[arch-commits] Commit in audiofile/repos (22 files)
Jan de Groot
jgc at archlinux.org
Sat Aug 12 21:40:44 UTC 2017
Date: Saturday, August 12, 2017 @ 21:40:44
Author: jgc
Revision: 301991
archrelease: copy trunk to extra-i686, extra-x86_64
Added:
audiofile/repos/extra-i686/01_gcc6.patch
(from rev 301990, audiofile/trunk/01_gcc6.patch)
audiofile/repos/extra-i686/03_CVE-2015-7747.patch
(from rev 301990, audiofile/trunk/03_CVE-2015-7747.patch)
audiofile/repos/extra-i686/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
(from rev 301990, audiofile/trunk/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch)
audiofile/repos/extra-i686/05_Always-check-the-number-of-coefficients.patch
(from rev 301990, audiofile/trunk/05_Always-check-the-number-of-coefficients.patch)
audiofile/repos/extra-i686/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
(from rev 301990, audiofile/trunk/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch)
audiofile/repos/extra-i686/07_Check-for-multiplication-overflow-in-sfconvert.patch
(from rev 301990, audiofile/trunk/07_Check-for-multiplication-overflow-in-sfconvert.patch)
audiofile/repos/extra-i686/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
(from rev 301990, audiofile/trunk/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch)
audiofile/repos/extra-i686/09_Actually-fail-when-error-occurs-in-parseFormat.patch
(from rev 301990, audiofile/trunk/09_Actually-fail-when-error-occurs-in-parseFormat.patch)
audiofile/repos/extra-i686/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
(from rev 301990, audiofile/trunk/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
audiofile/repos/extra-i686/PKGBUILD
(from rev 301990, audiofile/trunk/PKGBUILD)
audiofile/repos/extra-x86_64/01_gcc6.patch
(from rev 301990, audiofile/trunk/01_gcc6.patch)
audiofile/repos/extra-x86_64/03_CVE-2015-7747.patch
(from rev 301990, audiofile/trunk/03_CVE-2015-7747.patch)
audiofile/repos/extra-x86_64/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
(from rev 301990, audiofile/trunk/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch)
audiofile/repos/extra-x86_64/05_Always-check-the-number-of-coefficients.patch
(from rev 301990, audiofile/trunk/05_Always-check-the-number-of-coefficients.patch)
audiofile/repos/extra-x86_64/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
(from rev 301990, audiofile/trunk/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch)
audiofile/repos/extra-x86_64/07_Check-for-multiplication-overflow-in-sfconvert.patch
(from rev 301990, audiofile/trunk/07_Check-for-multiplication-overflow-in-sfconvert.patch)
audiofile/repos/extra-x86_64/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
(from rev 301990, audiofile/trunk/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch)
audiofile/repos/extra-x86_64/09_Actually-fail-when-error-occurs-in-parseFormat.patch
(from rev 301990, audiofile/trunk/09_Actually-fail-when-error-occurs-in-parseFormat.patch)
audiofile/repos/extra-x86_64/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
(from rev 301990, audiofile/trunk/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
audiofile/repos/extra-x86_64/PKGBUILD
(from rev 301990, audiofile/trunk/PKGBUILD)
Deleted:
audiofile/repos/extra-i686/PKGBUILD
audiofile/repos/extra-x86_64/PKGBUILD
------------------------------------------------------------------------------+
/PKGBUILD | 120 +++++++
extra-i686/01_gcc6.patch | 102 ++++++
extra-i686/03_CVE-2015-7747.patch | 156 ++++++++++
extra-i686/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch | 33 ++
extra-i686/05_Always-check-the-number-of-coefficients.patch | 30 +
extra-i686/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch | 116 +++++++
extra-i686/07_Check-for-multiplication-overflow-in-sfconvert.patch | 66 ++++
extra-i686/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch | 35 ++
extra-i686/09_Actually-fail-when-error-occurs-in-parseFormat.patch | 36 ++
extra-i686/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch | 21 +
extra-i686/PKGBUILD | 29 -
extra-x86_64/01_gcc6.patch | 102 ++++++
extra-x86_64/03_CVE-2015-7747.patch | 156 ++++++++++
extra-x86_64/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch | 33 ++
extra-x86_64/05_Always-check-the-number-of-coefficients.patch | 30 +
extra-x86_64/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch | 116 +++++++
extra-x86_64/07_Check-for-multiplication-overflow-in-sfconvert.patch | 66 ++++
extra-x86_64/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch | 35 ++
extra-x86_64/09_Actually-fail-when-error-occurs-in-parseFormat.patch | 36 ++
extra-x86_64/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch | 21 +
extra-x86_64/PKGBUILD | 29 -
21 files changed, 1310 insertions(+), 58 deletions(-)
Copied: audiofile/repos/extra-i686/01_gcc6.patch (from rev 301990, audiofile/trunk/01_gcc6.patch)
===================================================================
--- extra-i686/01_gcc6.patch (rev 0)
+++ extra-i686/01_gcc6.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,102 @@
+Description: Fix FTBFS with GCC 6
+Author: Michael Schwendt <mschwendt at fedoraproject.org>
+Origin: vendor, https://github.com/mpruett/audiofile/pull/27
+Bug-Debian: https://bugs.debian.org/812055
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/libaudiofile/modules/SimpleModule.h
++++ b/libaudiofile/modules/SimpleModule.h
+@@ -123,7 +123,7 @@ struct signConverter
+ typedef typename IntTypes<Format>::UnsignedType UnsignedType;
+
+ static const int kScaleBits = (Format + 1) * CHAR_BIT - 1;
+- static const int kMinSignedValue = -1 << kScaleBits;
++ static const int kMinSignedValue = 0-(1U<<kScaleBits);
+
+ struct signedToUnsigned : public std::unary_function<SignedType, UnsignedType>
+ {
+--- a/test/FloatToInt.cpp
++++ b/test/FloatToInt.cpp
+@@ -115,7 +115,7 @@ TEST_F(FloatToIntTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+
+ TEST_F(FloatToIntTest, Int24)
+--- a/test/IntToFloat.cpp
++++ b/test/IntToFloat.cpp
+@@ -117,7 +117,7 @@ TEST_F(IntToFloatTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+
+ TEST_F(IntToFloatTest, Int24)
+--- a/test/NeXT.cpp
++++ b/test/NeXT.cpp
+@@ -37,13 +37,13 @@
+
+ #include "TestUtilities.h"
+
+-const char kDataUnspecifiedLength[] =
++const signed char kDataUnspecifiedLength[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+- 0xff, 0xff, 0xff, 0xff, // unspecified length
++ -1, -1, -1, -1, // unspecified length
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 1, // 1 channel
+ 0, 1,
+ 0, 1,
+@@ -57,13 +57,13 @@ const char kDataUnspecifiedLength[] =
+ 0, 55
+ };
+
+-const char kDataTruncated[] =
++const signed char kDataTruncated[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+ 0, 0, 0, 20, // length of 20 bytes
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 1, // 1 channel
+ 0, 1,
+ 0, 1,
+@@ -152,13 +152,13 @@ TEST(NeXT, Truncated)
+ ASSERT_EQ(::unlink(testFileName.c_str()), 0);
+ }
+
+-const char kDataZeroChannels[] =
++const signed char kDataZeroChannels[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+ 0, 0, 0, 2, // 2 bytes
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 0, // 0 channels
+ 0, 1
+ };
+--- a/test/Sign.cpp
++++ b/test/Sign.cpp
+@@ -116,7 +116,7 @@ TEST_F(SignConversionTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+ static const uint32_t kMaxUInt24 = (1<<24) - 1;
+
Copied: audiofile/repos/extra-i686/03_CVE-2015-7747.patch (from rev 301990, audiofile/trunk/03_CVE-2015-7747.patch)
===================================================================
--- extra-i686/03_CVE-2015-7747.patch (rev 0)
+++ extra-i686/03_CVE-2015-7747.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,156 @@
+Description: fix buffer overflow when changing both sample format and
+ number of channels
+Origin: https://github.com/mpruett/audiofile/pull/25
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
+Bug-Debian: https://bugs.debian.org/801102
+
+--- a/libaudiofile/modules/ModuleState.cpp
++++ b/libaudiofile/modules/ModuleState.cpp
+@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
+ addModule(new Transform(outfc, in.pcm, out.pcm));
+
+ if (in.channelCount != out.channelCount)
+- addModule(new ApplyChannelMatrix(infc, isReading,
++ addModule(new ApplyChannelMatrix(outfc, isReading,
+ in.channelCount, out.channelCount,
+ in.pcm.minClip, in.pcm.maxClip,
+ track->channelMatrix));
+--- a/test/Makefile.am
++++ b/test/Makefile.am
+@@ -26,6 +26,7 @@ TESTS = \
+ VirtualFile \
+ floatto24 \
+ query2 \
++ sixteen-stereo-to-eight-mono \
+ sixteen-to-eight \
+ testchannelmatrix \
+ testdouble \
+@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
+ printmarkers_LDADD = $(LIBAUDIOFILE) -lm
+
+ sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
++sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
+
+ testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
+
+--- /dev/null
++++ b/test/sixteen-stereo-to-eight-mono.c
+@@ -0,0 +1,118 @@
++/*
++ Audio File Library
++
++ Copyright 2000, Silicon Graphics, Inc.
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License along
++ with this program; if not, write to the Free Software Foundation, Inc.,
++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
++*/
++
++/*
++ sixteen-stereo-to-eight-mono.c
++
++ This program tests the conversion from 2-channel 16-bit integers to
++ 1-channel 8-bit integers.
++*/
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
++#include <stdint.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include <limits.h>
++
++#include <audiofile.h>
++
++#include "TestUtilities.h"
++
++int main (int argc, char **argv)
++{
++ AFfilehandle file;
++ AFfilesetup setup;
++ int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
++ int8_t frames8[] = {28, 6, -2};
++ int i, frameCount = 3;
++ int8_t byte;
++ AFframecount result;
++
++ setup = afNewFileSetup();
++
++ afInitFileFormat(setup, AF_FILE_WAVE);
++
++ afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
++ afInitChannels(setup, AF_DEFAULT_TRACK, 2);
++
++ char *testFileName;
++ if (!createTemporaryFile("sixteen-to-eight", &testFileName))
++ {
++ fprintf(stderr, "Could not create temporary file.\n");
++ exit(EXIT_FAILURE);
++ }
++
++ file = afOpenFile(testFileName, "w", setup);
++ if (file == AF_NULL_FILEHANDLE)
++ {
++ fprintf(stderr, "could not open file for writing\n");
++ exit(EXIT_FAILURE);
++ }
++
++ afFreeFileSetup(setup);
++
++ afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
++
++ afCloseFile(file);
++
++ file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
++ if (file == AF_NULL_FILEHANDLE)
++ {
++ fprintf(stderr, "could not open file for reading\n");
++ exit(EXIT_FAILURE);
++ }
++
++ afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
++ afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
++
++ for (i=0; i<frameCount; i++)
++ {
++ /* Read one frame. */
++ result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
++
++ if (result != 1)
++ break;
++
++ /* Compare the byte read with its precalculated value. */
++ if (memcmp(&byte, &frames8[i], 1) != 0)
++ {
++ printf("error\n");
++ printf("expected %d, got %d\n", frames8[i], byte);
++ exit(EXIT_FAILURE);
++ }
++ else
++ {
++#ifdef DEBUG
++ printf("got what was expected: %d\n", byte);
++#endif
++ }
++ }
++
++ afCloseFile(file);
++ unlink(testFileName);
++ free(testFileName);
++
++ exit(EXIT_SUCCESS);
++}
Copied: audiofile/repos/extra-i686/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch (from rev 301990, audiofile/trunk/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch)
===================================================================
--- extra-i686/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch (rev 0)
+++ extra-i686/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,33 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 18:02:31 +0100
+Subject: clamp index values to fix index overflow in IMA.cpp
+
+This fixes #33
