head 1.3; access; symbols pkgsrc-2013Q2:1.3.0.8 pkgsrc-2013Q2-base:1.3 pkgsrc-2012Q4:1.3.0.6 pkgsrc-2012Q4-base:1.3 pkgsrc-2011Q4:1.3.0.4 pkgsrc-2011Q4-base:1.3 pkgsrc-2011Q2:1.3.0.2 pkgsrc-2011Q2-base:1.3 pkgsrc-2010Q1:1.2.0.4 pkgsrc-2010Q1-base:1.2 pkgsrc-2009Q4:1.2.0.2 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q3:1.1.0.8 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.6 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.4 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.2; locks; strict; comment @# @; 1.3 date 2010.04.12.19.04.58; author drochner; state dead; branches; next 1.2; 1.2 date 2009.12.01.10.44.02; author drochner; state Exp; branches; next 1.1; 1.1 date 2009.01.21.15.19.27; author drochner; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.01.21.15.19.27; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.01.22.20.21.28; author tron; state Exp; branches; next ; desc @@ 1.3 log @update to 0.2.7 changes: -Fix decoding of multi-channel ADPCM WAVE files (was patched in pkgsrc) -Reduce unshared data in library -Fix handling of audio files with more than 2^24 frames -Add support for writing double-precision floating-point WAVE files -Add support for reading certain uncompressed AIFF-C files created by Mac OS X -Write fact chunk in floating-point WAVE files @ text @$NetBSD: patch-ac,v 1.2 2009/12/01 10:44:02 drochner Exp $ --- libaudiofile/modules/msadpcm.c.orig 2004-03-06 07:39:23.000000000 +0100 +++ libaudiofile/modules/msadpcm.c @@@@ -129,8 +129,7 @@@@ static int ms_adpcm_decode_block (ms_adp ms_adpcm_state *state[2]; /* Calculate the number of bytes needed for decoded data. */ - outputLength = msadpcm->samplesPerBlock * sizeof (int16_t) * - msadpcm->track->f.channelCount; + outputLength = msadpcm->samplesPerBlock * sizeof (int16_t); channelCount = msadpcm->track->f.channelCount; @@@@ -180,8 +179,8 @@@@ static int ms_adpcm_decode_block (ms_adp The first two samples have already been 'decoded' in the block header. */ - samplesRemaining = (msadpcm->samplesPerBlock - 2) * - msadpcm->track->f.channelCount; + samplesRemaining = msadpcm->samplesPerBlock + - 2 * msadpcm->track->f.channelCount; while (samplesRemaining > 0) { @ 1.2 log @Debian has integrated a fix for ADPCM decoding problems which is similar to our one, and added additional sanity checks (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205#59) use their version to ease further maintainance, bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ @ 1.1 log @(attempt to) fix CVE-2008-5824 (buffer overflow in msadpcm.c), see Debian bug #510205, just done correctly. The IMA code might have similar problems. The code appearently can't handle stereo files correctly anyway, so bail out if >1 channel which should avoid the problem. bump PKGREVISION @ text @d11 1 a11 1 + outputLength = msadpcm->samplesPerBlock * sizeof (int16_t); d15 1 a15 1 @@@@ -180,8 +179,7 @@@@ static int ms_adpcm_decode_block (ms_adp d21 2 a22 1 + samplesRemaining = msadpcm->samplesPerBlock - (2 * channelCount); @ 1.1.2.1 log @file patch-ac was added on branch pkgsrc-2008Q4 on 2009-01-22 20:21:28 +0000 @ text @d1 24 @ 1.1.2.2 log @Pullup ticket #2652 - requested by drochner libaudiofile: security patch Revisions pulled up: audio/libaudiofile/Makefile 1.43 audio/libaudiofile/distinfo 1.12 audio/libaudiofile/patches/patch-ac 1.1 audio/libaudiofile/patches/patch-ad 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Wed Jan 21 15:19:27 UTC 2009 Modified Files: pkgsrc/audio/libaudiofile: Makefile distinfo Added Files: pkgsrc/audio/libaudiofile/patches: patch-ac patch-ad Log Message: (attempt to) fix CVE-2008-5824 (buffer overflow in msadpcm.c), see Debian bug #510205, just done correctly. The IMA code might have similar problems. The code appearently can't handle stereo files correctly anyway, so bail out if >1 channel which should avoid the problem. bump PKGREVISION @ text @a0 24 $NetBSD: patch-ac,v 1.1 2009/01/21 15:19:27 drochner Exp $ --- libaudiofile/modules/msadpcm.c.orig 2004-03-06 07:39:23.000000000 +0100 +++ libaudiofile/modules/msadpcm.c @@@@ -129,8 +129,7 @@@@ static int ms_adpcm_decode_block (ms_adp ms_adpcm_state *state[2]; /* Calculate the number of bytes needed for decoded data. */ - outputLength = msadpcm->samplesPerBlock * sizeof (int16_t) * - msadpcm->track->f.channelCount; + outputLength = msadpcm->samplesPerBlock * sizeof (int16_t); channelCount = msadpcm->track->f.channelCount; @@@@ -180,8 +179,7 @@@@ static int ms_adpcm_decode_block (ms_adp The first two samples have already been 'decoded' in the block header. */ - samplesRemaining = (msadpcm->samplesPerBlock - 2) * - msadpcm->track->f.channelCount; + samplesRemaining = msadpcm->samplesPerBlock - (2 * channelCount); while (samplesRemaining > 0) { @