1. 29 Jan, 2019 3 commits
  2. 28 Jan, 2019 6 commits
  3. 05 Jul, 2018 1 commit
  4. 23 May, 2018 3 commits
  5. 17 May, 2018 2 commits
  6. 09 May, 2018 1 commit
  7. 09 Apr, 2018 1 commit
  8. 21 Mar, 2018 1 commit
  9. 16 Mar, 2018 4 commits
  10. 11 Dec, 2017 2 commits
    • Guido Günther's avatar
      CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb if not initialized · c1c2831f
      Guido Günther authored
      If the number of channels is not within the allowed range
      we call oggback_writeclear altough it's not initialized yet.
      
      This fixes
      
          =23371== Invalid free() / delete / delete[] / realloc()
          ==23371==    at 0x4C2CE1B: free (vg_replace_malloc.c:530)
          ==23371==    by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
          ==23371==    by 0x84B96EE: vorbis_analysis_headerout (info.c:652)
          ==23371==    by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
          ==23371==    by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
          ==23371==    by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
          ==23371==    by 0x10D82A: open_output_file (sox.c:1556)
          ==23371==    by 0x10D82A: process (sox.c:1753)
          ==23371==    by 0x10D82A: main (sox.c:3012)
          ==23371==  Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd
          ==23371==    at 0x4C2BB1F: malloc (vg_replace_malloc.c:298)
          ==23371==    by 0x4C2DE9F: realloc (vg_replace_malloc.c:785)
          ==23371==    by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
          ==23371==    by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
          ==23371==    by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
          ==23371==    by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
          ==23371==    by 0x10D82A: open_output_file (sox.c:1556)
          ==23371==    by 0x10D82A: process (sox.c:1753)
          ==23371==    by 0x10D82A: main (sox.c:3012)
      
      as seen when using the testcase from CVE-2017-11333 with
      008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was
      there before.
      c1c2831f
    • Guido Günther's avatar
      CVE-2017-14633: Don't allow for more than 256 channels · a79ec216
      Guido Günther authored
      Otherwise
      
       for(i=0;i<vi->channels;i++){
            /* the encoder setup assumes that all the modes used by any
               specific bitrate tweaking use the same floor */
            int submap=info->chmuxlist[i];
      
      overreads later in mapping0_forward since chmuxlist is a fixed array of
      256 elements max.
      a79ec216
  11. 11 Nov, 2017 1 commit
  12. 10 Nov, 2017 1 commit
  13. 25 Sep, 2017 1 commit
    • Ralph Giles's avatar
      Add build flags for YouCompleteMe. · 8ef0f805
      Ralph Giles authored
      Add a .ycm_extra.conf.py script to return the same CFLAGS
      we pass for `make debug`. These are passed to libclang
      so symbol lookup works correctly.
      
      Note this doesn't pick up changes to the build config,
      including non-default locations for the ogg headers,
      but it's better than nothing.
      8ef0f805
  14. 25 Jul, 2017 1 commit
  15. 24 Jul, 2017 1 commit
  16. 23 Jul, 2017 1 commit
  17. 22 Jul, 2017 3 commits
  18. 16 Jun, 2017 2 commits
  19. 05 Oct, 2016 5 commits