+(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981
+and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/)
+---
+ libaudiofile/modules/IMA.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp
+index 7476d44..df4aad6 100644
+--- a/libaudiofile/modules/IMA.cpp
++++ b/libaudiofile/modules/IMA.cpp
+@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded)
+ if (encoded[1] & 0x80)
+ m_adpcmState[c].previousValue -= 0x10000;
+
+- m_adpcmState[c].index = encoded[2];
++ m_adpcmState[c].index = clamp(encoded[2], 0, 88);
+
+ *decoded++ = m_adpcmState[c].previousValue;
+
+@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded)
+ predictor -= 0x10000;
+
+ state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16);
+- state.index = encoded[1] & 0x7f;
++ state.index = clamp(encoded[1] & 0x7f, 0, 88);
+ encoded += 2;
+
+ for (int n=0; n<m_framesPerPacket; n+=2)
Copied: audiofile/repos/extra-i686/05_Always-check-the-number-of-coefficients.patch (from rev 301990, audiofile/trunk/05_Always-check-the-number-of-coefficients.patch)
===================================================================
--- extra-i686/05_Always-check-the-number-of-coefficients.patch (rev 0)
+++ extra-i686/05_Always-check-the-number-of-coefficients.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,30 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 12:51:22 +0100
+Subject: Always check the number of coefficients
+
+When building the library with NDEBUG, asserts are eliminated
+so it's better to always check that the number of coefficients
+is inside the array range.
+
+This fixes the 00191-audiofile-indexoob issue in #41
+---
+ libaudiofile/WAVE.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 9dd8511..0fc48e8 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+
+ /* numCoefficients should be at least 7. */
+ assert(numCoefficients >= 7 && numCoefficients <= 255);
++ if (numCoefficients < 7 || numCoefficients > 255)
++ {
++ _af_error(AF_BAD_HEADER,
++ "Bad number of coefficients");
++ return AF_FAIL;
++ }
+
+ m_msadpcmNumCoefficients = numCoefficients;
+
Copied: audiofile/repos/extra-i686/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch (from rev 301990, audiofile/trunk/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch)
===================================================================
--- extra-i686/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch (rev 0)
+++ extra-i686/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,116 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 13:43:53 +0100
+Subject: Check for multiplication overflow in MSADPCM decodeSample
+
+Check for multiplication overflow (using __builtin_mul_overflow
+if available) in MSADPCM.cpp decodeSample and return an empty
+decoded block if an error occurs.
+
+This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41
+---
+ libaudiofile/modules/BlockCodec.cpp | 5 ++--
+ libaudiofile/modules/MSADPCM.cpp | 47 +++++++++++++++++++++++++++++++++----
+ 2 files changed, 46 insertions(+), 6 deletions(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 45925e8..4731be1 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -52,8 +52,9 @@ void BlockCodec::runPull()
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
+ {
+- decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
+- static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount);
++ if (decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
++ static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0)
++ break;
+
+ framesRead += m_framesPerPacket;
+ }
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index 8ea3c85..ef9c38c 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] =
+ 768, 614, 512, 409, 307, 230, 230, 230
+ };
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
++
+ // Compute a linear PCM value from the given differential coded value.
+ static int16_t decodeSample(ms_adpcm_state &state,
+- uint8_t code, const int16_t *coefficient)
++ uint8_t code, const int16_t *coefficient, bool *ok=NULL)
+ {
+ int linearSample = (state.sample1 * coefficient[0] +
+ state.sample2 * coefficient[1]) >> 8;
++ int delta;
+
+ linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta;
+
+ linearSample = clamp(linearSample, MIN_INT16, MAX_INT16);
+
+- int delta = (state.delta * adaptationTable[code]) >> 8;
++ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta))
++ {
++ if (ok) *ok=false;
++ _af_error(AF_BAD_COMPRESSION, "Error decoding sample");
++ return 0;
++ }
++ delta >>= 8;
+ if (delta < 16)
+ delta = 16;
+
+ state.delta = delta;
+ state.sample2 = state.sample1;
+ state.sample1 = linearSample;
++ if (ok) *ok=true;
+
+ return static_cast<int16_t>(linearSample);
+ }
+@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded)
+ {
+ uint8_t code;
+ int16_t newSample;
++ bool ok;
+
+ code = *encoded >> 4;
+- newSample = decodeSample(*state[0], code, coefficient[0]);
++ newSample = decodeSample(*state[0], code, coefficient[0], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ code = *encoded & 0x0f;
+- newSample = decodeSample(*state[1], code, coefficient[1]);
++ newSample = decodeSample(*state[1], code, coefficient[1], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ encoded++;
Copied: audiofile/repos/extra-i686/07_Check-for-multiplication-overflow-in-sfconvert.patch (from rev 301990, audiofile/trunk/07_Check-for-multiplication-overflow-in-sfconvert.patch)
===================================================================
--- extra-i686/07_Check-for-multiplication-overflow-in-sfconvert.patch (rev 0)
+++ extra-i686/07_Check-for-multiplication-overflow-in-sfconvert.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,66 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 13:54:52 +0100
+Subject: Check for multiplication overflow in sfconvert
+
+Checks that a multiplication doesn't overflow when
+calculating the buffer size, and if it overflows,
+reduce the buffer size instead of failing.
