Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Stefan Strogin
flac
Commits
0f008d2e
Commit
0f008d2e
authored
Sep 11, 2007
by
Josh Coalson
Browse files
extra checking on memory allocation sizes to prevent a class of overflow attacks
parent
0221d87c
Changes
26
Hide whitespace changes
Inline
Side-by-side
src/flac/encode.c
View file @
0f008d2e
...
...
@@ -40,6 +40,7 @@
#include
<stdlib.h>
/* for malloc */
#include
<string.h>
/* for strcmp(), strerror() */
#include
"FLAC/all.h"
#include
"share/alloc.h"
#include
"share/grabbag.h"
#include
"encode.h"
...
...
@@ -1786,10 +1787,10 @@ static void static_metadata_clear(static_metadata_t *m)
static
FLAC__bool
static_metadata_append
(
static_metadata_t
*
m
,
FLAC__StreamMetadata
*
d
,
FLAC__bool
needs_delete
)
{
void
*
x
;
if
(
0
==
(
x
=
realloc
(
m
->
metadata
,
sizeof
(
*
m
->
metadata
)
*
(
m
->
num_metadata
+
1
)
)))
if
(
0
==
(
x
=
safe_
realloc
_muladd2_
(
m
->
metadata
,
sizeof
(
*
m
->
metadata
)
,
/*times (*/
m
->
num_metadata
,
/*+*/
1
/*)*/
)))
return
false
;
m
->
metadata
=
(
FLAC__StreamMetadata
**
)
x
;
if
(
0
==
(
x
=
realloc
(
m
->
needs_delete
,
sizeof
(
*
m
->
needs_delete
)
*
(
m
->
num_metadata
+
1
)
)))
if
(
0
==
(
x
=
safe_
realloc
_muladd2_
(
m
->
needs_delete
,
sizeof
(
*
m
->
needs_delete
)
,
/*times (*/
m
->
num_metadata
,
/*+*/
1
/*)*/
)))
return
false
;
m
->
needs_delete
=
(
FLAC__bool
*
)
x
;
m
->
metadata
[
m
->
num_metadata
]
=
d
;
...
...
src/flac/foreign_metadata.c
View file @
0f008d2e
...
...
@@ -32,6 +32,7 @@
#include
<string.h>
/* for memcmp() etc. */
#include
"FLAC/assert.h"
#include
"FLAC/metadata.h"
#include
"share/alloc.h"
#include
"foreign_metadata.h"
#ifdef min
...
...
@@ -73,7 +74,7 @@ static FLAC__bool copy_data_(FILE *fin, FILE *fout, size_t size, const char **er
static
FLAC__bool
append_block_
(
foreign_metadata_t
*
fm
,
off_t
offset
,
FLAC__uint32
size
,
const
char
**
error
)
{
foreign_block_t
*
fb
=
realloc
(
fm
->
blocks
,
sizeof
(
foreign_block_t
)
*
(
fm
->
num_blocks
+
1
)
);
foreign_block_t
*
fb
=
safe_
realloc
_muladd2_
(
fm
->
blocks
,
sizeof
(
foreign_block_t
)
,
/*times (*/
fm
->
num_blocks
,
/*+*/
1
/*)*/
);
if
(
fb
)
{
fb
[
fm
->
num_blocks
].
offset
=
offset
;
fb
[
fm
->
num_blocks
].
size
=
size
;
...
...
src/flac/main.c
View file @
0f008d2e
...
...
@@ -34,6 +34,7 @@
#include
<unistd.h>
/* for unlink() */
#endif
#include
"FLAC/all.h"
#include
"share/alloc.h"
#include
"share/grabbag.h"
#include
"analyze.h"
#include
"decode.h"
...
...
@@ -1843,7 +1844,7 @@ int encode_file(const char *infilename, FLAC__bool is_first_file, FLAC__bool is_
if
(
encode_infile
!=
stdin
&&
grabbag__file_are_same
(
infilename
,
outfilename
))
{
static
const
char
*
tmp_suffix
=
".tmp,fl-ac+en'c"
;
/*@@@@ still a remote possibility that a file with this filename exists */
if
(
0
==
(
internal_outfilename
=
(
char
*
)
malloc
(
strlen
(
outfilename
)
+
strlen
(
tmp_suffix
)
+
1
)))
{
if
(
0
==
(
internal_outfilename
=
(
char
*
)
safe_
malloc
_add_3op_
(
strlen
(
outfilename
)
,
/*+*/
strlen
(
tmp_suffix
)
,
/*+*/
1
)))
{
flac__utils_printf
(
stderr
,
1
,
"ERROR allocating memory for tempfile name
\n
"
);
conditional_fclose
(
encode_infile
);
return
1
;
...
...
src/libFLAC++/metadata.cpp
View file @
0f008d2e
...
...
@@ -29,6 +29,8 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#define __STDC_LIMIT_MACROS 1
/* otherwise SIZE_MAX is not defined for c++ */
#include
"share/alloc.h"
#include
"FLAC++/metadata.h"
#include
"FLAC/assert.h"
#include
<stdlib.h>
// for malloc(), free()
...
