flac.git
3 years agomicrobench/Makefile.am: Fix 'make distcheck'
Erik de Castro Lopo [Wed, 2 Sep 2015 06:33:30 +0000 (16:33 +1000)]
microbench/Makefile.am: Fix 'make distcheck'

3 years agoAdd first micro-benchmark
Erik de Castro Lopo [Mon, 31 Aug 2015 17:38:43 +0000 (03:38 +1000)]
Add first micro-benchmark

3 years agolibFLAC++/metadata.cpp: Fix undefined behaviour
Erik de Castro Lopo [Mon, 31 Aug 2015 14:46:32 +0000 (00:46 +1000)]
libFLAC++/metadata.cpp: Fix undefined behaviour

3 years agoMSVC: Fix libFLAC_static.vcxproj dependencies
Erik de Castro Lopo [Mon, 31 Aug 2015 14:21:34 +0000 (00:21 +1000)]
MSVC: Fix libFLAC_static.vcxproj dependencies

libFLAC_static.vcxproj was missing a dependency on win_utf8_io_static.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

3 years agoflac/encode.c: Fix undefinoed behaviour
Erik de Castro Lopo [Sun, 30 Aug 2015 14:17:03 +0000 (00:17 +1000)]
flac/encode.c: Fix undefinoed behaviour

3 years agolibFLAC/bitwriter.c: Fix undefined behaviour
Erik de Castro Lopo [Sun, 30 Aug 2015 13:54:33 +0000 (23:54 +1000)]
libFLAC/bitwriter.c: Fix undefined behaviour

3 years agolibFLAC/fixed.c: Fix undefined behaviour
Erik de Castro Lopo [Fri, 28 Aug 2015 19:21:43 +0000 (05:21 +1000)]
libFLAC/fixed.c: Fix undefined behaviour

Left shift if a negative integer such that the sign bit is affected is
(according to the C spec) undefined behaviour and the residual
calculations using the shift operator were hitting this.

Fortunately these same calculations using plain multiplication do not
invoke UB and according to benchmarking (on x86_64 linux) have the same
performance as the bit shift version.

3 years agotests: Fix undefined behaviour
Erik de Castro Lopo [Wed, 26 Aug 2015 22:42:23 +0000 (08:42 +1000)]
tests: Fix undefined behaviour

Undefined behaviour in the test support code.

3 years agolibFLAC/format.c: Fix undefined behaviour
Erik de Castro Lopo [Wed, 26 Aug 2015 07:13:39 +0000 (17:13 +1000)]
libFLAC/format.c: Fix undefined behaviour

In the case where seek_table->num_points is zero, seek_table->points
will be NULL and passing that to qsort() invokes undefined behaviour.

Since seek_table->num_points is zero, the only sensible thing to do
is to short circuit return 0.

3 years agolibFLAC/stream_decoder.c: Fix undefined behaviour
Erik de Castro Lopo [Mon, 24 Aug 2015 09:20:35 +0000 (19:20 +1000)]
libFLAC/stream_decoder.c: Fix undefined behaviour

Found by compiling with -fsanitize=undefined and running the testsuite.

3 years agolibFLAC/bitwriter.c: Fix undefined behaviour
Erik de Castro Lopo [Sat, 22 Aug 2015 22:08:27 +0000 (08:08 +1000)]
libFLAC/bitwriter.c: Fix undefined behaviour

Improve folding of signed to unsgned to avoid UB.

3 years agolibFLAC/bitreader.c: Fix undefined behaviour
Erik de Castro Lopo [Sat, 22 Aug 2015 22:05:02 +0000 (08:05 +1000)]
libFLAC/bitreader.c: Fix undefined behaviour

The function FLAC__bitreader_read_raw_int32() triggered undefined behaviour
when sign extending an unsigned value. The Stanford Grahpics bithacks page
provided an alternative that avoided UB.

3 years agolibFLAC/md5.c: Clean up allocation
Erik de Castro Lopo [Sat, 22 Aug 2015 21:37:53 +0000 (07:37 +1000)]
libFLAC/md5.c: Clean up allocation

Make sure ctx->capacity gets updated correctly when safe_realloc()
fails.

Patch-from:  lvqcl <lvqcl.mail@gmail.com>

3 years agolibFLAC: Fix memory leak
Erik de Castro Lopo [Sat, 22 Aug 2015 10:28:44 +0000 (20:28 +1000)]
libFLAC: Fix memory leak

Leak introduced in commit d9ae5e9128. Thanks to lvqcl <lvqcl.mail@gmail.com>
for pointing it out.

3 years agolibFLAC: Add function safe_realloc_()
Erik de Castro Lopo [Sat, 22 Aug 2015 09:22:50 +0000 (19:22 +1000)]
libFLAC: Add function safe_realloc_()

The new function wraps, realloc() and if the realloc() fails, it
free()s the old pointer.

This is an improvement on the potential realloc() memory leak that
was fixed in 15a9062609.

Still needs fuzzing to validate it.

3 years agolibFLAC/stream_decoder: Fix double free
Erik de Castro Lopo [Sat, 22 Aug 2015 06:51:08 +0000 (16:51 +1000)]
libFLAC/stream_decoder: Fix double free

The american-fuzzy-lop fuzzer found a couple of instances of double
free() resulting from commit 15a9062609.

The problematic free() were the ones associated with use of the
safe_realloc_mul_2op_() function which can call realloc(ptr,0) which
according to the realloc manpage is already an implicit free().

4 years agometaflac: add --scan-replay-gain option
Ben Boeckel [Thu, 13 Aug 2015 01:45:04 +0000 (21:45 -0400)]
metaflac: add --scan-replay-gain option

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agolibFLAC: Fix potential meory leaks
Erik de Castro Lopo [Sun, 9 Aug 2015 04:31:57 +0000 (14:31 +1000)]
libFLAC: Fix potential meory leaks

If the `realloc` function failed, memory would leak.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agodecoder: Treat negative qlp_shift as an error
Erik de Castro Lopo [Sat, 8 Aug 2015 22:50:30 +0000 (08:50 +1000)]
decoder: Treat negative qlp_shift as an error

Shift by a negative value is undefined behaviour so there is no "right"
way of dealing with this.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoWindows: Ensure FreeLibrary() calls match LoadLibrary() calls
Erik de Castro Lopo [Sat, 8 Aug 2015 22:45:44 +0000 (08:45 +1000)]
Windows: Ensure FreeLibrary() calls match LoadLibrary() calls

The function get_utf8_argv() was calling LoadLibrary to load msvcrt.dll
but wasn't calling FreeLibrary() if GetProcAddress() fails.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoflac/metaflac: Do case-insensitve comparison of hex values
Erik de Castro Lopo [Sat, 8 Aug 2015 22:43:29 +0000 (08:43 +1000)]
flac/metaflac: Do case-insensitve comparison of hex values

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoCompat: Fix for MSVC deprecated functions
Erik de Castro Lopo [Sat, 8 Aug 2015 22:41:27 +0000 (08:41 +1000)]
Compat: Fix for MSVC deprecated functions

According to MSDN, stricmp and strnicmp functions are deprecated
since MSVC 2005 and _stricmp/_strnicmp should be used instead.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoautogen.sh: Add --no-symlinks option
Erik de Castro Lopo [Sat, 1 Aug 2015 07:54:49 +0000 (17:54 +1000)]
autogen.sh: Add --no-symlinks option

4 years agoautogen.sh: Switch from bash to sh and make it POSIX
Erik de Castro Lopo [Sat, 1 Aug 2015 07:47:06 +0000 (17:47 +1000)]
autogen.sh: Switch from bash to sh and make it POSIX

4 years agolibFLAC: Fix decoder_flush with uninitialized decoder
Erik de Castro Lopo [Mon, 13 Jul 2015 12:15:58 +0000 (22:15 +1000)]
libFLAC: Fix decoder_flush with uninitialized decoder

Closes: https://sourceforge.net/p/flac/bugs/428

4 years agolibFLAC/cpu.c: Assume Android has SSE
Erik de Castro Lopo [Sun, 12 Jul 2015 02:08:18 +0000 (12:08 +1000)]
libFLAC/cpu.c: Assume Android has SSE

According to https://developer.android.com/ndk/guides/abis.html#x86
Android always support SSE, so there's no need to test SSE OS support.

