packages/opusfile
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!11 修复fuzz测试出的问题integer overflow in op_pcm_total

Browse Source 
Merge pull request !11 from xu_ping/openEuler-20.03-LTS-SP3
This commit is contained in:
openeuler-ci-bot 2021-12-22 06:32:52 +00:00 committed by Gitee
commit e631f6af19
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
Fix-intermediate-overflow-in-op_pcm_total.patch Normal file
View File

@ -0,0 +1,32 @@
From 82adfb611d2c8c7f070297210c2b9854490887e5 Mon Sep 17 00:00:00 2001
From: "Timothy B. Terriberry" <tterribe@xiph.org>
Date: Tue, 15 Dec 2020 16:23:16 -0800
Subject: [PATCH] Fix intermediate overflow in op_pcm_total().
Although link enumeration ensures the return value is in range, the
order of operations allows the intermediate value pcm_total+diff
to overflow the range of a 64-bit int.
Add parentheses to ensure this does not happen.
Thanks to Felcia Lim for the report.
Fixes #2330
---
src/opusfile.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/opusfile.c b/src/opusfile.c
index 5bf9f91..144e02c 100644
--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -1753,7 +1753,7 @@ ogg_int64_t op_pcm_total(const OggOpusFile *_of,int _li){
}
OP_ALWAYS_TRUE(!op_granpos_diff(&diff,
links[_li].pcm_end,links[_li].pcm_start));
- return pcm_total+diff-links[_li].head.pre_skip;
+ return pcm_total+(diff-links[_li].head.pre_skip);
}
const OpusHead *op_head(const OggOpusFile *_of,int _li){
--
2.27.0

6
opusfile.spec
View File

@ -1,6 +1,6 @@
Name: opusfile Name: opusfile
Version: 0.11 Version: 0.11
Release: 5 Release: 6
Summary: A high-level API provides seeking, decode, and playback of Opus streams Summary: A high-level API provides seeking, decode, and playback of Opus streams
License: BSD License: BSD
URL: http://www.opus-codec.org/ URL: http://www.opus-codec.org/
@ -8,6 +8,7 @@ Source0: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz
Patch0000: 0001-fix-MemorySanitizer-use-of-uninitialized-value.patch Patch0000: 0001-fix-MemorySanitizer-use-of-uninitialized-value.patch
Patch0001: Fix-short-circuit-test-when-seeking-in-short-files.patch Patch0001: Fix-short-circuit-test-when-seeking-in-short-files.patch
Patch0002: fix-left-shift.patch Patch0002: fix-left-shift.patch
Patch0003: Fix-intermediate-overflow-in-op_pcm_total.patch
BuildRequires: libogg-devel openssl-devel opus-devel BuildRequires: libogg-devel openssl-devel opus-devel
@ -52,6 +53,9 @@ Development package for opusfile package.
%{_libdir}/{libopusfile.so,libopusurl.so} %{_libdir}/{libopusfile.so,libopusurl.so}
%changelog %changelog
* Wed Dec 22 2021 xu_ping <xuping33@huawei.com> - 0.11-6
- Fix intermediate overflow in op_pcm_total
* Tue Dec 14 2021 caodongxia <caodongxia@huawei.com> - 0.11-5 * Tue Dec 14 2021 caodongxia <caodongxia@huawei.com> - 0.11-5
- Fix left shift - Fix left shift