aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/audiofile-multiply-overflow.patch
diff options
context:
space:
mode:
authorChristopher Baines <mail@cbaines.net>2020-11-29 14:19:55 +0000
committerChristopher Baines <mail@cbaines.net>2020-11-29 17:34:18 +0000
commitff01206345e2306cc633db48e0b29eab9077091a (patch)
tree25c7ee17005dadc9bf4fae3f0873e03a4704f782 /gnu/packages/patches/audiofile-multiply-overflow.patch
parented2545f0fa0e2ad99d5a0c45f532c539b299b9fb (diff)
parent7c2e67400ffaef8eb6f30ef7126c976ee3d7e36c (diff)
downloadguix-ff01206345e2306cc633db48e0b29eab9077091a.tar.gz
guix-ff01206345e2306cc633db48e0b29eab9077091a.zip
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu/packages/patches/audiofile-multiply-overflow.patch')
-rw-r--r--gnu/packages/patches/audiofile-multiply-overflow.patch66
1 files changed, 66 insertions, 0 deletions
diff --git a/gnu/packages/patches/audiofile-multiply-overflow.patch b/gnu/packages/patches/audiofile-multiply-overflow.patch
new file mode 100644
index 0000000000..0f17140d6b
--- /dev/null
+++ b/gnu/packages/patches/audiofile-multiply-overflow.patch
@@ -0,0 +1,66 @@
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 13:54:52 +0100
+Subject: Check for multiplication overflow in sfconvert
+
+Checks that a multiplication doesn't overflow when
+calculating the buffer size, and if it overflows,
+reduce the buffer size instead of failing.
+
+This fixes the 00192-audiofile-signintoverflow-sfconvert case
+in #41
+---
+ sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 80a1bc4..970a3e4 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -45,6 +45,33 @@ void printusage (void);
+ void usageerror (void);
+ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
+ int main (int argc, char **argv)
+ {
+ if (argc == 2)
+@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
+ {
+ int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
+
+- const int kBufferFrameCount = 65536;
+- void *buffer = malloc(kBufferFrameCount * frameSize);
++ int kBufferFrameCount = 65536;
++ int bufferSize;
++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
++ kBufferFrameCount /= 2;
++ void *buffer = malloc(bufferSize);
+
+ AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
+ AFframecount totalFramesWritten = 0;