Why both __ANDROID__ and ANDROID are tested:
http://stackoverflow.com/questions/15328751/android-macro-suddenly-not-defined
http://stackoverflow.com/questions/6374523/how-to-detect-compilation-by-android-ndk-in-a-c-c-file
https://groups.google.com/forum/#!topic/android-ndk/cf9_f1SLXls

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoflac/foreign_metadata: Fix for odd RIFF chunk size
Erik de Castro Lopo [Fri, 10 Jul 2015 09:20:24 +0000 (19:20 +1000)]
flac/foreign_metadata: Fix for odd RIFF chunk size

Accept odd values to ckSize of RIFF chunk. FLAC should read these
but should avoid creating them.

Patch-from: lvqcl <lvqcl.mail@gmail.com>
Closes: https://sourceforge.net/p/flac/support-requests/152/
Closes: https://sourceforge.net/p/flac/bugs/419/

4 years agoconfigure.ac : Pass -fno-inline-small-functions when using GCC 4.7
Mario Sanchez Prada [Mon, 8 Jun 2015 16:25:27 +0000 (17:25 +0100)]
configure.ac : Pass -fno-inline-small-functions when using GCC 4.7

For some reason, the build fails when using GCC 4.7 due to the implicit
-finline-functions option passed to the compiler when -O3 is enabled,
which does not happen in newer versions of GCC, probably due to some of
the "General Optimizer Improvements" included in 4.8 (see [1]).

Fortunately, we don't need to disable -finline-functions completely but
just do it for "small functions", which is what this patch does.

[1] https://gcc.gnu.org/gcc-4.8/changes.html

Closes: https://sourceforge.net/p/flac/bugs/429/
Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agolibFLAC/metadata_object.c: Assign NULL after free()
Erik de Castro Lopo [Mon, 6 Jul 2015 11:30:55 +0000 (21:30 +1000)]
libFLAC/metadata_object.c: Assign NULL after free()

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agolibFLAC/md5.c: Minor formatting fixes
Erik de Castro Lopo [Mon, 6 Jul 2015 11:29:36 +0000 (21:29 +1000)]
libFLAC/md5.c: Minor formatting fixes

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agolibFLAC: More comment validation
Erik de Castro Lopo [Sun, 5 Jul 2015 11:21:44 +0000 (21:21 +1000)]
libFLAC: More comment validation

When the allocation for obj->comment fails, set obj->num_comments
to zero.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoMakefile.am: Remove old cruft
Erik de Castro Lopo [Sun, 5 Jul 2015 10:59:15 +0000 (20:59 +1000)]
Makefile.am: Remove old cruft

4 years agolibFLAC: Improve fix in bc5113007a
Erik de Castro Lopo [Sun, 5 Jul 2015 10:54:28 +0000 (20:54 +1000)]
libFLAC: Improve fix in bc5113007a

The assert that was removed in bc5113007a, was a result of error
handling in read_metadata_vorbiscomment_() which set obj->num_comments
to zero, without freeing obj->comments and setting it to NULL.

This commit also restores the assert that was removed.

4 years agolibFLAC: Remove un-needed assert
Erik de Castro Lopo [Sat, 4 Jul 2015 06:27:21 +0000 (16:27 +1000)]
libFLAC: Remove un-needed assert

This asset was firing when the build was configured with --enable-debug
and the flac executable was then run under American Fuzzy Lop. Removing
the assert did not cause any other problems, even under AFL.

4 years agoreplaygain: Remove dead assignment
Erik de Castro Lopo [Sat, 4 Jul 2015 02:34:57 +0000 (12:34 +1000)]
replaygain: Remove dead assignment

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agolibFLAC: Remove un-needed test for NULL before free
Erik de Castro Lopo [Sat, 4 Jul 2015 02:19:29 +0000 (12:19 +1000)]
libFLAC: Remove un-needed test for NULL before free

Passing a NULL pointer to free() is a no-op.

4 years agoflac: Fix inlining failure warning
Erik de Castro Lopo [Sat, 4 Jul 2015 01:51:22 +0000 (11:51 +1000)]
flac: Fix inlining failure warning

Also remove related, but old and irrelevant comment.

