diff options
| author | Christopher Baines <mail@cbaines.net> | 2020-11-29 14:19:55 +0000 |
|---|---|---|
| committer | Christopher Baines <mail@cbaines.net> | 2020-11-29 17:34:18 +0000 |
| commit | ff01206345e2306cc633db48e0b29eab9077091a (patch) | |
| tree | 25c7ee17005dadc9bf4fae3f0873e03a4704f782 /gnu/packages/patches/audiofile-multiply-overflow.patch | |
| parent | ed2545f0fa0e2ad99d5a0c45f532c539b299b9fb (diff) | |
| parent | 7c2e67400ffaef8eb6f30ef7126c976ee3d7e36c (diff) | |
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu/packages/patches/audiofile-multiply-overflow.patch')
| -rw-r--r-- | gnu/packages/patches/audiofile-multiply-overflow.patch | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/gnu/packages/patches/audiofile-multiply-overflow.patch b/gnu/packages/patches/audiofile-multiply-overflow.patch new file mode 100644 index 0000000000..0f17140d6b --- /dev/null +++ b/gnu/packages/patches/audiofile-multiply-overflow.patch @@ -0,0 +1,66 @@ +From: Antonio Larrosa <larrosa@kde.org> +Date: Mon, 6 Mar 2017 13:54:52 +0100 +Subject: Check for multiplication overflow in sfconvert + +Checks that a multiplication doesn't overflow when +calculating the buffer size, and if it overflows, +reduce the buffer size instead of failing. + +This fixes the 00192-audiofile-signintoverflow-sfconvert case +in #41 +--- + sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++-- + 1 file changed, 32 insertions(+), 2 deletions(-) + +diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c +index 80a1bc4..970a3e4 100644 +--- a/sfcommands/sfconvert.c ++++ b/sfcommands/sfconvert.c +@@ -45,6 +45,33 @@ void printusage (void); + void usageerror (void); + bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid); + ++int firstBitSet(int x) ++{ ++ int position=0; ++ while (x!=0) ++ { ++ x>>=1; ++ ++position; ++ } ++ return position; ++} ++ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++int multiplyCheckOverflow(int a, int b, int *result) ++{ ++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) ++ return __builtin_mul_overflow(a, b, result); ++#else ++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits ++ return true; ++ *result = a * b; ++ return false; ++#endif ++} ++ + int main (int argc, char **argv) + { + if (argc == 2) +@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid) + { + int frameSize = afGetVirtualFrameSize(infile, trackid, 1); + +- const int kBufferFrameCount = 65536; +- void *buffer = malloc(kBufferFrameCount * frameSize); ++ int kBufferFrameCount = 65536; ++ int bufferSize; ++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize)) ++ kBufferFrameCount /= 2; ++ void *buffer = malloc(bufferSize); + + AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK); + AFframecount totalFramesWritten = 0; |