libaudiofile/modules/SimpleModule.h | 2 1 + 1 - 0 !
test/FloatToInt.cpp | 2 1 + 1 - 0 !
test/IntToFloat.cpp | 2 1 + 1 - 0 !
test/NeXT.cpp | 14 7 + 7 - 0 !
test/Sign.cpp | 2 1 + 1 - 0 !
5 files changed, 11 insertions(+), 11 deletions(-)

 fix ftbfs with gcc 6

test/TestUtilities.cpp | 16 8 + 8 - 0 !
test/TestUtilities.h | 2 1 + 1 - 0 !
test/floatto24.c | 5 3 + 2 - 0 !
test/sixteen-to-eight.c | 5 3 + 2 - 0 !
test/testchannelmatrix.c | 10 7 + 3 - 0 !
test/testdouble.c | 10 7 + 3 - 0 !
test/testfloat.c | 10 7 + 3 - 0 !
test/testmarkers.c | 10 7 + 3 - 0 !
test/twentyfour.c | 5 3 + 2 - 0 !
test/twentyfour2.c | 10 7 + 3 - 0 !
test/writealaw.c | 10 7 + 3 - 0 !
test/writeraw.c | 10 7 + 3 - 0 !
test/writeulaw.c | 10 7 + 3 - 0 !
13 files changed, 74 insertions(+), 39 deletions(-)

 remove usage of path_max in tests to fix ftbfs on hurd.
 jcowgill: Removed Changelog changes

libaudiofile/modules/ModuleState.cpp | 2 1 + 1 - 0 !
test/Makefile.am | 2 2 + 0 - 0 !
test/sixteen-stereo-to-eight-mono.c | 118 118 + 0 - 0 !
3 files changed, 121 insertions(+), 1 deletion(-)

 fix buffer overflow when changing both sample format and
 number of channels

libaudiofile/modules/IMA.cpp | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 clamp index values to fix index overflow in ima.cpp

This fixes #33
(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981
and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/)

libaudiofile/WAVE.cpp | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

 always check the number of coefficients

When building the library with NDEBUG, asserts are eliminated
so it's better to always check that the number of coefficients
is inside the array range.

This fixes the 00191-audiofile-indexoob issue in #41

libaudiofile/modules/BlockCodec.cpp | 5 3 + 2 - 0 !
libaudiofile/modules/MSADPCM.cpp | 47 43 + 4 - 0 !
2 files changed, 46 insertions(+), 6 deletions(-)

 check for multiplication overflow in msadpcm decodesample

Check for multiplication overflow (using __builtin_mul_overflow
if available) in MSADPCM.cpp decodeSample and return an empty
decoded block if an error occurs.

This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41

sfcommands/sfconvert.c | 34 32 + 2 - 0 !
1 file changed, 32 insertions(+), 2 deletions(-)

 check for multiplication overflow in sfconvert

Checks that a multiplication doesn't overflow when
calculating the buffer size, and if it overflows,
reduce the buffer size instead of failing.

This fixes the 00192-audiofile-signintoverflow-sfconvert case
in #41

libaudiofile/modules/MSADPCM.cpp | 2 1 + 1 - 0 !
sfcommands/sfconvert.c | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 fix signature of multiplycheckoverflow. it returns a bool, not an int

libaudiofile/WAVE.cpp | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 actually fail when error occurs in parseformat

When there's an unsupported number of bits per sample or an invalid
number of samples per block, don't only print an error message using
the error handler, but actually stop parsing the file.

This fixes #35 (also reported at
https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
)

libaudiofile/modules/BlockCodec.cpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 check for division by zero in blockcodec::runpull

libaudiofile/modules/ModuleState.cpp | 3 3 + 0 - 0 !
1 file changed, 3 insertions(+)

 [patch] modulestate: handle compress/decompress init failure

When the unit initcompress or initdecompress function fails,
m_fileModule is NULL. Return AF_FAIL in that case instead of
causing NULL pointer dereferences later.

Fixes #49

libaudiofile/modules/SimpleModule.cpp | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] simplemodule: set output chunk framecount after pull

After pulling the data, set the output chunk to the amount of
frames we pulled so that the next module in the chain has the correct
frame count.

Fixes #50 and #51

sfcommands/printinfo.c | 16 12 + 4 - 0 !
1 file changed, 12 insertions(+), 4 deletions(-)

 fix cve-2022-24599

Memory-leak bug in printfileinfo, due to memcpy on an non allocated memory buffer
with a user declared string.

Fix it by calloc(declaredsize+1,1) that zeros the buffer and terminate by '\0'
for printf

Avoid also a buffer overflow by refusing to allocating more than INT_MAX-1.

Before under valgrind:
libtool --mode=execute valgrind --track-origins=yes  ./sfinfo heapleak_poc.aiff

Duration       -inf seconds
==896222== Invalid read of size 1
==896222==    at 0x4846794: strlen (vg_replace_strmem.c:494)
==896222==    by 0x49246C8: __printf_buffer (vfprintf-process-arg.c:435)
==896222==    by 0x4924D90: __vfprintf_internal (vfprintf-internal.c:1459)
==896222==    by 0x49DE986: __printf_chk (printf_chk.c:33)
==896222==    by 0x10985C: printf (stdio2.h:86)
==896222==    by 0x10985C: printfileinfo (printinfo.c:134)
==896222==    by 0x10930A: main (sfinfo.c:113)
==896222==  Address 0x4e89bd1 is 0 bytes after a block of size 1 alloc'd
==896222==    at 0x48407B4: malloc (vg_replace_malloc.c:381)
==896222==    by 0x109825: copyrightstring (printinfo.c:163)
==896222==    by 0x109825: printfileinfo (printinfo.c:131)
==896222==    by 0x10930A: main (sfinfo.c:113)
==896222==
Copyright      C

After:
Duration       -inf seconds
Copyright      C

sfcommands/sfconvert.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 partial fix of cve-2019-13147

This fix the symptom do not allow to allocate negative memory:
==129695==WARNING: AddressSanitizer failed to allocate 0xffffffffc2c00000 bytes
==129695==AddressSanitizer's allocator is terminating the process instead of returning 0
==129695==If you don't like this behavior set allocator_may_return_null=1
==129695==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator.cc:218 "((0)) != (0)" (0x0, 0x0)
    #0 0x7f48c8503c02  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe9c02)
    #1 0x7f48c8522595 in __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x108595)
    #2 0x7f48c8509342  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xef342)
    #3 0x7f48c8441e46  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x27e46)
    #4 0x7f48c84f8b1a in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb1a)
    #5 0x558dc209af68 in copyaudiodata /home/tim/audiofile-santi/sfcommands/sfconvert.c:327
    #6 0x558dc209a620 in main /home/tim/audiofile-santi/sfcommands/sfconvert.c:248
    #7 0x7f48c7d38b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #8 0x558dc209ac79 in _start (/home/tim/audiofile-santi/sfcommands/.libs/sfconvert+0x1c79)

If negative bail out

bug: https://github.com/mpruett/audiofile/issues/54

libaudiofile/NeXT.cpp | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 partial fix of cve-2019-13147

This is the fix of the POC. Do not allow too many channel

Now it fail with:
Audio File Library: invalid file with 1633771873 channels [error 15]
Could not open file 'poc' for reading.

bug: https://github.com/mpruett/audiofile/issues/54