+
+This fixes the 00192-audiofile-signintoverflow-sfconvert case
+in #41
+---
+ sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 80a1bc4..970a3e4 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -45,6 +45,33 @@ void printusage (void);
+ void usageerror (void);
+ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
+ int main (int argc, char **argv)
+ {
+ if (argc == 2)
+@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
+ {
+ int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
+
+- const int kBufferFrameCount = 65536;
+- void *buffer = malloc(kBufferFrameCount * frameSize);
++ int kBufferFrameCount = 65536;
++ int bufferSize;
++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
++ kBufferFrameCount /= 2;
++ void *buffer = malloc(bufferSize);
+
+ AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
+ AFframecount totalFramesWritten = 0;
Copied: audiofile/repos/extra-i686/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch (from rev 301990, audiofile/trunk/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch)
===================================================================
--- extra-i686/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch (rev 0)
+++ extra-i686/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,35 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Fri, 10 Mar 2017 15:40:02 +0100
+Subject: Fix signature of multiplyCheckOverflow. It returns a bool, not an int
+
+---
+ libaudiofile/modules/MSADPCM.cpp | 2 +-
+ sfcommands/sfconvert.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index ef9c38c..d8c9553 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -116,7 +116,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 970a3e4..367f7a5 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -60,7 +60,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
Copied: audiofile/repos/extra-i686/09_Actually-fail-when-error-occurs-in-parseFormat.patch (from rev 301990, audiofile/trunk/09_Actually-fail-when-error-occurs-in-parseFormat.patch)
===================================================================
--- extra-i686/09_Actually-fail-when-error-occurs-in-parseFormat.patch (rev 0)
+++ extra-i686/09_Actually-fail-when-error-occurs-in-parseFormat.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,36 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 18:59:26 +0100
+Subject: Actually fail when error occurs in parseFormat
+
+When there's an unsupported number of bits per sample or an invalid
+number of samples per block, don't only print an error message using
+the error handler, but actually stop parsing the file.
+
+This fixes #35 (also reported at
+https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and
+https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
+)
+---
+ libaudiofile/WAVE.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0fc48e8..d04b796 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -332,6 +332,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_NOT_IMPLEMENTED,
+ "IMA ADPCM compression supports only 4 bits per sample");
++ return AF_FAIL;
+ }
+
+ int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount;
+@@ -339,6 +340,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_CODEC_CONFIG,
+ "Invalid samples per block for IMA ADPCM compression");
++ return AF_FAIL;
+ }
+
+ track->f.sampleWidth = 16;
Copied: audiofile/repos/extra-i686/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch (from rev 301990, audiofile/trunk/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
===================================================================
--- extra-i686/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch (rev 0)
+++ extra-i686/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,21 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Thu, 9 Mar 2017 10:21:18 +0100
+Subject: Check for division by zero in BlockCodec::runPull
+
+---
+ libaudiofile/modules/BlockCodec.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 4731be1..eb2fb4d 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -47,7 +47,7 @@ void BlockCodec::runPull()
+
+ // Read the compressed data.
+ ssize_t bytesRead = read(m_inChunk->buffer, m_bytesPerPacket * blockCount);
+- int blocksRead = bytesRead >= 0 ? bytesRead / m_bytesPerPacket : 0;
++ int blocksRead = (bytesRead >= 0 && m_bytesPerPacket > 0) ? bytesRead / m_bytesPerPacket : 0;
+
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
Deleted: extra-i686/PKGBUILD
===================================================================
--- extra-i686/PKGBUILD 2017-08-12 21:40:33 UTC (rev 301990)
+++ extra-i686/PKGBUILD 2017-08-12 21:40:44 UTC (rev 301991)
@@ -1,29 +0,0 @@
-# $Id$
-# Maintainer: Ray Rashif <schiv at archlinux.org>
-# Contributor: dorphell <dorphell at archlinux.org>
-
-pkgname=audiofile
-pkgver=0.3.6
-pkgrel=3
-pkgdesc="Silicon Graphics Audio File Library"
-arch=('i686' 'x86_64')
-url="http://www.68k.org/~michael/audiofile/"
-license=('LGPL')
-depends=('gcc-libs' 'alsa-lib' 'flac')
-source=("http://audiofile.68k.org/$pkgname-$pkgver.tar.gz")
-md5sums=('2731d79bec0acef3d30d2fc86b0b72fd')
-
-build() {
- cd "$srcdir/$pkgname-$pkgver"
-
- ./configure --prefix=/usr
- make
-}
-
-package() {
- cd "$srcdir/$pkgname-$pkgver"
-
- make DESTDIR="$pkgdir" install
-}
-
-# vim:set ts=2 sw=2 et:
Copied: audiofile/repos/extra-i686/PKGBUILD (from rev 301990, audiofile/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,60 @@
+# $Id$
+# Maintainer: Ray Rashif <schiv at archlinux.org>
+# Contributor: dorphell <dorphell at archlinux.org>
+
+pkgname=audiofile
+pkgver=0.3.6
+pkgrel=4
+pkgdesc="Silicon Graphics Audio File Library"
+arch=('i686' 'x86_64')
+url="https://audiofile.68k.org/"
+license=('LGPL')
+depends=('gcc-libs' 'alsa-lib' 'flac')
+source=("https://audiofile.68k.org/$pkgname-$pkgver.tar.gz"
+ 01_gcc6.patch
+ 03_CVE-2015-7747.patch
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
+sha256sums=('cdc60df19ab08bfe55344395739bb08f50fc15c92da3962fac334d3bff116965'