4 years agograbbag: Replace strncpy with safe_strncpy
Erik de Castro Lopo [Fri, 3 Jul 2015 23:15:24 +0000 (09:15 +1000)]
grabbag: Replace strncpy with safe_strncpy

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoRemove old incorrect comment
Erik de Castro Lopo [Fri, 24 Apr 2015 22:16:27 +0000 (08:16 +1000)]
Remove old incorrect comment

As discussed on the flac-dev mailing list.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoconfigure: Only use -mstackrealign on i686 for mingw32/os2
Tristan Matthews [Sat, 11 Apr 2015 05:05:30 +0000 (01:05 -0400)]
configure: Only use -mstackrealign on i686 for mingw32/os2

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agoconfigure.ac : Add -mstackrealign whenever we add -msse2.
Erik de Castro Lopo [Tue, 31 Mar 2015 07:21:38 +0000 (18:21 +1100)]
configure.ac : Add -mstackrealign whenever we add -msse2.

There have been some (pretty much unconfirmed) reports of problems
with SSE enabled but without this stack alignment flag.

4 years agosrc/libFLAC/lpc.c : Restore missing conditional.
Erik de Castro Lopo [Tue, 31 Mar 2015 07:08:09 +0000 (18:08 +1100)]
src/libFLAC/lpc.c : Restore missing conditional.

Git commit 9c2290ade5 in-correctly removed a conditional around
an fprintf. Thanks to mark4o on #xiph (freenode) for reporting
this.

4 years agoconfigure.ac : Tweak for x32 architecture.
Erik de Castro Lopo [Wed, 11 Mar 2015 09:51:42 +0000 (20:51 +1100)]
configure.ac : Tweak for x32 architecture.

The x32 architecture uses and ILP32 (32 bit ints, longs and pointers)
on an x86_64 CPU. Since the CPU is x86_64 we need to set FLAC__CPU_X86_64
even though the pointer size is 32 bits.

Patch-from: Stuart Shelton
Closes: https://sourceforge.net/p/flac/bugs/427/

4 years agoconfigure.ac : Fix FLAC__HAS_X86INTRIN / FLaC__SSE_OS.
Erik de Castro Lopo [Tue, 24 Feb 2015 19:40:53 +0000 (06:40 +1100)]
configure.ac : Fix FLAC__HAS_X86INTRIN / FLaC__SSE_OS.

* Correct definition of FLAC__HAS_X86INTRIN in config.h file.
* Correct comparison of sse_os with 'true' instead of 'yes'.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agosrc/test_streams/main.c : Use flac_snprintf() instead of snprintf().
Erik de Castro Lopo [Tue, 24 Feb 2015 19:38:04 +0000 (06:38 +1100)]
src/test_streams/main.c : Use flac_snprintf() instead of snprintf().

MSVC doesn't have snprintf().

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoci/flac-autotool.sh : Test 'distcheck' target instead of 'check'.
Erik de Castro Lopo [Tue, 24 Feb 2015 07:14:12 +0000 (18:14 +1100)]
ci/flac-autotool.sh : Test 'distcheck' target instead of 'check'.

4 years agotest/test_flac.sh : Make it work for 'make distcheck'.
Erik de Castro Lopo [Tue, 24 Feb 2015 07:04:44 +0000 (18:04 +1100)]
test/test_flac.sh : Make it work for 'make distcheck'.

An output file was being set to read only and hence could not be
overwritten by a later test. Not sure why this only affected the
'make distcheck' target.

4 years agoFix cursheet tests for 'make distcheck'.
Erik de Castro Lopo [Mon, 23 Feb 2015 08:42:30 +0000 (19:42 +1100)]
Fix cursheet tests for 'make distcheck'.

4 years agosrc/encode.c : Fix potential infinite loop in flac-toflac encoding.
Erik de Castro Lopo [Sun, 22 Feb 2015 07:05:12 +0000 (18:05 +1100)]
src/encode.c : Fix potential infinite loop in flac-toflac encoding.

A malformed file (generated by AFL) had a 'samples_left_to_process' value
of greater than the actual numbe of samples. When re-encoding the decoder
would get to the end of the file and then continuously return a decode
status of FLAC__STREAM_DECODER_END_OF_STREAM, causing an infinite loop.

Solution is to break out of the loop on two consecutive end-of-stream
events.

4 years agoAdd file ci/flac-autotool.sh.
Erik de Castro Lopo [Fri, 20 Feb 2015 21:47:41 +0000 (08:47 +1100)]
Add file ci/flac-autotool.sh.