...
@@ -574,7 +576,7 @@ namespace FLAC {
clear_entry
();
if
(
0
==
(
entry_
.
entry
=
(
FLAC__byte
*
)
malloc
(
field_length
+
1
)))
{
if
(
0
==
(
entry_
.
entry
=
(
FLAC__byte
*
)
safe_
malloc
_add_2op_
(
field_length
,
/*+*/
1
)))
{
is_valid_
=
false
;
}
else
{
...
...
@@ -623,7 +625,7 @@ namespace FLAC {
clear_field_value
();
if
(
0
==
(
field_value_
=
(
char
*
)
malloc
(
field_value_length
+
1
)))
{
if
(
0
==
(
field_value_
=
(
char
*
)
safe_
malloc
_add_2op_
(
field_value_length
,
/*+*/
1
)))
{
is_valid_
=
false
;
}
else
{
...
...
@@ -713,7 +715,7 @@ namespace FLAC {
{
clear_entry
();
if
(
0
==
(
entry_
.
entry
=
(
FLAC__byte
*
)
malloc
(
field_name_length_
+
1
+
field_value_length_
+
1
)))
{
if
(
0
==
(
entry_
.
entry
=
(
FLAC__byte
*
)
safe_
malloc
_add_4op_
(
field_name_length_
,
/*+*/
1
,
/*+*/
field_value_length_
,
/*+*/
1
)))
{
is_valid_
=
false
;
}
else
{
...
...
@@ -739,7 +741,7 @@ namespace FLAC {
p
=
(
const
char
*
)
entry_
.
entry
+
entry_
.
length
;
field_name_length_
=
(
unsigned
)(
p
-
(
const
char
*
)
entry_
.
entry
);
if
(
0
==
(
field_name_
=
(
char
*
)
malloc
(
field_name_length_
+
1
)))
{
// +1 for the trailing \0
if
(
0
==
(
field_name_
=
(
char
*
)
safe_
malloc
_add_2op_
(
field_name_length_
,
/*+*/
1
)))
{
// +1 for the trailing \0
is_valid_
=
false
;
return
;
}
...
...
@@ -748,14 +750,14 @@ namespace FLAC {
if
(
entry_
.
length
-
field_name_length_
==
0
)
{
field_value_length_
=
0
;
if
(
0
==
(
field_value_
=
(
char
*
)
malloc
(
0
)))
{
if
(
0
==
(
field_value_
=
(
char
*
)
safe_
malloc
_
(
0
)))
{
is_valid_
=
false
;
return
;
}
}
else
{
field_value_length_
=
entry_
.
length
-
field_name_length_
-
1
;
if
(
0
==
(
field_value_
=
(
char
*
)
malloc
(
field_value_length_
+
1
)))
{
// +1 for the trailing \0
if
(
0
==
(
field_value_
=
(
char
*
)
safe_
malloc
_add_2op_
(
field_value_length_
,
/*+*/
1
)))
{
// +1 for the trailing \0
is_valid_
=
false
;
return
;
}
...
...
src/libFLAC/bitwriter.c
View file @
0f008d2e
...
...
@@ -50,6 +50,7 @@
#include
"private/bitwriter.h"
#include
"private/crc.h"
#include
"FLAC/assert.h"
#include
"share/alloc.h"
/* Things should be fastest when this matches the machine word size */
/* WATCHOUT: if you change this you must also change the following #defines down to SWAP_BE_WORD_TO_HOST below to match */
...
...
@@ -141,7 +142,7 @@ static FLAC__bool bitwriter_grow_(FLAC__BitWriter *bw, unsigned bits_to_add)
FLAC__ASSERT
(
new_capacity
>
bw
->
capacity
);
FLAC__ASSERT
(
new_capacity
>=
bw
->
words
+
((
bw
->
bits
+
bits_to_add
+
FLAC__BITS_PER_WORD
-
1
)
/
FLAC__BITS_PER_WORD
));
new_buffer
=
(
bwword
*
)
realloc
(
bw
->
buffer
,
sizeof
(
bwword
)
*
new_capacity
);
new_buffer
=
(
bwword
*
)
safe_
realloc
_mul_2op_
(
bw
->
buffer
,
sizeof
(
bwword
)
,
/*times*/
new_capacity
);
if
(
new_buffer
==
0
)
return
false
;
bw
->
buffer
=
new_buffer
;
...
...
src/libFLAC/include/private/md5.h
View file @
0f008d2e
...
...
@@ -33,7 +33,7 @@ typedef struct {
FLAC__uint32
buf
[
4
];
FLAC__uint32
bytes
[
2
];
FLAC__byte
*
internal_buf
;
unsigned
capacity
;
size_t
capacity
;
}
FLAC__MD5Context
;
void
FLAC__MD5Init
(
FLAC__MD5Context
*
context
);
...
...
src/libFLAC/md5.c
View file @
0f008d2e
...
...
@@ -6,6 +6,7 @@
#include
<string.h>
/* for memcpy() */
#include
"private/md5.h"
#include
"share/alloc.h"
#ifndef FLaC__INLINE
#define FLaC__INLINE
...
