packages/lame
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix fuzz undefined behavior error

Browse Source
This commit is contained in:
wang--ge 2020-12-07 10:51:27 +08:00
parent 511554fd2e
commit fc2985a73d
2 changed files with 83 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
0001-fix-fuzz-undefined-behavior-error.patch Normal file
View File

@ -0,0 +1,77 @@
Date: Sat, 5 Dec 2020 06:33:28 +0000
Subject: [PATCH] fix fuzz undefined behavior error
---
libmp3lame/VbrTag.c | 2 +-
libmp3lame/bitstream.c | 6 +++---
libmp3lame/id3tag.c | 3 ++-
libmp3lame/quantize.c | 2 +-
4 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/libmp3lame/VbrTag.c b/libmp3lame/VbrTag.c
index 5800a44..880010a 100644
--- a/libmp3lame/VbrTag.c
+++ b/libmp3lame/VbrTag.c
@@ -251,7 +251,7 @@ IsVbrTag(const unsigned char *buf)
return (isTag0 || isTag1);
}
-#define SHIFT_IN_BITS_VALUE(x,n,v) ( x = (x << (n)) | ( (v) & ~(-1 << (n)) ) )
+#define SHIFT_IN_BITS_VALUE(x,n,v) ( x = (x << (n)) | ( (v) & ~(0xffffffffu << (n)) ) )
static void
setLameTagFrameHeader(lame_internal_flags const *gfc, unsigned char *buffer)
diff --git a/libmp3lame/bitstream.c b/libmp3lame/bitstream.c
index aa35915..25ee88a 100644
--- a/libmp3lame/bitstream.c
+++ b/libmp3lame/bitstream.c
@@ -178,7 +178,7 @@ putbits2(lame_internal_flags * gfc, int val, int j)
assert(j < MAX_LENGTH); /* 32 too large on 32 bit machines */
assert(bs->buf_bit_idx < MAX_LENGTH);
- bs->buf[bs->buf_byte_idx] |= ((val >> j) << bs->buf_bit_idx);
+ bs->buf[bs->buf_byte_idx] |= (((unsigned int)val >> j) << bs->buf_bit_idx);
bs->totbit += k;
}
}
@@ -290,8 +290,8 @@ CRC_update(int value, int crc)
int i;
value <<= 8;
for (i = 0; i < 8; i++) {
- value <<= 1;
- crc <<= 1;
+ value = (unsigned int)value * 2;
+ crc = (unsigned int)crc * 2;
if (((crc ^ value) & 0x10000))
crc ^= CRC16_POLYNOMIAL;
diff --git a/libmp3lame/id3tag.c b/libmp3lame/id3tag.c
index ac48510..f2888c3 100644
--- a/libmp3lame/id3tag.c
+++ b/libmp3lame/id3tag.c
@@ -157,7 +157,8 @@ typedef enum MiscIDs { ID_TXXX = FRAME_ID('T', 'X', 'X', 'X')
static int
frame_id_matches(int id, int mask)
{
- int result = 0, i, window = 0xff;
+ int result = 0, i;
+ unsigned int window = 0xff;
for (i = 0; i < 4; ++i, window <<= 8) {
int const mw = (mask & window);
int const iw = (id & window);
diff --git a/libmp3lame/quantize.c b/libmp3lame/quantize.c
index 9ba9c16..1417763 100644
--- a/libmp3lame/quantize.c
+++ b/libmp3lame/quantize.c
@@ -895,7 +895,7 @@ inc_subblock_gain(const lame_internal_flags * const gfc, gr_info * const cod_inf
scalefac[sfb] = 0;
{
- int const gain = 210 + (s << (cod_info->scalefac_scale + 1));
+ int const gain = 210 + (int)((unsigned int)s << (cod_info->scalefac_scale + 1));
amp = IPOW20(gain);
}
j += width * (window + 1);
--
2.23.0

8
lame.spec
View File

@ -1,12 +1,13 @@
Name: lame Name: lame
Version: 3.100 Version: 3.100
Release: 7 Release: 8
Summary: Free MP3 audio compressor Summary: Free MP3 audio compressor
License: GPLv2+ License: GPL-2.0+ and GPL-2.0 and LGPL-2.0
URL: http://lame.sourceforge.net/ URL: http://lame.sourceforge.net/
Source0: http://downloads.sourceforge.net/sourceforge/lame/%{name}-%{version}.tar.gz Source0: http://downloads.sourceforge.net/sourceforge/lame/%{name}-%{version}.tar.gz
Patch0001: lame-noexecstack.patch Patch0001: lame-noexecstack.patch
Patch0002: libmp3lame-symbols.patch Patch0002: libmp3lame-symbols.patch
Patch0003: 0001-fix-fuzz-undefined-behavior-error.patch
BuildRequires: ncurses-devel gtk+-devel BuildRequires: ncurses-devel gtk+-devel
@ -83,5 +84,8 @@ make test
%{_bindir}/mp3x %{_bindir}/mp3x
%changelog %changelog
* Sat Dec 05 2020 Ge Wang<wangge20@huawei.com> - 3.100-8
- fix fuzz undefined bebavior error
* Thu Dec 12 2019 zoushuangshuang<zoushuangshuang@huawei.com> - 3.100-7 * Thu Dec 12 2019 zoushuangshuang<zoushuangshuang@huawei.com> - 3.100-7
- Package init - Package init