Currently only does 'make check' because 'make distcheck' is currently
broken.

4 years agolibFLAC/metadata_object.c : Fix typo in comment.
Erik de Castro Lopo [Fri, 20 Feb 2015 20:05:21 +0000 (07:05 +1100)]
libFLAC/metadata_object.c : Fix typo in comment.

4 years agoconfigure.ac : Detect 'amd64' as being same as 'x86_64'.
Christian Weisgerber [Fri, 9 Jan 2015 22:37:37 +0000 (22:37 +0000)]
configure.ac : Detect 'amd64' as being same as 'x86_64'.

On BSD systems, the 64-bit x86 architecture is called "amd64".

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agosrc/libFLAC/stream_decoder.c : Rework fix for seeking bug.
Miroslav Lichvar [Mon, 15 Dec 2014 14:46:12 +0000 (15:46 +0100)]
src/libFLAC/stream_decoder.c : Rework fix for seeking bug.

To avoid crash caused by an unbound LPC decoding when predictor order is
larger than blocksize, the sanity check needs to be moved to the subframe
decoding functions.

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agolibFLAC : Put upper bound on number of seek points.
Erik de Castro Lopo [Wed, 18 Feb 2015 06:55:52 +0000 (17:55 +1100)]
libFLAC : Put upper bound on number of seek points.

Restrict number of seek points to 32768 total and a maximum of two per
second.

Ten hours of content is 36000 seconds which gives about one seek point
for every second for those ten hours. Also, having more than two seek
point per second makes little sense regardless of content length.

Without these restrictions flac-to-flac encoding of a malformed input
file (eg something generated with http://lcamtuf.coredump.cx/afl/)
can result in an attempt to generate a stupidly large number of seek
points and cause an allocation failure.

4 years agoflac : Fix for https://sourceforge.net/p/flac/bugs/425/
Erik de Castro Lopo [Tue, 17 Feb 2015 07:35:05 +0000 (18:35 +1100)]
flac : Fix for https://sourceforge.net/p/flac/bugs/425/

* flac/encode.c : Validate num_tracks field of cuesheet.
* libFLAC/stream_encoder.c : Add check for a NULL pointer.
* flac/encode.c : Improve bounds checking.

Closes: https://sourceforge.net/p/flac/bugs/425/

4 years agotest/test_metaflac.sh : Out-of-tree build fixes.
Erik de Castro Lopo [Sun, 15 Feb 2015 06:02:14 +0000 (17:02 +1100)]
test/test_metaflac.sh : Out-of-tree build fixes.

4 years agotest/test_flac.sh : Out-of-tree build fixes.
Erik de Castro Lopo [Sun, 15 Feb 2015 05:32:25 +0000 (16:32 +1100)]
test/test_flac.sh : Out-of-tree build fixes.

4 years agoUpdate grabbag tests to work out-of-tree.
Erik de Castro Lopo [Sun, 15 Feb 2015 03:31:30 +0000 (14:31 +1100)]
Update grabbag tests to work out-of-tree.

4 years agotest/test_flac.sh : Silence increased encoding size warnings.
Erik de Castro Lopo [Fri, 13 Feb 2015 08:47:30 +0000 (19:47 +1100)]
test/test_flac.sh : Silence increased encoding size warnings.

These warning are supposed to occur for files with noise-like
characteristics and some of the tests use files containing noise.

4 years agotest/Makefile.am : Collapse 'fullcheck' into 'check' target.
Erik de Castro Lopo [Sat, 27 Dec 2014 01:30:41 +0000 (12:30 +1100)]
test/Makefile.am : Collapse 'fullcheck' into 'check' target.

4 years agotest/common.sh.in : Add top_builddir and top_srcdir variables.
Erik de Castro Lopo [Sun, 21 Dec 2014 03:41:59 +0000 (14:41 +1100)]
test/common.sh.in : Add top_builddir and top_srcdir variables.

These are needed for running some of the tests when building out
of tree.

4 years agoreplaygain test: Use C code to generate test files.
Erik de Castro Lopo [Sat, 20 Dec 2014 03:24:41 +0000 (14:24 +1100)]
replaygain test: Use C code to generate test files.