...
@@ -396,13 +397,19 @@ static void format_input_(FLAC__byte *buf, const FLAC__int32 * const signal[], u
*/
FLAC__bool
FLAC__MD5Accumulate
(
FLAC__MD5Context
*
ctx
,
const
FLAC__int32
*
const
signal
[],
unsigned
channels
,
unsigned
samples
,
unsigned
bytes_per_sample
)
{
const
unsigned
bytes_needed
=
channels
*
samples
*
bytes_per_sample
;
const
size_t
bytes_needed
=
(
size_t
)
channels
*
(
size_t
)
samples
*
(
size_t
)
bytes_per_sample
;
/* overflow check */
if
((
size_t
)
channels
>
SIZE_MAX
/
(
size_t
)
bytes_per_sample
)
return
false
;
if
((
size_t
)
channels
*
(
size_t
)
bytes_per_sample
>
SIZE_MAX
/
(
size_t
)
samples
)
return
false
;
if
(
ctx
->
capacity
<
bytes_needed
)
{
FLAC__byte
*
tmp
=
(
FLAC__byte
*
)
realloc
(
ctx
->
internal_buf
,
bytes_needed
);
if
(
0
==
tmp
)
{
free
(
ctx
->
internal_buf
);
if
(
0
==
(
ctx
->
internal_buf
=
(
FLAC__byte
*
)
malloc
(
bytes_needed
)))
if
(
0
==
(
ctx
->
internal_buf
=
(
FLAC__byte
*
)
safe_
malloc
_
(
bytes_needed
)))
return
false
;
}
ctx
->
internal_buf
=
tmp
;
...
...
src/libFLAC/memory.c
View file @
0f008d2e
...
...
@@ -35,6 +35,7 @@
#include
"private/memory.h"
#include
"FLAC/assert.h"
#include
"share/alloc.h"
void
*
FLAC__memory_alloc_aligned
(
size_t
bytes
,
void
**
aligned_address
)
{
...
...
@@ -44,7 +45,7 @@ void *FLAC__memory_alloc_aligned(size_t bytes, void **aligned_address)
#ifdef FLAC__ALIGN_MALLOC_DATA
/* align on 32-byte (256-bit) boundary */
x
=
malloc
(
bytes
+
31
);
x
=
safe_
malloc
_add_2op_
(
bytes
,
/*+*/
31
);
#ifdef SIZEOF_VOIDP
#if SIZEOF_VOIDP == 4
/* could do *aligned_address = x + ((unsigned) (32 - (((unsigned)x) & 31))) & 31; */
...
...
@@ -64,7 +65,7 @@ void *FLAC__memory_alloc_aligned(size_t bytes, void **aligned_address)
return
0
;
#endif
#else
x
=
malloc
(
bytes
);
x
=
safe_
malloc
_
(
bytes
);
*
aligned_address
=
x
;
#endif
return
x
;
...
...
@@ -83,7 +84,10 @@ FLAC__bool FLAC__memory_alloc_aligned_int32_array(unsigned elements, FLAC__int32
FLAC__ASSERT
(
0
!=
aligned_pointer
);
FLAC__ASSERT
(
unaligned_pointer
!=
aligned_pointer
);
pu
=
(
FLAC__int32
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
FLAC__int32
)
*
elements
,
&
u
.
pv
);
if
((
size_t
)
elements
>
SIZE_MAX
/
sizeof
(
*
pu
))
/* overflow check */
return
false
;
pu
=
(
FLAC__int32
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
*
pu
)
*
(
size_t
)
elements
,
&
u
.
pv
);
if
(
0
==
pu
)
{
return
false
;
}
...
...
@@ -109,7 +113,10 @@ FLAC__bool FLAC__memory_alloc_aligned_uint32_array(unsigned elements, FLAC__uint
FLAC__ASSERT
(
0
!=
aligned_pointer
);
FLAC__ASSERT
(
unaligned_pointer
!=
aligned_pointer
);
pu
=
(
FLAC__uint32
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
FLAC__uint32
)
*
elements
,
&
u
.
pv
);
if
((
size_t
)
elements
>
SIZE_MAX
/
sizeof
(
*
pu
))
/* overflow check */
return
false
;
pu
=
(
FLAC__uint32
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
*
pu
)
*
elements
,
&
u
.
pv
);
if
(
0
==
pu
)
{
return
false
;
}
...
...
@@ -135,7 +142,10 @@ FLAC__bool FLAC__memory_alloc_aligned_uint64_array(unsigned elements, FLAC__uint
FLAC__ASSERT
(
0
!=
aligned_pointer
);
FLAC__ASSERT
(
unaligned_pointer
!=
aligned_pointer
);
pu
=
(
FLAC__uint64
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
FLAC__uint64
)
*
elements
,
&
u
.
pv
);
if
((
size_t
)
elements
>
SIZE_MAX
/
sizeof
(
*
pu
))
/* overflow check */
return
false
;
pu
=
(
FLAC__uint64
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
*
pu
)
*
elements
,
&
u
.
pv
);
if
(
0
==
pu
)
{
return
false
;
}
...
