Skip to content

Commit

Permalink
Check for multiplication overflow in sfconvert
Browse files Browse the repository at this point in the history
Checks that a multiplication doesn't overflow when
calculating the buffer size, and if it overflows,
reduce the buffer size instead of failing.

This fixes the 00192-audiofile-signintoverflow-sfconvert case
in mpruett#41
  • Loading branch information
antlarr authored and sbaldovi committed May 30, 2023
1 parent 7725790 commit 2ce5764
Show file tree
Hide file tree
Showing 2 changed files with 98 additions and 2 deletions.
66 changes: 66 additions & 0 deletions patches/07_Check-for-multiplication-overflow-in-sfconvert.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
From: Antonio Larrosa <[email protected]>
Date: Mon, 6 Mar 2017 13:54:52 +0100
Subject: Check for multiplication overflow in sfconvert

Checks that a multiplication doesn't overflow when
calculating the buffer size, and if it overflows,
reduce the buffer size instead of failing.

This fixes the 00192-audiofile-signintoverflow-sfconvert case
in #41
---
sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
1 file changed, 32 insertions(+), 2 deletions(-)

diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
index 80a1bc4..970a3e4 100644
--- a/sfcommands/sfconvert.c
+++ b/sfcommands/sfconvert.c
@@ -45,6 +45,33 @@ void printusage (void);
void usageerror (void);
bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);

+int firstBitSet(int x)
+{
+ int position=0;
+ while (x!=0)
+ {
+ x>>=1;
+ ++position;
+ }
+ return position;
+}
+
+#ifndef __has_builtin
+#define __has_builtin(x) 0
+#endif
+
+int multiplyCheckOverflow(int a, int b, int *result)
+{
+#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+#else
+ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
+ return true;
+ *result = a * b;
+ return false;
+#endif
+}
+
int main (int argc, char **argv)
{
if (argc == 2)
@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
{
int frameSize = afGetVirtualFrameSize(infile, trackid, 1);

- const int kBufferFrameCount = 65536;
- void *buffer = malloc(kBufferFrameCount * frameSize);
+ int kBufferFrameCount = 65536;
+ int bufferSize;
+ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
+ kBufferFrameCount /= 2;
+ void *buffer = malloc(bufferSize);

AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
AFframecount totalFramesWritten = 0;
34 changes: 32 additions & 2 deletions sfcommands/sfconvert.c
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,33 @@ void printusage (void);
void usageerror (void);
bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);

int firstBitSet(int x)
{
int position=0;
while (x!=0)
{
x>>=1;
++position;
}
return position;
}

#ifndef __has_builtin
#define __has_builtin(x) 0
#endif

int multiplyCheckOverflow(int a, int b, int *result)
{
#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
return __builtin_mul_overflow(a, b, result);
#else
if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
return true;
*result = a * b;
return false;
#endif
}

int main (int argc, char **argv)
{
if (argc == 2)
Expand Down Expand Up @@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
{
int frameSize = afGetVirtualFrameSize(infile, trackid, 1);

const int kBufferFrameCount = 65536;
void *buffer = malloc(kBufferFrameCount * frameSize);
int kBufferFrameCount = 65536;
int bufferSize;
while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
kBufferFrameCount /= 2;
void *buffer = malloc(bufferSize);

AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
AFframecount totalFramesWritten = 0;
Expand Down

0 comments on commit 2ce5764

Please sign in to comment.