+ 'a1904603c0292e76530f635dfc1828fb4e0d9d13555581cad33c0200640f7a27'
+ 'bcfc180708d089b5abe0ae1439809b5a4306a08917b0212c3d135e5ec56711f2'
+ '540c517828d5573ba7bc3fd9b3811f39f4ea0132011d348d22bdfc545e865a8e'
+ '1b55abeb867d66b7d3b7c34585e77e6d3656c6317b582c99f3280d37523c7718'
+ '7a464eb7521ae8deb67516309bb396caa93135dc62fbad7351e67923b1766423'
+ '2ed5cc3b57394ea33ad466ca9844b766e4cb91dd7b1e2b71deaf15cf881dbf51'
+ '257f157cf2cc8947e0f5be4bff2c4afddbe73643e9e39a83171dbea02f5d52f4'
+ '48deaaa07bfade35208edb9e22b4fe78f91470012414ddb26cd68f684c95e33d'
+ 'f31d51ebd8f8e0bd076cd1bce34b210c4dbbd959ca9b87693ad86a6399c492a3')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../01_gcc6.patch
+ patch -Np1 -i ../03_CVE-2015-7747.patch
+ patch -Np1 -i ../04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ patch -Np1 -i ../05_Always-check-the-number-of-coefficients.patch
+ patch -Np1 -i ../06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ patch -Np1 -i ../07_Check-for-multiplication-overflow-in-sfconvert.patch
+ patch -Np1 -i ../08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ patch -Np1 -i ../09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ patch -Np1 -i ../10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
+}
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ ./configure --prefix=/usr
+ make
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ make DESTDIR="$pkgdir" install
+}
+
+# vim:set ts=2 sw=2 et:
Copied: audiofile/repos/extra-x86_64/01_gcc6.patch (from rev 301990, audiofile/trunk/01_gcc6.patch)
===================================================================
--- extra-x86_64/01_gcc6.patch (rev 0)
+++ extra-x86_64/01_gcc6.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,102 @@
+Description: Fix FTBFS with GCC 6
+Author: Michael Schwendt <mschwendt at fedoraproject.org>
+Origin: vendor, https://github.com/mpruett/audiofile/pull/27
+Bug-Debian: https://bugs.debian.org/812055
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/libaudiofile/modules/SimpleModule.h
++++ b/libaudiofile/modules/SimpleModule.h
+@@ -123,7 +123,7 @@ struct signConverter
+ typedef typename IntTypes<Format>::UnsignedType UnsignedType;
+
+ static const int kScaleBits = (Format + 1) * CHAR_BIT - 1;
+- static const int kMinSignedValue = -1 << kScaleBits;
++ static const int kMinSignedValue = 0-(1U<<kScaleBits);
+
+ struct signedToUnsigned : public std::unary_function<SignedType, UnsignedType>
+ {
+--- a/test/FloatToInt.cpp
++++ b/test/FloatToInt.cpp
+@@ -115,7 +115,7 @@ TEST_F(FloatToIntTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+
+ TEST_F(FloatToIntTest, Int24)
+--- a/test/IntToFloat.cpp
++++ b/test/IntToFloat.cpp
+@@ -117,7 +117,7 @@ TEST_F(IntToFloatTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+
+ TEST_F(IntToFloatTest, Int24)
+--- a/test/NeXT.cpp
++++ b/test/NeXT.cpp
+@@ -37,13 +37,13 @@
+
+ #include "TestUtilities.h"
+
+-const char kDataUnspecifiedLength[] =
++const signed char kDataUnspecifiedLength[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+- 0xff, 0xff, 0xff, 0xff, // unspecified length
++ -1, -1, -1, -1, // unspecified length
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 1, // 1 channel
+ 0, 1,
+ 0, 1,
+@@ -57,13 +57,13 @@ const char kDataUnspecifiedLength[] =
+ 0, 55
+ };
+
+-const char kDataTruncated[] =
++const signed char kDataTruncated[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+ 0, 0, 0, 20, // length of 20 bytes
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 1, // 1 channel
+ 0, 1,
+ 0, 1,
+@@ -152,13 +152,13 @@ TEST(NeXT, Truncated)
+ ASSERT_EQ(::unlink(testFileName.c_str()), 0);
+ }
+
+-const char kDataZeroChannels[] =
++const signed char kDataZeroChannels[] =
+ {
+ '.', 's', 'n', 'd',
+ 0, 0, 0, 24, // offset of 24 bytes
+ 0, 0, 0, 2, // 2 bytes
+ 0, 0, 0, 3, // 16-bit linear
+- 0, 0, 172, 68, // 44100 Hz
++ 0, 0, -84, 68, // 44100 Hz (0xAC44)
+ 0, 0, 0, 0, // 0 channels
+ 0, 1
+ };
+--- a/test/Sign.cpp
++++ b/test/Sign.cpp
+@@ -116,7 +116,7 @@ TEST_F(SignConversionTest, Int16)
+ EXPECT_EQ(readData[i], expectedData[i]);
+ }
+
+-static const int32_t kMinInt24 = -1<<23;
++static const int32_t kMinInt24 = 0-(1U<<23);
+ static const int32_t kMaxInt24 = (1<<23) - 1;
+ static const uint32_t kMaxUInt24 = (1<<24) - 1;
+
Copied: audiofile/repos/extra-x86_64/03_CVE-2015-7747.patch (from rev 301990, audiofile/trunk/03_CVE-2015-7747.patch)
===================================================================
--- extra-x86_64/03_CVE-2015-7747.patch (rev 0)
+++ extra-x86_64/03_CVE-2015-7747.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,156 @@
+Description: fix buffer overflow when changing both sample format and
+ number of channels
+Origin: https://github.com/mpruett/audiofile/pull/25
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
+Bug-Debian: https://bugs.debian.org/801102
+
+--- a/libaudiofile/modules/ModuleState.cpp
++++ b/libaudiofile/modules/ModuleState.cpp
+@@ -402,7 +402,7 @@ status ModuleState::arrange(AFfilehandle
+ addModule(new Transform(outfc, in.pcm, out.pcm));
+
+ if (in.channelCount != out.channelCount)
+- addModule(new ApplyChannelMatrix(infc, isReading,
++ addModule(new ApplyChannelMatrix(outfc, isReading,
+ in.channelCount, out.channelCount,
+ in.pcm.minClip, in.pcm.maxClip,
+ track->channelMatrix));
+--- a/test/Makefile.am
++++ b/test/Makefile.am
+@@ -26,6 +26,7 @@ TESTS = \
+ VirtualFile \
+ floatto24 \
+ query2 \
++ sixteen-stereo-to-eight-mono \
+ sixteen-to-eight \
+ testchannelmatrix \
+ testdouble \
+@@ -139,6 +140,7 @@ printmarkers_SOURCES = printmarkers.c
+ printmarkers_LDADD = $(LIBAUDIOFILE) -lm
+
+ sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
++sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
+
+ testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
+
+--- /dev/null
++++ b/test/sixteen-stereo-to-eight-mono.c
+@@ -0,0 +1,118 @@
++/*
++ Audio File Library
++
++ Copyright 2000, Silicon Graphics, Inc.
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License along
++ with this program; if not, write to the Free Software Foundation, Inc.,
++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
++*/
++
++/*
++ sixteen-stereo-to-eight-mono.c
++
++ This program tests the conversion from 2-channel 16-bit integers to
++ 1-channel 8-bit integers.
++*/
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
++#include <stdint.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include <limits.h>
++
++#include <audiofile.h>
++
++#include "TestUtilities.h"
++
++int main (int argc, char **argv)
++{
++ AFfilehandle file;
++ AFfilesetup setup;
++ int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
++ int8_t frames8[] = {28, 6, -2};
++ int i, frameCount = 3;
++ int8_t byte;
++ AFframecount result;
++
++ setup = afNewFileSetup();
++
++ afInitFileFormat(setup, AF_FILE_WAVE);
++
++ afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
++ afInitChannels(setup, AF_DEFAULT_TRACK, 2);
++
++ char *testFileName;
++ if (!createTemporaryFile("sixteen-to-eight", &testFileName))
++ {
++ fprintf(stderr, "Could not create temporary file.\n");
++ exit(EXIT_FAILURE);
++ }
++
++ file = afOpenFile(testFileName, "w", setup);
++ if (file == AF_NULL_FILEHANDLE)
++ {
++ fprintf(stderr, "could not open file for writing\n");
++ exit(EXIT_FAILURE);
++ }
++
++ afFreeFileSetup(setup);
++
++ afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
++
++ afCloseFile(file);
++
++ file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
++ if (file == AF_NULL_FILEHANDLE)
++ {
++ fprintf(stderr, "could not open file for reading\n");
++ exit(EXIT_FAILURE);
++ }
++
++ afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
++ afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
++
++ for (i=0; i<frameCount; i++)
++ {
++ /* Read one frame. */
++ result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
++
++ if (result != 1)
++ break;
++
++ /* Compare the byte read with its precalculated value. */
++ if (memcmp(&byte, &frames8[i], 1) != 0)
++ {
++ printf("error\n");
++ printf("expected %d, got %d\n", frames8[i], byte);
++ exit(EXIT_FAILURE);
++ }
++ else
++ {
++#ifdef DEBUG
++ printf("got what was expected: %d\n", byte);
++#endif
++ }
++ }
++
++ afCloseFile(file);
++ unlink(testFileName);
++ free(testFileName);
++
++ exit(EXIT_SUCCESS);
++}
Copied: audiofile/repos/extra-x86_64/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch (from rev 301990, audiofile/trunk/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch)
===================================================================
--- extra-x86_64/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch (rev 0)
+++ extra-x86_64/04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,33 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 18:02:31 +0100
+Subject: clamp index values to fix index overflow in IMA.cpp
+
+This fixes #33
+(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981
+and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/)
+---
+ libaudiofile/modules/IMA.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp
+index 7476d44..df4aad6 100644
+--- a/libaudiofile/modules/IMA.cpp
++++ b/libaudiofile/modules/IMA.cpp
+@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded)
+ if (encoded[1] & 0x80)
+ m_adpcmState[c].previousValue -= 0x10000;
+
+- m_adpcmState[c].index = encoded[2];
++ m_adpcmState[c].index = clamp(encoded[2], 0, 88);
+
+ *decoded++ = m_adpcmState[c].previousValue;
+
+@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded)
+ predictor -= 0x10000;
+
+ state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16);
+- state.index = encoded[1] & 0x7f;
++ state.index = clamp(encoded[1] & 0x7f, 0, 88);
+ encoded += 2;
+
+ for (int n=0; n<m_framesPerPacket; n+=2)
Copied: audiofile/repos/extra-x86_64/05_Always-check-the-number-of-coefficients.patch (from rev 301990, audiofile/trunk/05_Always-check-the-number-of-coefficients.patch)
===================================================================
--- extra-x86_64/05_Always-check-the-number-of-coefficients.patch (rev 0)
+++ extra-x86_64/05_Always-check-the-number-of-coefficients.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,30 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 12:51:22 +0100
+Subject: Always check the number of coefficients
+
+When building the library with NDEBUG, asserts are eliminated
+so it's better to always check that the number of coefficients
+is inside the array range.