...
@@ -161,7 +171,10 @@ FLAC__bool FLAC__memory_alloc_aligned_unsigned_array(unsigned elements, unsigned
FLAC__ASSERT
(
0
!=
aligned_pointer
);
FLAC__ASSERT
(
unaligned_pointer
!=
aligned_pointer
);
pu
=
(
unsigned
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
unsigned
)
*
elements
,
&
u
.
pv
);
if
((
size_t
)
elements
>
SIZE_MAX
/
sizeof
(
*
pu
))
/* overflow check */
return
false
;
pu
=
(
unsigned
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
*
pu
)
*
elements
,
&
u
.
pv
);
if
(
0
==
pu
)
{
return
false
;
}
...
...
@@ -189,7 +202,10 @@ FLAC__bool FLAC__memory_alloc_aligned_real_array(unsigned elements, FLAC__real *
FLAC__ASSERT
(
0
!=
aligned_pointer
);
FLAC__ASSERT
(
unaligned_pointer
!=
aligned_pointer
);
pu
=
(
FLAC__real
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
FLAC__real
)
*
elements
,
&
u
.
pv
);
if
((
size_t
)
elements
>
SIZE_MAX
/
sizeof
(
*
pu
))
/* overflow check */
return
false
;
pu
=
(
FLAC__real
*
)
FLAC__memory_alloc_aligned
(
sizeof
(
*
pu
)
*
elements
,
&
u
.
pv
);
if
(
0
==
pu
)
{
return
false
;
}
...
...
src/libFLAC/metadata_iterators.c
View file @
0f008d2e
...
...
@@ -61,6 +61,7 @@
#include
"FLAC/assert.h"
#include
"FLAC/stream_decoder.h"
#include
"share/alloc.h"
#ifdef max
#undef max
...
...
@@ -2152,6 +2153,9 @@ FLAC__Metadata_SimpleIteratorStatus read_metadata_block_data_application_cb_(FLA
if
(
read_cb
(
block
->
id
,
1
,
id_bytes
,
handle
)
!=
id_bytes
)
return
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_READ_ERROR
;
if
(
block_length
<
id_bytes
)
return
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_READ_ERROR
;
block_length
-=
id_bytes
;
if
(
block_length
==
0
)
{
...
...
@@ -2179,7 +2183,7 @@ FLAC__Metadata_SimpleIteratorStatus read_metadata_block_data_seektable_cb_(FLAC_
if
(
block
->
num_points
==
0
)
block
->
points
=
0
;
else
if
(
0
==
(
block
->
points
=
(
FLAC__StreamMetadata_SeekPoint
*
)
malloc
(
block
->
num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
))))
else
if
(
0
==
(
block
->
points
=
(
FLAC__StreamMetadata_SeekPoint
*
)
safe_
malloc
_mul_2op_
(
block
->
num_points
,
/*times*/
sizeof
(
FLAC__StreamMetadata_SeekPoint
))))
return
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR
;
for
(
i
=
0
;
i
<
block
->
num_points
;
i
++
)
{
...
...
@@ -2212,7 +2216,7 @@ FLAC__Metadata_SimpleIteratorStatus read_metadata_block_data_vorbis_comment_entr
entry
->
entry
=
0
;
}
else
{
if
(
0
==
(
entry
->
entry
=
(
FLAC__byte
*
)
malloc
(
entry
->
length
+
1
)))
if
(
0
==
(
entry
->
entry
=
(
FLAC__byte
*
)
safe_
malloc
_add_2op_
(
entry
->
length
,
/*+*/
1
)))
return
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR
;
if
(
read_cb
(
entry
->
entry
,
1
,
entry
->
length
,
handle
)
!=
entry
->
length
)
...
...
@@ -2387,7 +2391,7 @@ static FLAC__Metadata_SimpleIteratorStatus read_metadata_block_data_picture_cstr
if
(
0
!=
*
data
)
free
(
*
data
);
if
(
0
==
(
*
data
=
(
FLAC__byte
*
)
malloc
(
*
length
+
1
)))
if
(
0
==
(
*
data
=
(
FLAC__byte
*
)
safe_
malloc
_add_2op_
(
*
length
,
/*+*/
1
)))
return
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR
;
if
(
*
length
>
0
)
{
...
...
