Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-02-19 | src/(ima|ms)_adpcm.c : Validate block alignment on read.HEADmaster | Erik de Castro Lopo | 2 | -5/+15 | |
2015-02-14 | src/rf64.c : Make parser more robust to malformed files. | Erik de Castro Lopo | 1 | -0/+5 | |
2015-02-14 | src/(aiff|rf64|w64|wav).c : Exit parser if chunk size > file length. | Erik de Castro Lopo | 4 | -5/+22 | |
2015-02-14 | src/(rf64|w64|wav).c : Validate parsed channel count. | Erik de Castro Lopo | 3 | -0/+18 | |
2015-02-12 | src/caf.c : Fix for big-endian 32 bit systems. | Erik de Castro Lopo | 1 | -3/+2 | |
2015-02-12 | src/w64.c : Refactor and add sanity checking for chunk sizes. | Erik de Castro Lopo | 1 | -35/+29 | |
2015-02-12 | src/rf64.c : Sanity check size of unknown chunks. | Erik de Castro Lopo | 1 | -25/+39 | |
2015-02-11 | src/w64.c : Improve handling of truncated files. | Erik de Castro Lopo | 1 | -3/+2 | |
2015-02-11 | src/ms_adpcm.c : Improve handling of truncated files. | Erik de Castro Lopo | 1 | -15/+23 | |
2015-02-10 | src/aiff.c : Validate channel count. | Erik de Castro Lopo | 1 | -0/+6 | |
2015-02-10 | src/ms_adpcm.c : Validate block predictor. | Erik de Castro Lopo | 1 | -10/+20 | |
2015-02-09 | ALAC : Improve input validation and error reporting. | Erik de Castro Lopo | 3 | -10/+53 | |
2015-02-09 | src/svx.c : Refactor and bug fix. | Erik de Castro Lopo | 1 | -51/+36 | |
* Improve and generalize code. * Reduce number of variables. * Increase robustness when parsing mal-formed files. | |||||
2015-02-09 | src/au.c : Validate channel count. | Erik de Castro Lopo | 1 | -3/+7 | |
2015-02-09 | src/voc.c : Fix overlapping memcpy. | Erik de Castro Lopo | 1 | -6/+7 | |
2015-02-09 | src/(aiff|wav).c : Add debug log info when huge unknown chunk is found. | Erik de Castro Lopo | 2 | -2/+8 | |
2015-02-08 | ALAC : Collection of validation and bounds checking fixes. | Erik de Castro Lopo | 2 | -5/+19 | |
* Validate channel count returned when decoder is initialized. * Validate frames_per_packet. * Bounds check numSamples read from bitstream. * Increase ALAC_BYTE_BUFFER_SIZE. * Integer sanitizer fixes. | |||||
2015-02-07 | src/common.c : Fix a header parsing bug. | Erik de Castro Lopo | 1 | -16/+11 | |
When the file header is bigger that SF_HEADER_LEN, the code would seek instead of reading causing file parse errors. The current header parsing and writing code *badly* needs a re-write. | |||||
2015-02-06 | src/caf.c : Handle finding chunk size of < 0. | Erik de Castro Lopo | 1 | -0/+4 | |
2015-02-06 | src/(aiff|caf|wav).c : Improve debug output when marker == 0. | Erik de Castro Lopo | 3 | -6/+9 | |
2015-02-06 | Scripts/static-deps-build.mk : Only rebuild if something has changed. | Erik de Castro Lopo | 1 | -2/+4 | |
2015-02-01 | src/aiff.c : Minor improvements for parser re-synching. | Erik de Castro Lopo | 1 | -4/+7 | |
2015-01-30 | Scripts/static-deps-build.mk : Two minor fixes. | Erik de Castro Lopo | 1 | -3/+8 | |
* Fix paths to EXTERNAL_LIBS dependences (found using $(pwd)). * Generate configure script if it does not already exist. | |||||
2015-01-30 | src/(float32|double64).c : Fix potential divide by 0. | Erik de Castro Lopo | 2 | -2/+12 | |
2015-01-10 | Change default file permissions to respect process' umask. | Flavio Grossi | 1 | -2/+2 | |
Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com> CLoses: https://github.com/erikd/libsndfile/pull/94 | |||||
2014-12-25 | src/sd2.c : Fix two potential buffer read overflows. | Erik de Castro Lopo | 1 | -1/+11 | |
Closes: https://github.com/erikd/libsndfile/issues/93 | |||||
2014-12-24 | src/aiff.c : Fix potential undefined behaviour arising from shift. | Erik de Castro Lopo | 1 | -1/+1 | |
Closes: https://github.com/erikd/libsndfile/issues/91 | |||||
2014-12-24 | src/file_io.c : Prevent potential divide-by-zero. | Erik de Castro Lopo | 1 | -1/+4 | |
Closes: https://github.com/erikd/libsndfile/issues/92 | |||||
2014-12-16 | tests/ : Fix undefined behaviour warnings. | Erik de Castro Lopo | 4 | -15/+20 | |
2014-12-16 | src/ : Fix undefined behaviour warnings. | Erik de Castro Lopo | 23 | -68/+149 | |
2014-12-16 | configure.ac : Add detection of -fsanitizer=undefined. | Erik de Castro Lopo | 1 | -1/+5 | |