+
+This fixes the 00191-audiofile-indexoob issue in #41
+---
+ libaudiofile/WAVE.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 9dd8511..0fc48e8 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+
+ /* numCoefficients should be at least 7. */
+ assert(numCoefficients >= 7 && numCoefficients <= 255);
++ if (numCoefficients < 7 || numCoefficients > 255)
++ {
++ _af_error(AF_BAD_HEADER,
++ "Bad number of coefficients");
++ return AF_FAIL;
++ }
+
+ m_msadpcmNumCoefficients = numCoefficients;
+
Copied: audiofile/repos/extra-x86_64/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch (from rev 301990, audiofile/trunk/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch)
===================================================================
--- extra-x86_64/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch (rev 0)
+++ extra-x86_64/06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,116 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 13:43:53 +0100
+Subject: Check for multiplication overflow in MSADPCM decodeSample
+
+Check for multiplication overflow (using __builtin_mul_overflow
+if available) in MSADPCM.cpp decodeSample and return an empty
+decoded block if an error occurs.
+
+This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41
+---
+ libaudiofile/modules/BlockCodec.cpp | 5 ++--
+ libaudiofile/modules/MSADPCM.cpp | 47 +++++++++++++++++++++++++++++++++----
+ 2 files changed, 46 insertions(+), 6 deletions(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 45925e8..4731be1 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -52,8 +52,9 @@ void BlockCodec::runPull()
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
+ {
+- decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
+- static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount);
++ if (decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
++ static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0)
++ break;
+
+ framesRead += m_framesPerPacket;
+ }
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index 8ea3c85..ef9c38c 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] =
+ 768, 614, 512, 409, 307, 230, 230, 230
+ };
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
++
+ // Compute a linear PCM value from the given differential coded value.
+ static int16_t decodeSample(ms_adpcm_state &state,
+- uint8_t code, const int16_t *coefficient)
++ uint8_t code, const int16_t *coefficient, bool *ok=NULL)
+ {
+ int linearSample = (state.sample1 * coefficient[0] +
+ state.sample2 * coefficient[1]) >> 8;
++ int delta;
+
+ linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta;
+
+ linearSample = clamp(linearSample, MIN_INT16, MAX_INT16);
+
+- int delta = (state.delta * adaptationTable[code]) >> 8;
++ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta))
++ {
++ if (ok) *ok=false;
++ _af_error(AF_BAD_COMPRESSION, "Error decoding sample");
++ return 0;
++ }
++ delta >>= 8;
+ if (delta < 16)
+ delta = 16;
+
+ state.delta = delta;
+ state.sample2 = state.sample1;
+ state.sample1 = linearSample;
++ if (ok) *ok=true;
+
+ return static_cast<int16_t>(linearSample);
+ }
+@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded)
+ {
+ uint8_t code;
+ int16_t newSample;
++ bool ok;
+
+ code = *encoded >> 4;
+- newSample = decodeSample(*state[0], code, coefficient[0]);
++ newSample = decodeSample(*state[0], code, coefficient[0], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ code = *encoded & 0x0f;
+- newSample = decodeSample(*state[1], code, coefficient[1]);
++ newSample = decodeSample(*state[1], code, coefficient[1], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ encoded++;
Copied: audiofile/repos/extra-x86_64/07_Check-for-multiplication-overflow-in-sfconvert.patch (from rev 301990, audiofile/trunk/07_Check-for-multiplication-overflow-in-sfconvert.patch)
===================================================================
--- extra-x86_64/07_Check-for-multiplication-overflow-in-sfconvert.patch (rev 0)
+++ extra-x86_64/07_Check-for-multiplication-overflow-in-sfconvert.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,66 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 13:54:52 +0100
+Subject: Check for multiplication overflow in sfconvert
+
+Checks that a multiplication doesn't overflow when
+calculating the buffer size, and if it overflows,
+reduce the buffer size instead of failing.
+
+This fixes the 00192-audiofile-signintoverflow-sfconvert case
+in #41
+---
+ sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 80a1bc4..970a3e4 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -45,6 +45,33 @@ void printusage (void);
+ void usageerror (void);
+ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
+ int main (int argc, char **argv)
+ {
+ if (argc == 2)
+@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
+ {
+ int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
+
+- const int kBufferFrameCount = 65536;
+- void *buffer = malloc(kBufferFrameCount * frameSize);
++ int kBufferFrameCount = 65536;
++ int bufferSize;
++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
++ kBufferFrameCount /= 2;
++ void *buffer = malloc(bufferSize);
+
+ AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
+ AFframecount totalFramesWritten = 0;
Copied: audiofile/repos/extra-x86_64/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch (from rev 301990, audiofile/trunk/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch)
===================================================================
--- extra-x86_64/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch (rev 0)
+++ extra-x86_64/08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,35 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Fri, 10 Mar 2017 15:40:02 +0100
+Subject: Fix signature of multiplyCheckOverflow. It returns a bool, not an int
+
+---
+ libaudiofile/modules/MSADPCM.cpp | 2 +-
+ sfcommands/sfconvert.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index ef9c38c..d8c9553 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -116,7 +116,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 970a3e4..367f7a5 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -60,7 +60,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
Copied: audiofile/repos/extra-x86_64/09_Actually-fail-when-error-occurs-in-parseFormat.patch (from rev 301990, audiofile/trunk/09_Actually-fail-when-error-occurs-in-parseFormat.patch)
===================================================================
--- extra-x86_64/09_Actually-fail-when-error-occurs-in-parseFormat.patch (rev 0)
+++ extra-x86_64/09_Actually-fail-when-error-occurs-in-parseFormat.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,36 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Mon, 6 Mar 2017 18:59:26 +0100
+Subject: Actually fail when error occurs in parseFormat
+
+When there's an unsupported number of bits per sample or an invalid
+number of samples per block, don't only print an error message using
+the error handler, but actually stop parsing the file.