4 years agosrc/test_streams/ : Pull out write_simple_wavex_header() for reuse.
Erik de Castro Lopo [Fri, 19 Dec 2014 09:35:37 +0000 (20:35 +1100)]
src/test_streams/ : Pull out write_simple_wavex_header() for reuse.

4 years agotest/test_replaygain.sh : Minor cleanup.
Erik de Castro Lopo [Sat, 20 Dec 2014 00:40:41 +0000 (11:40 +1100)]
test/test_replaygain.sh : Minor cleanup.

* Pipe un-needed strerr output to /dev/null.
* Pass --silent and --no-seektable to the flac executable.
* When generating tones, use --output-name=....

4 years agosrc/libFLAC/stream_decoder.c : Fix NULL de-reference.
Erik de Castro Lopo [Wed, 17 Dec 2014 08:02:26 +0000 (19:02 +1100)]
src/libFLAC/stream_decoder.c : Fix NULL de-reference.

NULL de-reference can really only happen on a malformed file.
Found using afl (http://lcamtuf.coredump.cx/afl/).

4 years agosrc/flac/decode.c : Add WAVEFORMATEXTENSIBLE to WAV files as needed.
Erik de Castro Lopo [Sun, 14 Dec 2014 09:00:33 +0000 (20:00 +1100)]
src/flac/decode.c : Add WAVEFORMATEXTENSIBLE to WAV files as needed.

Patch-by: lvqcl <lvqcl.mail@gmail.com>
4 years agoGrammatical error in make file comment fixed
Karthik Periagaram [Sat, 13 Dec 2014 21:15:52 +0000 (13:15 -0800)]
Grammatical error in make file comment fixed

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agoSpelling and grammar fixes for console output
Karthik Periagaram [Sat, 13 Dec 2014 21:12:02 +0000 (13:12 -0800)]
Spelling and grammar fixes for console output

This commit fixes a typo in a console debug message encountered during
encoding. It also fixes a grammatical error in the same message.

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agostream_decoder.c : Fix free-ing of unitilialized pointer.
Erik de Castro Lopo [Thu, 11 Dec 2014 09:40:37 +0000 (20:40 +1100)]
stream_decoder.c : Fix free-ing of unitilialized pointer.

Found using afl (http://lcamtuf.coredump.cx/afl/).

4 years agosrc/libFLAC/stream_decoder.c : Fix seek bug.
Erik de Castro Lopo [Wed, 10 Dec 2014 07:54:16 +0000 (18:54 +1100)]
src/libFLAC/stream_decoder.c : Fix seek bug.

Janne Hyvärinen reported a problem with seeking as a result of the
fix for CVE-2014-9028. This is a different solution to the issue
that should not adversely affect seeking.

This version of the fix for the above CVE has been extensively fuzz
tested using afl (http://lcamtuf.coredump.cx/afl/).

Reported-by: Janne Hyvärinen <cse@sci.fi>
4 years agoflac/vorbiscomment.c : Fix typo.
Erik de Castro Lopo [Mon, 8 Dec 2014 19:04:40 +0000 (06:04 +1100)]
flac/vorbiscomment.c : Fix typo.

Patch-from: Jan Stary <hans@stare.cz>

4 years agoRemove traiing whitespace (mostly .c and .h files).
Erik de Castro Lopo [Thu, 4 Dec 2014 18:52:25 +0000 (05:52 +1100)]
Remove traiing whitespace (mostly .c and .h files).

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agoImprove LPC order guess
Martijn van Beurden [Wed, 3 Dec 2014 13:59:19 +0000 (14:59 +0100)]
Improve LPC order guess

The recent compression preset retuning improved upon most material
but it the few tracks that show regression are usually classical
music. This patch improves compression by improving the LPC order
guess, of which classical music benefits most.

Improvement is 0.007% on average but up to 0.1%. I haven't seen
regressions for any of my test samples.

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agoImprove encoding speed on older Intel CPUs.
Erik de Castro Lopo [Thu, 4 Dec 2014 10:03:01 +0000 (21:03 +1100)]
Improve encoding speed on older Intel CPUs.

The commit http://git.xiph.org/?p=flac.git;a=commit;h=e9d805dd4374
changed the that calculate autocorrelation. However, the new code
worked slightly (about 4%) slower on Core 2, but with the new
presets the speed decrease can reach ~25%.

This patch enables both old and new functions and chooses between
them at runtime.

Patch-from: lvqcl <lvqcl.mail@gmail.com>

4 years agosrc/flac/main.c : Fix an output line > 81 characters in length.
Erik de Castro Lopo [Thu, 4 Dec 2014 10:01:19 +0000 (21:01 +1100)]
src/flac/main.c : Fix an output line > 81 characters in length.

Requested-by: lvqcl <lvqcl.mail@gmail.com>
4 years agoFix some minor word duplication
Zoë Blade [Mon, 1 Dec 2014 14:38:11 +0000 (14:38 +0000)]
Fix some minor word duplication

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agoconfigure.ac : Relax automake version requirements.
Erik de Castro Lopo [Sun, 30 Nov 2014 18:28:02 +0000 (05:28 +1100)]
configure.ac : Relax automake version requirements.

Suggested-by: Jan Stary <hans@stare.cz>
4 years agoconfigure.ac : Don't zap '-g' from $CFLAGS.
Erik de Castro Lopo [Sun, 30 Nov 2014 00:56:47 +0000 (11:56 +1100)]
configure.ac : Don't zap '-g' from $CFLAGS.

The '-g' was in-correctly getting zapped from all CFLAGS expressions
including eg:

    -mfloat-gprs=double (for powerpc e500) -> -mfloatprs=double.

Reported-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
4 years agosrc/libFLAC/stream_decoder.c : Fix another input validation bug.
Erik de Castro Lopo [Fri, 28 Nov 2014 12:39:25 +0000 (23:39 +1100)]
src/libFLAC/stream_decoder.c : Fix another input validation bug.

If a file says it contains a stupidly large number of vorbis comments,
the stream decoder would try to allocate enough memory which would fail
returning NULL and then write to that pointer anyway. The solution is
to set a hard limit of 10000 vorbis comments and force num_comments to
zero if the number is too large.

Problem found using the afl (american fuzzy lop) fuzzer.

Closes: https://sourceforge.net/p/flac/bugs/421/
Reported-by : Hanno Böck <hanno@hboeck.de>

4 years agoVersion 1.3.1 final. 1.3.1
Erik de Castro Lopo [Thu, 27 Nov 2014 03:04:48 +0000 (14:04 +1100)]
Version 1.3.1 final.

4 years agoScripts/cross-build-win-binaries.mk : Add a 'clean' target.
Erik de Castro Lopo [Thu, 27 Nov 2014 03:04:08 +0000 (14:04 +1100)]
Scripts/cross-build-win-binaries.mk : Add a 'clean' target.

4 years agosrc/libFLAC/stream_decoder.c : Fail safely to avoid a heap overflow.
Erik de Castro Lopo [Thu, 27 Nov 2014 00:55:11 +0000 (11:55 +1100)]
src/libFLAC/stream_decoder.c : Fail safely to avoid a heap overflow.

This fix is closely related to the fix for CVE-2014-9028. When that
fix went public Miroslav Lichvar noticed a similar potential problem
spot in the same function and was able to craft a file to trigger a
heap write overflow.

Reported-by : Miroslav Lichvar <mlichvar@redhat.com>

4 years agoexamples/*/Makefile.am : Add CLEANFILES line to remove Windows .exe files.
Erik de Castro Lopo [Thu, 27 Nov 2014 02:40:01 +0000 (13:40 +1100)]
examples/*/Makefile.am : Add CLEANFILES line to remove Windows .exe files.

4 years agotests/*.sh : Switch back to /bin/sh.
Erik de Castro Lopo [Thu, 27 Nov 2014 02:03:13 +0000 (13:03 +1100)]
tests/*.sh : Switch back to /bin/sh.

Jan Stary reported that on OpenBSD bash isn't located in /bin/
which means that the test fail. He also noted that there didn't
seem to be anything bash specific in the tests.

This patch takes some suggestions from Jan, plus a few fixes tested
on Debian using the bin/sh provided by bash and dash.

Suggested-by: Jan Stary <hans@stare.cz>
4 years agochangelog.html : Minor corrections in decoding speed entry.
Erik de Castro Lopo [Wed, 26 Nov 2014 22:08:47 +0000 (09:08 +1100)]
changelog.html : Minor corrections in decoding speed entry.

4 years agoNormalize some copyright dates strings.
Erik de Castro Lopo [Wed, 26 Nov 2014 21:24:47 +0000 (08:24 +1100)]
Normalize some copyright dates strings.

This will make it easier to simply search and replace.

4 years agoSome last copyright year updates and change to open bug list
Martijn van Beurden [Wed, 26 Nov 2014 10:15:09 +0000 (11:15 +0100)]
Some last copyright year updates and change to open bug list

This updates one rather important mention of the copyright year
(the encoding/decoding progress display) and a few in the
documentation. Furthermore, it updates the open bug list

Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
4 years agoFix two un-related typos.
Erik de Castro Lopo [Wed, 26 Nov 2014 09:42:15 +0000 (20:42 +1100)]
Fix two un-related typos.

4 years agotest/test_compression.sh : Fix for OSX.
Erik de Castro Lopo [Wed, 26 Nov 2014 05:20:06 +0000 (16:20 +1100)]
test/test_compression.sh : Fix for OSX.

On Mac OSX, the 'wc -c' command returns a number with leading whitespace
which then results in a syntax error when the shell parser expects a
number when it really has a string containing a number. The easy fix is
to use string interpolation.

Closes: https://sourceforge.net/p/flac/bugs/420/
Reported-by: Mark Harris <mark.hsj@gmail.com>
4 years agoScripts/cross-build-win-binaries.mk : Strip the binaries.
Erik de Castro Lopo [Tue, 25 Nov 2014 19:42:21 +0000 (06:42 +1100)]
Scripts/cross-build-win-binaries.mk : Strip the binaries.

4 years agolibFLAC/format.c : Fix the date in FLAC__VENDOR_STRING.
Erik de Castro Lopo [Tue, 25 Nov 2014 19:41:51 +0000 (06:41 +1100)]
libFLAC/format.c : Fix the date in FLAC__VENDOR_STRING.

4 years agoMore date fixes.
Erik de Castro Lopo [Tue, 25 Nov 2014 09:02:22 +0000 (20:02 +1100)]
More date fixes.

4 years agoSet version to 1.3.1pre1. 1.3.1pre1
Erik de Castro Lopo [Mon, 24 Nov 2014 11:13:27 +0000 (22:13 +1100)]
Set version to 1.3.1pre1.

4 years agoAdd file Scripts/cross-build-win-binaries.mk.
Erik de Castro Lopo [Tue, 25 Nov 2014 08:07:20 +0000 (19:07 +1100)]
Add file Scripts/cross-build-win-binaries.mk.

4 years agoMakefile.am : EXTRA_DIST should contain FLAC-vs2005.sln.
Erik de Castro Lopo [Mon, 24 Nov 2014 19:02:30 +0000 (06:02 +1100)]
Makefile.am : EXTRA_DIST should contain FLAC-vs2005.sln.

4 years agoUpdate copyright years to include 2014.
Erik de Castro Lopo [Mon, 24 Nov 2014 11:07:15 +0000 (22:07 +1100)]
Update copyright years to include 2014.

4 years agosrc/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.
Erik de Castro Lopo [Thu, 20 Nov 2014 03:35:59 +0000 (19:35 -0800)]
src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.

A file provided by the reporters caused the stream decoder to write to
un-allocated heap space resulting in a segfault. The solution is to
error out (by returning false from read_residual_partitioned_rice_())
instead of trying to continue to decode.

Fixes: CVE-2014-9028
Reported-by: Michele Spagnuolo,
             Google Security Team <mikispag@google.com>

4 years agodoc/html/changelog.html : Add attributions and fix a typo.
Erik de Castro Lopo [Mon, 24 Nov 2014 10:54:34 +0000 (21:54 +1100)]
doc/html/changelog.html : Add attributions and fix a typo.

4 years agodoc/html/changelog.html : Update for 1.3.1 release.
Erik de Castro Lopo [Mon, 24 Nov 2014 10:09:07 +0000 (21:09 +1100)]
doc/html/changelog.html : Update for 1.3.1 release.

4 years agoRename Visual Studio solution files.
Erik de Castro Lopo [Sun, 23 Nov 2014 19:05:10 +0000 (06:05 +1100)]
Rename Visual Studio solution files.

* FLAC-vs2010.sln -> FLAC.sln
* FLAC.sln -> FLAC-vs2005.sln