Both Clang and GCC-4.9 now support the undefined behaviour sanitizer so detect and enable it when configuring with --enable-sanitizer. Also improve configure reporting of sanitizer and stack smash protection. | |||||
2014-12-16 | src/Makefile.am : Update CLEANFILES. | Erik de Castro Lopo | 1 | -1/+1 | |
2014-12-16 | src/wav.c : Handle 'smpl' chunks with loop count of 0. | Erik de Castro Lopo | 1 | -0/+3 | |
Closes: https://github.com/erikd/libsndfile/issues/86 | |||||
2014-12-13 | src/wav.c : Fix incorrect warning message on piped files. | Erik de Castro Lopo | 1 | -1/+1 | |
Don't log "filelength > 0xffffffff" warning on piped input files since the length isn't known anyway. Closes: https://github.com/erikd/libsndfile/issues/88 | |||||
2014-12-12 | src/ogg_vorbis.c : Add support for tracknumber and genre metadata. | Erik de Castro Lopo | 1 | -9/+14 | |
Closes: https://github.com/erikd/libsndfile/issues/87 | |||||
2014-12-07 | src/ALAC/ : Code improvements. | Erik de Castro Lopo | 10 | -55/+77 | |
* Make internal APIs const correct. * Use mNumSamples field from encoder/decoder state struct instead of passing to encode/decode functions. | |||||
2014-12-07 | configure.ac : Require flac >= 1.3.1. | Erik de Castro Lopo | 1 | -1/+2 | |
Earlier versions of FLAC had a couple of CVEs. Also AC_SUBST the HAVE_EXTERNAL_LIBS variable. | |||||
2014-12-06 | Makefile.am : Fix DISTCHECK_CONFIGURE_FLAGS. | Erik de Castro Lopo | 1 | -1/+1 | |
The required flag changed from --enable-gcc-werror to --enable-werror some time ago. | |||||
2014-12-02 | src/ALAC : Fix all undefined behaviour warnings. | Erik de Castro Lopo | 7 | -33/+69 | |
Found using GCC's undefined behaviour sanitizer. | |||||
2014-12-02 | .gitignore : Remove cruft. | Erik de Castro Lopo | 1 | -5/+0 | |
2014-12-01 | Scripts/static-deps-build.mk : Split configure and build steps. | Erik de Castro Lopo | 1 | -2/+9 | |
2014-11-30 | Scripts/static-deps-build.mk : Use flac 1.3.1. | Erik de Castro Lopo | 1 | -8/+19 | |
Also improve wgetting of tarballs. | |||||
2014-11-30 | src/wav.c : A bunch more fixes. | Erik de Castro Lopo | 1 | -39/+45 | |
* Rename variable dword to chunk_size. * Use %u specifier instead of %d for chunk lengths. * Fix two more input validation issues that could lead to an infinite loop. | |||||
2014-11-30 | src/wav_w64.c : Fix heap write overflow. | Erik de Castro Lopo | 1 | -4/+6 | |
Heap write could occur if the number of channels is less than the length of the file's channel map. Found using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer. | |||||
2014-11-30 | Fix a bunch of input validation issues. | Erik de Castro Lopo | 5 | -24/+51 | |
Using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer found a number of issues where a malformed file could cause the various file format parsers to go into an infinite loop: * WAV : 7 cases, one leading to memory exhaustion * AIFF : 1 case * CAF : 2 cases * MAT4 : 2 cases | |||||
2014-11-30 | WAV : Avoid divide by zero exception. | Erik de Castro Lopo | 3 | -11/+22 | |
Found a couple of instances where a value retrieved from an input file header was used as the denominator in a division. If the retrieved value is zero it results on a divide by zero error. Found using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer. | |||||
2014-11-29 | tests/floating_point_test.tpl : Tweak target SNR for alac_24.caf. | Erik de Castro Lopo | 1 | -1/+1 | |
2014-11-27 | configure.ac : Use '-static-libgcc' with mingw-w64-* compilers. | Erik de Castro Lopo | 1 | -3/+1 | |
Without this, libsndfile-1.dll depends on libgcc_s_sjlj-1.dll which is a pain in the neck. Tried a number of things to fix this, but in the end it was a suggestion from Jean-Baptiste Kempf on the mingw-w64-public mailing list that solved it. Suggested-by: Jean-Baptiste Kempf <jb@videolan.org> | |||||
2014-11-26 | Revert "configure : Disable versioned dynamic library when compling for ↵ | Erik de Castro Lopo | 2 | -7/+2 | |
Android." This reverts commit 432479b3f5d7a3e9cd1dbfe6837aa90be6da573b. This approach didn't work. | |||||
2014-11-24 | tests/win32_ordinal_test.c : Better debugging when LoadLibrary fails. | Erik de Castro Lopo | 1 | -2/+2 | |