Commit c06a4496 authored by Erik de Castro Lopo's avatar Erik de Castro Lopo

flac : Fix for https://sourceforge.net/p/flac/bugs/425/

* flac/encode.c : Validate num_tracks field of cuesheet.
* libFLAC/stream_encoder.c : Add check for a NULL pointer.
* flac/encode.c : Improve bounds checking.

Closes: https://sourceforge.net/p/flac/bugs/425/
parent ed22a42b
......@@ -116,14 +116,14 @@ const int FLAC_ENCODE__DEFAULT_PADDING = 8192;
static FLAC__bool is_big_endian_host_;
static FLAC__int8 static_buffer[CHUNK_OF_SAMPLES*FLAC__MAX_CHANNELS*((FLAC__REFERENCE_CODEC_MAX_BITS_PER_SAMPLE+7)/8)];
#define UBUFFER_INT8_SIZE 0x10000
static union {
FLAC__int8 *s8;
FLAC__uint8 *u8;
FLAC__int16 *s16;
FLAC__uint16 *u16;
} ubuffer = { static_buffer };
FLAC__int8 s8[UBUFFER_INT8_SIZE];
FLAC__uint8 u8[UBUFFER_INT8_SIZE];
FLAC__int16 s16[UBUFFER_INT8_SIZE/2];
FLAC__uint16 u16[UBUFFER_INT8_SIZE/2];
} ubuffer;
static FLAC__int32 in_[FLAC__MAX_CHANNELS][CHUNK_OF_SAMPLES];
......@@ -1385,10 +1385,10 @@ int flac__encode_file(FILE *infile, FLAC__off_t infilesize, const char *infilena
case FORMAT_AIFF:
case FORMAT_AIFF_C:
while(encoder_session.fmt.iff.data_bytes > 0) {
const size_t bytes_to_read = (size_t)min(
encoder_session.fmt.iff.data_bytes,
(FLAC__uint64)CHUNK_OF_SAMPLES * (FLAC__uint64)encoder_session.info.bytes_per_wide_sample
);
const size_t bytes_to_read =
min (sizeof (ubuffer.u8),
min ((size_t)encoder_session.fmt.iff.data_bytes,
CHUNK_OF_SAMPLES * (size_t)encoder_session.info.bytes_per_wide_sample));
size_t bytes_read = fread(ubuffer.u8, sizeof(unsigned char), bytes_to_read, infile);
if(bytes_read == 0) {
if(ferror(infile)) {
......@@ -1875,7 +1875,7 @@ FLAC__bool EncoderSession_init_encoder(EncoderSession *e, encode_options_t optio
}
existing_cuesheet_is_bad = true;
}
else if(e->total_samples_to_encode != cs->tracks[cs->num_tracks-1].offset) {
else if(cs->num_tracks > 0 && e->total_samples_to_encode != cs->tracks[cs->num_tracks-1].offset) {
flac__utils_printf(stderr, 1, "%s: WARNING, lead-out offset of cuesheet in input FLAC file does not match input length, dropping existing cuesheet...\n", e->inbasefilename);
if(e->treat_warnings_as_errors) {
static_metadata_clear(&static_metadata);
......
......@@ -2159,14 +2159,21 @@ FLAC_API FLAC__bool FLAC__stream_encoder_process(FLAC__StreamEncoder *encoder, c
FLAC__ASSERT(0 != encoder->protected_);
FLAC__ASSERT(encoder->protected_->state == FLAC__STREAM_ENCODER_OK);
// FLAC__ASSERT(samples <= blocksize);
do {
const unsigned n = flac_min(blocksize+OVERREAD_-encoder->private_->current_sample_number, samples-j);
if(encoder->protected_->verify)
append_to_verify_fifo_(&encoder->private_->verify.input_fifo, buffer, j, channels, n);
for(channel = 0; channel < channels; channel++)
for(channel = 0; channel < channels; channel++) {
if (buffer[channel] == NULL) {
encoder->protected_->state = FLAC__STREAM_ENCODER_WRITE_STATUS_FATAL_ERROR;
return false;
}
memcpy(&encoder->private_->integer_signal[channel][encoder->private_->current_sample_number], &buffer[channel][j], sizeof(buffer[channel][0]) * n);
}
if(encoder->protected_->do_mid_side_stereo) {
FLAC__ASSERT(channels == 2);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment