'[SoX-devel] [ sox-Bugs-3474924 ] Buffer overrun during FLAC encoding'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sox-devel
Subject:    [SoX-devel] [ sox-Bugs-3474924 ] Buffer overrun during FLAC encoding
From:       SourceForge.net <noreply () sourceforge ! net>
Date:       2012-05-30 6:19:34
Message-ID: E1SZcFr-0007Gy-Ms () sfs-ml-3 ! v29 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Bugs item #3474924, was opened at 2012-01-17 04:56
Message generated for change (Comment added) made by eric_wong
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110706&aid=3474924&group_id=10706

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: https://login.launchpad.net/+id ()
Assigned to: Nobody/Anonymous (nobody)
Summary: Buffer overrun during FLAC encoding

Initial Comment:
I experience this issue with a simple sox_read/sox_write loop with libsox.

"write_samples" in flac.c doesn't check if "len" is greater than the size of the \
allocated buffer "decoded_samples." If so, a buffer overrun can occur. \
"decoded_samples" is set to sox_globals.bufsiz, so any call to sox_write with a \
length of more than sox_globals.bufsize will overrun the buffer.

I've attached a not-very-well tested potential patch that clamps the input length to \
the size of the buffer.

----------------------------------------------------------------------

Comment By: eric_wong (eric_wong)
Date: 2012-05-29 23:19

Message:
I think it's slightly better to grow/allocate the buffer on demand (since
the buffer is rarely resized).
It's easier for a SoX newbie like myself to understand, at least.

Here's a patch for git-am:
http://bogomips.org/sox.git/patch/?id=2f70ed3966fb6762b1e958ebe9a21ecfef50c4c7

Also available via git pull:
  git pull git://bogomips.org/sox.git flac-encoder-overrun-3474924


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110706&aid=3474924&group_id=10706

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
SoX-devel mailing list
SoX-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sox-devel


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic