forked from mpruett/audiofile
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Check for multiplication overflow in sfconvert
Checks that a multiplication doesn't overflow when calculating the buffer size, and if it overflows, reduce the buffer size instead of failing. This fixes the 00192-audiofile-signintoverflow-sfconvert case in mpruett#41
- Loading branch information
Showing
2 changed files
with
98 additions
and
2 deletions.
There are no files selected for viewing
66 changes: 66 additions & 0 deletions
66
patches/07_Check-for-multiplication-overflow-in-sfconvert.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
From: Antonio Larrosa <[email protected]> | ||
Date: Mon, 6 Mar 2017 13:54:52 +0100 | ||
Subject: Check for multiplication overflow in sfconvert | ||
|
||
Checks that a multiplication doesn't overflow when | ||
calculating the buffer size, and if it overflows, | ||
reduce the buffer size instead of failing. | ||
|
||
This fixes the 00192-audiofile-signintoverflow-sfconvert case | ||
in #41 | ||
--- | ||
sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++-- | ||
1 file changed, 32 insertions(+), 2 deletions(-) | ||
|
||
diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c | ||
index 80a1bc4..970a3e4 100644 | ||
--- a/sfcommands/sfconvert.c | ||
+++ b/sfcommands/sfconvert.c | ||
@@ -45,6 +45,33 @@ void printusage (void); | ||
void usageerror (void); | ||
bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid); | ||
|
||
+int firstBitSet(int x) | ||
+{ | ||
+ int position=0; | ||
+ while (x!=0) | ||
+ { | ||
+ x>>=1; | ||
+ ++position; | ||
+ } | ||
+ return position; | ||
+} | ||
+ | ||
+#ifndef __has_builtin | ||
+#define __has_builtin(x) 0 | ||
+#endif | ||
+ | ||
+int multiplyCheckOverflow(int a, int b, int *result) | ||
+{ | ||
+#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) | ||
+ return __builtin_mul_overflow(a, b, result); | ||
+#else | ||
+ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits | ||
+ return true; | ||
+ *result = a * b; | ||
+ return false; | ||
+#endif | ||
+} | ||
+ | ||
int main (int argc, char **argv) | ||
{ | ||
if (argc == 2) | ||
@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid) | ||
{ | ||
int frameSize = afGetVirtualFrameSize(infile, trackid, 1); | ||
|
||
- const int kBufferFrameCount = 65536; | ||
- void *buffer = malloc(kBufferFrameCount * frameSize); | ||
+ int kBufferFrameCount = 65536; | ||
+ int bufferSize; | ||
+ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize)) | ||
+ kBufferFrameCount /= 2; | ||
+ void *buffer = malloc(bufferSize); | ||
|
||
AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK); | ||
AFframecount totalFramesWritten = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters