summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2015-02-19src/(ima|ms)_adpcm.c : Validate block alignment on read.HEADmasterErik de Castro Lopo2-5/+15
2015-02-14src/rf64.c : Make parser more robust to malformed files.Erik de Castro Lopo1-0/+5
2015-02-14src/(aiff|rf64|w64|wav).c : Exit parser if chunk size > file length.Erik de Castro Lopo4-5/+22
2015-02-14src/(rf64|w64|wav).c : Validate parsed channel count.Erik de Castro Lopo3-0/+18
2015-02-12src/caf.c : Fix for big-endian 32 bit systems.Erik de Castro Lopo1-3/+2
2015-02-12src/w64.c : Refactor and add sanity checking for chunk sizes.Erik de Castro Lopo1-35/+29
2015-02-12src/rf64.c : Sanity check size of unknown chunks.Erik de Castro Lopo1-25/+39
2015-02-11src/w64.c : Improve handling of truncated files.Erik de Castro Lopo1-3/+2
2015-02-11src/ms_adpcm.c : Improve handling of truncated files.Erik de Castro Lopo1-15/+23
2015-02-10src/aiff.c : Validate channel count.Erik de Castro Lopo1-0/+6
2015-02-10src/ms_adpcm.c : Validate block predictor.Erik de Castro Lopo1-10/+20
2015-02-09ALAC : Improve input validation and error reporting.Erik de Castro Lopo3-10/+53
2015-02-09src/svx.c : Refactor and bug fix.Erik de Castro Lopo1-51/+36
* Improve and generalize code. * Reduce number of variables. * Increase robustness when parsing mal-formed files.
2015-02-09src/au.c : Validate channel count.Erik de Castro Lopo1-3/+7
2015-02-09src/voc.c : Fix overlapping memcpy.Erik de Castro Lopo1-6/+7
2015-02-09src/(aiff|wav).c : Add debug log info when huge unknown chunk is found.Erik de Castro Lopo2-2/+8
2015-02-08ALAC : Collection of validation and bounds checking fixes.Erik de Castro Lopo2-5/+19
* Validate channel count returned when decoder is initialized. * Validate frames_per_packet. * Bounds check numSamples read from bitstream. * Increase ALAC_BYTE_BUFFER_SIZE. * Integer sanitizer fixes.
2015-02-07src/common.c : Fix a header parsing bug.Erik de Castro Lopo1-16/+11
When the file header is bigger that SF_HEADER_LEN, the code would seek instead of reading causing file parse errors. The current header parsing and writing code *badly* needs a re-write.
2015-02-06src/caf.c : Handle finding chunk size of < 0.Erik de Castro Lopo1-0/+4
2015-02-06src/(aiff|caf|wav).c : Improve debug output when marker == 0.Erik de Castro Lopo3-6/+9
2015-02-06Scripts/static-deps-build.mk : Only rebuild if something has changed.Erik de Castro Lopo1-2/+4
2015-02-01src/aiff.c : Minor improvements for parser re-synching.Erik de Castro Lopo1-4/+7
2015-01-30Scripts/static-deps-build.mk : Two minor fixes.Erik de Castro Lopo1-3/+8
* Fix paths to EXTERNAL_LIBS dependences (found using $(pwd)). * Generate configure script if it does not already exist.
2015-01-30src/(float32|double64).c : Fix potential divide by 0.Erik de Castro Lopo2-2/+12
2015-01-10Change default file permissions to respect process' umask.Flavio Grossi1-2/+2
Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com> CLoses: https://github.com/erikd/libsndfile/pull/94
2014-12-25src/sd2.c : Fix two potential buffer read overflows.Erik de Castro Lopo1-1/+11
Closes: https://github.com/erikd/libsndfile/issues/93
2014-12-24src/aiff.c : Fix potential undefined behaviour arising from shift.Erik de Castro Lopo1-1/+1
Closes: https://github.com/erikd/libsndfile/issues/91
2014-12-24src/file_io.c : Prevent potential divide-by-zero.Erik de Castro Lopo1-1/+4
Closes: https://github.com/erikd/libsndfile/issues/92
2014-12-16tests/ : Fix undefined behaviour warnings.Erik de Castro Lopo4-15/+20
2014-12-16src/ : Fix undefined behaviour warnings.Erik de Castro Lopo23-68/+149
2014-12-16configure.ac : Add detection of -fsanitizer=undefined.Erik de Castro Lopo1-1/+5
Both Clang and GCC-4.9 now support the undefined behaviour sanitizer so detect and enable it when configuring with --enable-sanitizer. Also improve configure reporting of sanitizer and stack smash protection.