@@ -3206,7 +3210,7 @@ FLAC__bool open_tempfile_(const char *filename, const char *tempfile_path_prefix
{
static
const
char
*
tempfile_suffix
=
".metadata_edit"
;
if
(
0
==
tempfile_path_prefix
)
{
if
(
0
==
(
*
tempfilename
=
(
char
*
)
malloc
(
strlen
(
filename
)
+
strlen
(
tempfile_suffix
)
+
1
)))
{
if
(
0
==
(
*
tempfilename
=
(
char
*
)
safe_
malloc
_add_3op_
(
strlen
(
filename
)
,
/*+*/
strlen
(
tempfile_suffix
)
,
/*+*/
1
)))
{
*
status
=
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
@@ -3220,7 +3224,7 @@ FLAC__bool open_tempfile_(const char *filename, const char *tempfile_path_prefix
else
p
++
;
if
(
0
==
(
*
tempfilename
=
(
char
*
)
malloc
(
strlen
(
tempfile_path_prefix
)
+
1
+
strlen
(
p
)
+
strlen
(
tempfile_suffix
)
+
1
)))
{
if
(
0
==
(
*
tempfilename
=
(
char
*
)
safe_
malloc
_add_4op_
(
strlen
(
tempfile_path_prefix
)
,
/*+*/
strlen
(
p
)
,
/*+*/
strlen
(
tempfile_suffix
)
,
/*+*/
2
)))
{
*
status
=
FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
src/libFLAC/metadata_object.c
View file @
0f008d2e
...
...
@@ -39,6 +39,7 @@
#include
"private/metadata.h"
#include
"FLAC/assert.h"
#include
"share/alloc.h"
/****************************************************************************
...
...
@@ -53,14 +54,14 @@
* from != NULL && bytes > 0
* to <- copy of from
* else ASSERT
* malloc error leave
d
'to' unchanged
* malloc error leave
s
'to' unchanged
*/
static
FLAC__bool
copy_bytes_
(
FLAC__byte
**
to
,
const
FLAC__byte
*
from
,
unsigned
bytes
)
{
FLAC__ASSERT
(
0
!=
to
);
if
(
bytes
>
0
&&
0
!=
from
)
{
FLAC__byte
*
x
;
if
(
0
==
(
x
=
(
FLAC__byte
*
)
malloc
(
bytes
)))
if
(
0
==
(
x
=
(
FLAC__byte
*
)
safe_
malloc
_
(
bytes
)))
return
false
;
memcpy
(
x
,
from
,
bytes
);
*
to
=
x
;
...
...
@@ -94,7 +95,7 @@ static FLAC__bool free_copy_bytes_(FLAC__byte **to, const FLAC__byte *from, unsi
/* realloc() failure leaves entry unchanged */
static
FLAC__bool
ensure_null_terminated_
(
FLAC__byte
**
entry
,
unsigned
length
)
{
FLAC__byte
*
x
=
(
FLAC__byte
*
)
realloc
(
*
entry
,
length
+
1
);
FLAC__byte
*
x
=
(
FLAC__byte
*
)
safe_
realloc
_add_2op_
(
*
entry
,
length
,
/*+*/
1
);
if
(
0
!=
x
)
{
x
[
length
]
=
'\0'
;
*
entry
=
x
;
...
...
@@ -132,7 +133,7 @@ static FLAC__bool copy_vcentry_(FLAC__StreamMetadata_VorbisComment_Entry *to, co
else
{
FLAC__byte
*
x
;
FLAC__ASSERT
(
from
->
length
>
0
);
if
(
0
==
(
x
=
(
FLAC__byte
*
)
malloc
(
from
->
length
+
1
)))
if
(
0
==
(
x
=
(
FLAC__byte
*
)
safe_
malloc
_add_2op_
(
from
->
length
,
/*+*/
1
)))
return
false
;
memcpy
(
x
,
from
->
entry
,
from
->
length
);
x
[
from
->
length
]
=
'\0'
;
...
...
@@ -150,7 +151,7 @@ static FLAC__bool copy_track_(FLAC__StreamMetadata_CueSheet_Track *to, const FLA
else
{
FLAC__StreamMetadata_CueSheet_Index
*
x
;
FLAC__ASSERT
(
from
->
num_indices
>
0
);
if
(
0
==
(
x
=
(
FLAC__StreamMetadata_CueSheet_Index
*
)
malloc
(
from
->
num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
))))
if
(
0
==
(
x
=
(
FLAC__StreamMetadata_CueSheet_Index
*
)
safe_
malloc
_mul_2op_
(
from
->
num_indices
,
/*times*/
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
))))
return
false
;
memcpy
(
x
,
from
->
indices
,
from
->
num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
));
to
->
indices
=
x
;
...
...
@@ -172,7 +173,7 @@ static FLAC__StreamMetadata_SeekPoint *seekpoint_array_new_(unsigned num_points)
FLAC__ASSERT
(
num_points
>
0
);
object_array
=
(
FLAC__StreamMetadata_SeekPoint
*
)
malloc
(
num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
));
object_array
=
(
FLAC__StreamMetadata_SeekPoint
*
)
safe_
malloc
_mul_2op_
(
num_points
,
/*times*/
sizeof
(
FLAC__StreamMetadata_SeekPoint
));
if
(
0
!=
object_array
)
{
unsigned
i
;
...
...
@@ -205,7 +206,7 @@ static FLAC__StreamMetadata_VorbisComment_Entry *vorbiscomment_entry_array_new_(
{
FLAC__ASSERT
(
num_comments
>
0
);
return
(
FLAC__StreamMetadata_VorbisComment_Entry
*
)
calloc
(
num_comments
,
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
));
return
(
FLAC__StreamMetadata_VorbisComment_Entry
*
)
safe_
calloc
_
(
num_comments
,
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
));
}
static
void
vorbiscomment_entry_array_delete_
(
FLAC__StreamMetadata_VorbisComment_Entry
*
object_array
,
unsigned
num_comments
)
...
