRead = afReadFrames(file, AF_DEFAULT_TRACK, readData, frameCount);
ASSERT_EQ(framesRead, frameCount);
afCloseFile(file);
- const uint32_t expectedData[] = { 0, -kMinInt32, kMaxUInt32 };
+ const uint32_t expectedData[] = { 0, static_cast<uint32_t>(-kMinInt32), kMaxUInt32 };
for (int i=0; i<frameCount; i++)
EXPECT_EQ(readData[i], expectedData[i]);
}