+
+This fixes #35 (also reported at
+https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and
+https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
+)
+---
+ libaudiofile/WAVE.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0fc48e8..d04b796 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -332,6 +332,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_NOT_IMPLEMENTED,
+ "IMA ADPCM compression supports only 4 bits per sample");
++ return AF_FAIL;
+ }
+
+ int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount;
+@@ -339,6 +340,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_CODEC_CONFIG,
+ "Invalid samples per block for IMA ADPCM compression");
++ return AF_FAIL;
+ }
+
+ track->f.sampleWidth = 16;
Copied: audiofile/repos/extra-x86_64/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch (from rev 301990, audiofile/trunk/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
===================================================================
--- extra-x86_64/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch (rev 0)
+++ extra-x86_64/10_Check-for-division-by-zero-in-BlockCodec-runPull.patch 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,21 @@
+From: Antonio Larrosa <larrosa at kde.org>
+Date: Thu, 9 Mar 2017 10:21:18 +0100
+Subject: Check for division by zero in BlockCodec::runPull
+
+---
+ libaudiofile/modules/BlockCodec.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 4731be1..eb2fb4d 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -47,7 +47,7 @@ void BlockCodec::runPull()
+
+ // Read the compressed data.
+ ssize_t bytesRead = read(m_inChunk->buffer, m_bytesPerPacket * blockCount);
+- int blocksRead = bytesRead >= 0 ? bytesRead / m_bytesPerPacket : 0;
++ int blocksRead = (bytesRead >= 0 && m_bytesPerPacket > 0) ? bytesRead / m_bytesPerPacket : 0;
+
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
Deleted: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2017-08-12 21:40:33 UTC (rev 301990)
+++ extra-x86_64/PKGBUILD 2017-08-12 21:40:44 UTC (rev 301991)
@@ -1,29 +0,0 @@
-# $Id$
-# Maintainer: Ray Rashif <schiv at archlinux.org>
-# Contributor: dorphell <dorphell at archlinux.org>
-
-pkgname=audiofile
-pkgver=0.3.6
-pkgrel=3
-pkgdesc="Silicon Graphics Audio File Library"
-arch=('i686' 'x86_64')
-url="http://www.68k.org/~michael/audiofile/"
-license=('LGPL')
-depends=('gcc-libs' 'alsa-lib' 'flac')
-source=("http://audiofile.68k.org/$pkgname-$pkgver.tar.gz")
-md5sums=('2731d79bec0acef3d30d2fc86b0b72fd')
-
-build() {
- cd "$srcdir/$pkgname-$pkgver"
-
- ./configure --prefix=/usr
- make
-}
-
-package() {
- cd "$srcdir/$pkgname-$pkgver"
-
- make DESTDIR="$pkgdir" install
-}
-
-# vim:set ts=2 sw=2 et:
Copied: audiofile/repos/extra-x86_64/PKGBUILD (from rev 301990, audiofile/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD (rev 0)
+++ extra-x86_64/PKGBUILD 2017-08-12 21:40:44 UTC (rev 301991)
@@ -0,0 +1,60 @@
+# $Id$
+# Maintainer: Ray Rashif <schiv at archlinux.org>
+# Contributor: dorphell <dorphell at archlinux.org>
+
+pkgname=audiofile
+pkgver=0.3.6
+pkgrel=4
+pkgdesc="Silicon Graphics Audio File Library"
+arch=('i686' 'x86_64')
+url="https://audiofile.68k.org/"
+license=('LGPL')
+depends=('gcc-libs' 'alsa-lib' 'flac')
+source=("https://audiofile.68k.org/$pkgname-$pkgver.tar.gz"
+ 01_gcc6.patch
+ 03_CVE-2015-7747.patch
+ 04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ 05_Always-check-the-number-of-coefficients.patch
+ 06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ 07_Check-for-multiplication-overflow-in-sfconvert.patch
+ 08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ 09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ 10_Check-for-division-by-zero-in-BlockCodec-runPull.patch)
+sha256sums=('cdc60df19ab08bfe55344395739bb08f50fc15c92da3962fac334d3bff116965'
+ 'a1904603c0292e76530f635dfc1828fb4e0d9d13555581cad33c0200640f7a27'
+ 'bcfc180708d089b5abe0ae1439809b5a4306a08917b0212c3d135e5ec56711f2'
+ '540c517828d5573ba7bc3fd9b3811f39f4ea0132011d348d22bdfc545e865a8e'
+ '1b55abeb867d66b7d3b7c34585e77e6d3656c6317b582c99f3280d37523c7718'
+ '7a464eb7521ae8deb67516309bb396caa93135dc62fbad7351e67923b1766423'
+ '2ed5cc3b57394ea33ad466ca9844b766e4cb91dd7b1e2b71deaf15cf881dbf51'
+ '257f157cf2cc8947e0f5be4bff2c4afddbe73643e9e39a83171dbea02f5d52f4'
+ '48deaaa07bfade35208edb9e22b4fe78f91470012414ddb26cd68f684c95e33d'
+ 'f31d51ebd8f8e0bd076cd1bce34b210c4dbbd959ca9b87693ad86a6399c492a3')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../01_gcc6.patch
+ patch -Np1 -i ../03_CVE-2015-7747.patch
+ patch -Np1 -i ../04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
+ patch -Np1 -i ../05_Always-check-the-number-of-coefficients.patch
+ patch -Np1 -i ../06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch
+ patch -Np1 -i ../07_Check-for-multiplication-overflow-in-sfconvert.patch
+ patch -Np1 -i ../08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch
+ patch -Np1 -i ../09_Actually-fail-when-error-occurs-in-parseFormat.patch
+ patch -Np1 -i ../10_Check-for-division-by-zero-in-BlockCodec-runPull.patch
+}
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ ./configure --prefix=/usr
+ make
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ make DESTDIR="$pkgdir" install
+}
+
+# vim:set ts=2 sw=2 et:
More information about the arch-commits
mailing list