...
@@ -344,14 +345,14 @@ static FLAC__StreamMetadata_CueSheet_Index *cuesheet_track_index_array_new_(unsi
{
FLAC__ASSERT
(
num_indices
>
0
);
return
(
FLAC__StreamMetadata_CueSheet_Index
*
)
calloc
(
num_indices
,
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
));
return
(
FLAC__StreamMetadata_CueSheet_Index
*
)
safe_
calloc
_
(
num_indices
,
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
));
}
static
FLAC__StreamMetadata_CueSheet_Track
*
cuesheet_track_array_new_
(
unsigned
num_tracks
)
{
FLAC__ASSERT
(
num_tracks
>
0
);
return
(
FLAC__StreamMetadata_CueSheet_Track
*
)
calloc
(
num_tracks
,
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
));
return
(
FLAC__StreamMetadata_CueSheet_Track
*
)
safe_
calloc
_
(
num_tracks
,
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
));
}
static
void
cuesheet_track_array_delete_
(
FLAC__StreamMetadata_CueSheet_Track
*
object_array
,
unsigned
num_tracks
)
...
...
@@ -537,6 +538,10 @@ FLAC_API FLAC__StreamMetadata *FLAC__metadata_object_clone(const FLAC__StreamMet
case
FLAC__METADATA_TYPE_PADDING
:
break
;
case
FLAC__METADATA_TYPE_APPLICATION
:
if
(
to
->
length
<
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
/
8
)
{
/* underflow check */
FLAC__metadata_object_delete
(
to
);
return
0
;
}
memcpy
(
&
to
->
data
.
application
.
id
,
&
object
->
data
.
application
.
id
,
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
/
8
);
if
(
!
copy_bytes_
(
&
to
->
data
.
application
.
data
,
object
->
data
.
application
.
data
,
object
->
length
-
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
/
8
))
{
FLAC__metadata_object_delete
(
to
);
...
...
@@ -545,6 +550,10 @@ FLAC_API FLAC__StreamMetadata *FLAC__metadata_object_clone(const FLAC__StreamMet
break
;
case
FLAC__METADATA_TYPE_SEEKTABLE
:
to
->
data
.
seek_table
.
num_points
=
object
->
data
.
seek_table
.
num_points
;
if
(
to
->
data
.
seek_table
.
num_points
>
SIZE_MAX
/
sizeof
(
FLAC__StreamMetadata_SeekPoint
))
{
/* overflow check */
FLAC__metadata_object_delete
(
to
);
return
0
;
}
if
(
!
copy_bytes_
((
FLAC__byte
**
)
&
to
->
data
.
seek_table
.
points
,
(
FLAC__byte
*
)
object
->
data
.
seek_table
.
points
,
object
->
data
.
seek_table
.
num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
)))
{
FLAC__metadata_object_delete
(
to
);
return
0
;
...
...
@@ -930,8 +939,12 @@ FLAC_API FLAC__bool FLAC__metadata_object_seektable_resize_points(FLAC__StreamMe
return
false
;
}
else
{
const
unsigned
old_size
=
object
->
data
.
seek_table
.
num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
);
const
unsigned
new_size
=
new_num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
);
const
size_t
old_size
=
object
->
data
.
seek_table
.
num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
);
const
size_t
new_size
=
new_num_points
*
sizeof
(
FLAC__StreamMetadata_SeekPoint
);
/* overflow check */
if
((
size_t
)
new_num_points
>
SIZE_MAX
/
sizeof
(
FLAC__StreamMetadata_SeekPoint
))
return
false
;
FLAC__ASSERT
(
object
->
data
.
seek_table
.
num_points
>
0
);
...
...
@@ -1157,8 +1170,12 @@ FLAC_API FLAC__bool FLAC__metadata_object_vorbiscomment_resize_comments(FLAC__St
return
false
;
}
else
{
const
unsigned
old_size
=
object
->
data
.
vorbis_comment
.
num_comments
*
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
);
const
unsigned
new_size
=
new_num_comments
*
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
);
const
size_t
old_size
=
object
->
data
.
vorbis_comment
.
num_comments
*
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
);
const
size_t
new_size
=
new_num_comments
*
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
);
/* overflow check */
if
((
size_t
)
new_num_comments
>
SIZE_MAX
/
sizeof
(
FLAC__StreamMetadata_VorbisComment_Entry
))
return
false
;
FLAC__ASSERT
(
object
->
data
.
vorbis_comment
.
num_comments
>
0
);
...
...
@@ -1306,7 +1323,7 @@ FLAC_API FLAC__bool FLAC__metadata_object_vorbiscomment_entry_from_name_value_pa
const
size_t
nn
=
strlen
(
field_name
);
const
size_t
nv
=
strlen
(
field_value
);
entry
->
length
=
nn
+
1
/*=*/
+
nv
;
if
(
0
==
(
entry
->
entry
=
(
FLAC__byte
*
)
malloc
(
entry
->
length
+
1
)))
if
(
0
==
(
entry
->
entry
=
(
FLAC__byte
*
)
safe_
malloc
_add_4op_
(
nn
,
/*+*/
1
,
/*+*/
nv
,
/*+*/
1
)))
return
false
;
memcpy
(
entry
->
entry
,
field_name
,
nn
);
entry
->
entry
[
nn
]
=
'='
;
...