2014-12-16src/Makefile.am : Update CLEANFILES.Erik de Castro Lopo1-1/+1
2014-12-16src/wav.c : Handle 'smpl' chunks with loop count of 0.Erik de Castro Lopo1-0/+3
Closes: https://github.com/erikd/libsndfile/issues/86
2014-12-13src/wav.c : Fix incorrect warning message on piped files.Erik de Castro Lopo1-1/+1
Don't log "filelength > 0xffffffff" warning on piped input files since the length isn't known anyway. Closes: https://github.com/erikd/libsndfile/issues/88
2014-12-12src/ogg_vorbis.c : Add support for tracknumber and genre metadata.Erik de Castro Lopo1-9/+14
Closes: https://github.com/erikd/libsndfile/issues/87
2014-12-07src/ALAC/ : Code improvements.Erik de Castro Lopo10-55/+77
* Make internal APIs const correct. * Use mNumSamples field from encoder/decoder state struct instead of passing to encode/decode functions.
2014-12-07configure.ac : Require flac >= 1.3.1.Erik de Castro Lopo1-1/+2
Earlier versions of FLAC had a couple of CVEs. Also AC_SUBST the HAVE_EXTERNAL_LIBS variable.
2014-12-06Makefile.am : Fix DISTCHECK_CONFIGURE_FLAGS.Erik de Castro Lopo1-1/+1
The required flag changed from --enable-gcc-werror to --enable-werror some time ago.
2014-12-02src/ALAC : Fix all undefined behaviour warnings.Erik de Castro Lopo7-33/+69
Found using GCC's undefined behaviour sanitizer.
2014-12-02.gitignore : Remove cruft.Erik de Castro Lopo1-5/+0
2014-12-01Scripts/static-deps-build.mk : Split configure and build steps.Erik de Castro Lopo1-2/+9
2014-11-30Scripts/static-deps-build.mk : Use flac 1.3.1.Erik de Castro Lopo1-8/+19
Also improve wgetting of tarballs.
2014-11-30src/wav.c : A bunch more fixes.Erik de Castro Lopo1-39/+45
* Rename variable dword to chunk_size. * Use %u specifier instead of %d for chunk lengths. * Fix two more input validation issues that could lead to an infinite loop.
2014-11-30src/wav_w64.c : Fix heap write overflow.Erik de Castro Lopo1-4/+6
Heap write could occur if the number of channels is less than the length of the file's channel map. Found using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer.
2014-11-30Fix a bunch of input validation issues.Erik de Castro Lopo5-24/+51
Using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer found a number of issues where a malformed file could cause the various file format parsers to go into an infinite loop: * WAV : 7 cases, one leading to memory exhaustion * AIFF : 1 case * CAF : 2 cases * MAT4 : 2 cases
2014-11-30WAV : Avoid divide by zero exception.Erik de Castro Lopo3-11/+22
Found a couple of instances where a value retrieved from an input file header was used as the denominator in a division. If the retrieved value is zero it results on a divide by zero error. Found using the afl (http://lcamtuf.coredump.cx/afl/) fuzzer.
2014-11-29tests/floating_point_test.tpl : Tweak target SNR for alac_24.caf.Erik de Castro Lopo1-1/+1
2014-11-27configure.ac : Use '-static-libgcc' with mingw-w64-* compilers.Erik de Castro Lopo1-3/+1
Without this, libsndfile-1.dll depends on libgcc_s_sjlj-1.dll which is a pain in the neck. Tried a number of things to fix this, but in the end it was a suggestion from Jean-Baptiste Kempf on the mingw-w64-public mailing list that solved it. Suggested-by: Jean-Baptiste Kempf <jb@videolan.org>
2014-11-26Revert "configure : Disable versioned dynamic library when compling for ↵Erik de Castro Lopo2-7/+2
Android." This reverts commit 432479b3f5d7a3e9cd1dbfe6837aa90be6da573b. This approach didn't work.
2014-11-24tests/win32_ordinal_test.c : Better debugging when LoadLibrary fails.Erik de Castro Lopo1-2/+2
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-14 21:17:22 +0000