...
@@ -1333,9 +1350,9 @@ FLAC_API FLAC__bool FLAC__metadata_object_vorbiscomment_entry_to_name_value_pair
FLAC__ASSERT
(
0
!=
eq
);
if
(
0
==
eq
)
return
false
;
/* double protection */
if
(
0
==
(
*
field_name
=
(
char
*
)
malloc
(
nn
+
1
)))
if
(
0
==
(
*
field_name
=
(
char
*
)
safe_
malloc
_add_2op_
(
nn
,
/*+*/
1
)))
return
false
;
if
(
0
==
(
*
field_value
=
(
char
*
)
malloc
(
nv
+
1
)))
{
if
(
0
==
(
*
field_value
=
(
char
*
)
safe_
malloc
_add_2op_
(
nv
,
/*+*/
1
)))
{
free
(
*
field_name
);
return
false
;
}
...
...
@@ -1465,8 +1482,12 @@ FLAC_API FLAC__bool FLAC__metadata_object_cuesheet_track_resize_indices(FLAC__St
return
false
;
}
else
{
const
unsigned
old_size
=
track
->
num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
);
const
unsigned
new_size
=
new_num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
);
const
size_t
old_size
=
track
->
num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
);
const
size_t
new_size
=
new_num_indices
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
);
/* overflow check */
if
((
size_t
)
new_num_indices
>
SIZE_MAX
/
sizeof
(
FLAC__StreamMetadata_CueSheet_Index
))
return
false
;
FLAC__ASSERT
(
track
->
num_indices
>
0
);
...
...
@@ -1549,8 +1570,12 @@ FLAC_API FLAC__bool FLAC__metadata_object_cuesheet_resize_tracks(FLAC__StreamMet
return
false
;
}
else
{
const
unsigned
old_size
=
object
->
data
.
cue_sheet
.
num_tracks
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
);
const
unsigned
new_size
=
new_num_tracks
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
);
const
size_t
old_size
=
object
->
data
.
cue_sheet
.
num_tracks
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
);
const
size_t
new_size
=
new_num_tracks
*
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
);
/* overflow check */
if
((
size_t
)
new_num_tracks
>
SIZE_MAX
/
sizeof
(
FLAC__StreamMetadata_CueSheet_Track
))
return
false
;
FLAC__ASSERT
(
object
->
data
.
cue_sheet
.
num_tracks
>
0
);
...
...
@@ -1707,6 +1732,8 @@ FLAC_API FLAC__bool FLAC__metadata_object_picture_set_mime_type(FLAC__StreamMeta
/* do the copy first so that if we fail we leave the object untouched */
if
(
copy
)
{
if
(
new_length
>=
SIZE_MAX
)
/* overflow check */
return
false
;
if
(
!
copy_bytes_
((
FLAC__byte
**
)(
&
object
->
data
.
picture
.
mime_type
),
(
FLAC__byte
*
)
mime_type
,
new_length
+
1
))
return
false
;
}
...
...
@@ -1737,6 +1764,8 @@ FLAC_API FLAC__bool FLAC__metadata_object_picture_set_description(FLAC__StreamMe
/* do the copy first so that if we fail we leave the object untouched */
if
(
copy
)
{
if
(
new_length
>=
SIZE_MAX
)
/* overflow check */
return
false
;
if
(
!
copy_bytes_
(
&
object
->
data
.
picture
.
description
,
description
,
new_length
+
1
))
return
false
;
}
...
...
src/libFLAC/ogg_helper.c
View file @
0f008d2e
...
...
@@ -36,6 +36,7 @@
#include
<stdlib.h>
/* for malloc() */
#include
<string.h>
/* for memcmp(), memcpy() */
#include
"FLAC/assert.h"
#include
"share/alloc.h"
#include
"private/ogg_helper.h"
#include
"protected/stream_encoder.h"
...
...
@@ -112,7 +113,7 @@ FLAC__bool simple_ogg_page__get_at(FLAC__StreamEncoder *encoder, FLAC__uint64 po
}
/* allocate space for the page header */
if
(
0
==
(
page
->
header
=
(
unsigned
char
*
)
malloc
(
OGG_MAX_HEADER_LEN
)))
{
if
(
0
==
(
page
->
header
=
(
unsigned
char
*
)
safe_
malloc
_
(
OGG_MAX_HEADER_LEN
)))
{
encoder
->
protected_
->
state
=
FLAC__STREAM_ENCODER_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
@@ -154,7 +155,7 @@ FLAC__bool simple_ogg_page__get_at(FLAC__StreamEncoder *encoder, FLAC__uint64 po
}
/* allocate space for the page body */
if
(
0
==
(
page
->
body
=
(
unsigned
char
*
)
malloc
(
page
->
body_len
)))
{
if
(
0
==
(
page
->
body
=
(
unsigned
char
*
)
safe_
malloc
_
(
page
->
body_len
)))
{
encoder
->
protected_
->
state
=
FLAC__STREAM_ENCODER_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
src/libFLAC/stream_decoder.c
View file @
0f008d2e
...
...
@@ -53,6 +53,7 @@
#endif
#endif
#include
"FLAC/assert.h"
#include
"share/alloc.h"
#include
"protected/stream_decoder.h"
#include
"private/bitreader.h"
#include
"private/bitmath.h"
...
...
@@ -181,7 +182,7 @@ typedef struct FLAC__StreamDecoderPrivate {
FLAC__StreamMetadata
seek_table
;
FLAC__bool
metadata_filter
[
128
];
/* MAGIC number 128 == total number of metadata block types == 1 << 7 */
FLAC__byte
*
metadata_filter_ids
;
unsigned
metadata_filter_ids_count
,
metadata_filter_ids_capacity
;
/* units for both are IDs, not bytes */
size_t
metadata_filter_ids_count
,
metadata_filter_ids_capacity
;
/* units for both are IDs, not bytes */
FLAC__Frame
frame
;
FLAC__bool
cached
;
/* true if there is a byte in lookahead */
FLAC__CPUInfo
cpuinfo
;
...
...
@@ -784,7 +785,7 @@ FLAC_API FLAC__bool FLAC__stream_decoder_set_metadata_respond_application(FLAC__
FLAC__ASSERT
(
0
!=
decoder
->
private_
->
metadata_filter_ids
);
if
(
decoder
->
private_
->
metadata_filter_ids_count
==
decoder
->
private_
->
metadata_filter_ids_capacity
)
{
if
(
0
==
(
decoder
->
private_
->
metadata_filter_ids
=
(
FLAC__byte
*
)
realloc
(
decoder
->
private_
->
metadata_filter_ids
,
decoder
->
private_
->
metadata_filter_ids_capacity
*
2
)))
{
if
(
0
==
(
decoder
->
private_
->
metadata_filter_ids
=
(
FLAC__byte
*
)
safe_
realloc
_mul_2op_
(
decoder
->
private_
->
metadata_filter_ids
,
decoder
->
private_
->
metadata_filter_ids_capacity
,
/*times*/
2
)))
{
decoder
->
protected_
->
state
=
FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
@@ -843,7 +844,7 @@ FLAC_API FLAC__bool FLAC__stream_decoder_set_metadata_ignore_application(FLAC__S
FLAC__ASSERT
(
0
!=
decoder
->
private_
->
metadata_filter_ids
);
if
(
decoder
->
private_
->
metadata_filter_ids_count
==
decoder
->
private_
->
metadata_filter_ids_capacity
)
{
if
(
0
==
(
decoder
->
private_
->
metadata_filter_ids
=
(
FLAC__byte
*
)
realloc
(
decoder
->
private_
->
metadata_filter_ids
,
decoder
->
private_
->
metadata_filter_ids_capacity
*
2
)))
{
if
(
0
==
(
decoder
->
private_
->
metadata_filter_ids
=
(
FLAC__byte
*
)
safe_
realloc
_mul_2op_
(
decoder
->
private_
->
metadata_filter_ids
,
decoder
->
private_
->
metadata_filter_ids_capacity
,
/*times*/
2
)))
{
decoder
->
protected_
->
state
=
FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR
;
return
false
;
}
...
...
@@ -1325,7 +1326,7 @@ FLAC__bool allocate_output_(FLAC__StreamDecoder *decoder, unsigned size, unsigne
* (at negative indices) for alignment purposes; we use 4
* to keep the data well-aligned.
*/
tmp
=
(
FLAC__int32
*
)
malloc
(
sizeof
(
FLAC__int32
)
*
(
size
+
4
)
);
tmp
=
(
FLAC__int32
*
)
safe_
malloc
_muladd2_
(
sizeof
(
FLAC__int32
)
,
/*times (*/
size
,
/*+*/
4
/*)*/
);
if
(
tmp
==
0
)
{
decoder
->
protected_
->
state
=
FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR
;
return
false
;
...
...
@@ -1350,7 +1351,7 @@ FLAC__bool allocate_output_(FLAC__StreamDecoder *decoder, unsigned size, unsigne
FLAC__bool
has_id_filtered_
(
FLAC__StreamDecoder
*
decoder
,
FLAC__byte
*
id
)
{
unsigned
i
;
size_t
i
;
FLAC__ASSERT
(
0
!=
decoder
);
FLAC__ASSERT
(
0
!=
decoder
->
private_
);
...
...
@@ -1471,6 +1472,11 @@ FLAC__bool read_metadata_(FLAC__StreamDecoder *decoder)
if
(
!
FLAC__bitreader_read_byte_block_aligned_no_crc
(
decoder
->
private_
->
input
,
block
.
data
.
application
.
id
,
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
/
8
))
return
false
;
/* read_callback_ sets the state for us */