diff options
author | naddy <naddy@FreeBSD.org> | 2007-11-13 22:28:29 +0800 |
---|---|---|
committer | naddy <naddy@FreeBSD.org> | 2007-11-13 22:28:29 +0800 |
commit | a153a7955e6006a293e0617ce0b12c767ee5b4f2 (patch) | |
tree | e1e2b3f2113364bf66732584b22b03ecf1de8eed | |
parent | d13ecdb78d72e664ebf289f1a723d4fe19a67564 (diff) | |
download | freebsd-ports-gnome-a153a7955e6006a293e0617ce0b12c767ee5b4f2.tar.gz freebsd-ports-gnome-a153a7955e6006a293e0617ce0b12c767ee5b4f2.tar.zst freebsd-ports-gnome-a153a7955e6006a293e0617ce0b12c767ee5b4f2.zip |
Fix integer overflows (CVE-2007-4619) by backporting corresponding
fixes from FLAC 1.2.1.
Reviewed by: miwi
Approved by: portmgr (linimon)
Security: ff65eecb-91e4-11dc-bd6c-0016179b2dd5
33 files changed, 1358 insertions, 6 deletions
diff --git a/audio/flac/Makefile b/audio/flac/Makefile index 8c7a27ab6a4a..7031a4a532bc 100644 --- a/audio/flac/Makefile +++ b/audio/flac/Makefile @@ -7,10 +7,13 @@ PORTNAME= flac PORTVERSION= 1.1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= audio -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= ${PORTNAME} +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:S/$/:sf/} \ + ${MASTER_SITE_LOCAL:S/$/:local/} +MASTER_SITE_SUBDIR= ${PORTNAME}/:sf naddy/:local +DISTFILES= ${EXTRACT_ONLY}:sf flac-alloc.h:local +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= naddy@FreeBSD.org COMMENT= Free lossless audio codec @@ -42,6 +45,9 @@ MAN1= flac.1 metaflac.1 BUILD_DEPENDS= nasm:${PORTSDIR}/devel/nasm .endif +post-extract: + @${CP} ${DISTDIR}/flac-alloc.h ${WRKSRC}/include/share/alloc.h + # "obj" is magic to our make(1) post-configure: @${RM} -rf ${WRKSRC}/obj diff --git a/audio/flac/distinfo b/audio/flac/distinfo index c6618ce633a8..0928ac572faf 100644 --- a/audio/flac/distinfo +++ b/audio/flac/distinfo @@ -1,3 +1,6 @@ MD5 (flac-1.1.2.tar.gz) = 2bfc127cdda02834d0491ab531a20960 SHA256 (flac-1.1.2.tar.gz) = ce4f7d11b3c04a7368c916ca4abc284dd0c0256f461dfb7f07df1ab445e7a5c0 SIZE (flac-1.1.2.tar.gz) = 1516235 +MD5 (flac-alloc.h) = 08891390039e2aee9bd4335f784467db +SHA256 (flac-alloc.h) = da40afc663e5b3fe6dccd1a0f1c218b7ec02d3699d72b41d6978696896d7df98 +SIZE (flac-alloc.h) = 5697 diff --git a/audio/flac/files/patch-src_libFLAC++_metadata.cpp b/audio/flac/files/patch-src_libFLAC++_metadata.cpp new file mode 100644 index 000000000000..3bd2644ee2cc --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC++_metadata.cpp @@ -0,0 +1,66 @@ + +$FreeBSD$ + +--- src/libFLAC++/metadata.cpp.orig ++++ src/libFLAC++/metadata.cpp +@@ -33,6 +33,7 @@ + #include "FLAC/assert.h" + #include <stdlib.h> // for malloc(), free() + #include <string.h> // for memcpy() etc. ++#include "share/alloc.h" + + #ifdef _MSC_VER + // warning C4800: 'int' : forcing to bool 'true' or 'false' (performance warning) +@@ -568,7 +569,7 @@ + + clear_entry(); + +- if(0 == (entry_.entry = (FLAC__byte*)malloc(field_length+1))) { ++ if(0 == (entry_.entry = (FLAC__byte*)safe_malloc_add_2op_(field_length, /*+*/1))) { + is_valid_ = false; + } + else { +@@ -617,7 +618,7 @@ + + clear_field_value(); + +- if(0 == (field_value_ = (char *)malloc(field_value_length+1))) { ++ if(0 == (field_value_ = (char *)safe_malloc_add_2op_(field_value_length, /*+*/1))) { + is_valid_ = false; + } + else { +@@ -707,7 +708,7 @@ + { + clear_entry(); + +- if(0 == (entry_.entry = (FLAC__byte*)malloc(field_name_length_ + 1 + field_value_length_ + 1))) { ++ if(0 == (entry_.entry = (FLAC__byte*)safe_malloc_add_4op_(field_name_length_, /*+*/1, /*+*/field_value_length_, /*+*/1))) { + is_valid_ = false; + } + else { +@@ -733,7 +734,7 @@ + p = (const char *)entry_.entry + entry_.length; + + field_name_length_ = p - (const char *)entry_.entry; +- if(0 == (field_name_ = (char *)malloc(field_name_length_ + 1))) { // +1 for the trailing \0 ++ if(0 == (field_name_ = (char *)safe_malloc_add_2op_(field_name_length_, /*+*/1))) { // +1 for the trailing \0 + is_valid_ = false; + return; + } +@@ -742,14 +743,14 @@ + + if(entry_.length - field_name_length_ == 0) { + field_value_length_ = 0; +- if(0 == (field_value_ = (char *)malloc(0))) { ++ if(0 == (field_value_ = (char *)safe_malloc_(0))) { + is_valid_ = false; + return; + } + } + else { + field_value_length_ = entry_.length - field_name_length_ - 1; +- if(0 == (field_value_ = (char *)malloc(field_value_length_ + 1))) { // +1 for the trailing \0 ++ if(0 == (field_value_ = (char *)safe_malloc_add_2op_(field_value_length_, /*+*/1))) { // +1 for the trailing \0 + is_valid_ = false; + return; + } diff --git a/audio/flac/files/patch-src_libFLAC_bitbuffer.c b/audio/flac/files/patch-src_libFLAC_bitbuffer.c new file mode 100644 index 000000000000..6efff9b42108 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_bitbuffer.c @@ -0,0 +1,31 @@ + +$FreeBSD$ + +--- src/libFLAC/bitbuffer.c.orig ++++ src/libFLAC/bitbuffer.c +@@ -35,6 +35,7 @@ + #include "private/bitmath.h" + #include "private/crc.h" + #include "FLAC/assert.h" ++#include "share/alloc.h" + + /* + * Along the way you will see two versions of some functions, selected +@@ -193,7 +194,7 @@ + if(bb->capacity == new_capacity) + return true; + +- new_buffer = (FLAC__blurb*)calloc(new_capacity, sizeof(FLAC__blurb)); ++ new_buffer = (FLAC__blurb*)safe_calloc_(new_capacity, sizeof(FLAC__blurb)); + if(new_buffer == 0) + return false; + memcpy(new_buffer, bb->buffer, sizeof(FLAC__blurb)*min(bb->blurbs+(bb->bits?1:0), new_capacity)); +@@ -425,7 +426,7 @@ + { + if(bb->buffer == 0) { + bb->capacity = FLAC__BITBUFFER_DEFAULT_CAPACITY; +- bb->buffer = (FLAC__blurb*)calloc(bb->capacity, sizeof(FLAC__blurb)); ++ bb->buffer = (FLAC__blurb*)safe_calloc_(bb->capacity, sizeof(FLAC__blurb)); + if(bb->buffer == 0) + return false; + } diff --git a/audio/flac/files/patch-src_libFLAC_file__decoder.c b/audio/flac/files/patch-src_libFLAC_file__decoder.c new file mode 100644 index 000000000000..88138d4b04d1 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_file__decoder.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/libFLAC/file_decoder.c.orig ++++ src/libFLAC/file_decoder.c +@@ -43,6 +43,7 @@ + #include "FLAC/assert.h" + #include "protected/file_decoder.h" + #include "protected/seekable_stream_decoder.h" ++#include "share/alloc.h" + + /*********************************************************************** + * +@@ -248,7 +249,7 @@ + decoder->private_->filename = 0; + } + if(0 != strcmp(value, "-")) { +- if(0 == (decoder->private_->filename = (char*)malloc(strlen(value)+1))) { ++ if(0 == (decoder->private_->filename = (char*)safe_malloc_add_2op_(strlen(value), /*+*/1))) { + decoder->protected_->state = FLAC__FILE_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libFLAC_file__encoder.c b/audio/flac/files/patch-src_libFLAC_file__encoder.c new file mode 100644 index 000000000000..824fc0081f26 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_file__encoder.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/libFLAC/file_encoder.c.orig ++++ src/libFLAC/file_encoder.c +@@ -34,6 +34,7 @@ + #include <string.h> /* for strlen(), strcpy() */ + #include "FLAC/assert.h" + #include "protected/file_encoder.h" ++#include "share/alloc.h" + + #ifdef max + #undef max +@@ -436,7 +437,7 @@ + free(encoder->private_->filename); + encoder->private_->filename = 0; + } +- if(0 == (encoder->private_->filename = (char*)malloc(strlen(value)+1))) { ++ if(0 == (encoder->private_->filename = (char*)safe_malloc_add_2op_(strlen(value), /*+*/1))) { + encoder->protected_->state = FLAC__FILE_ENCODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libFLAC_format.c b/audio/flac/files/patch-src_libFLAC_format.c new file mode 100644 index 000000000000..bbd71f468ad0 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_format.c @@ -0,0 +1,25 @@ + +$FreeBSD$ + +--- src/libFLAC/format.c.orig ++++ src/libFLAC/format.c +@@ -38,6 +38,7 @@ + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include "share/alloc.h" + + #ifdef min + #undef min +@@ -463,9 +464,9 @@ + FLAC__ASSERT(object->capacity_by_order > 0 || (0 == object->parameters && 0 == object->raw_bits)); + + if(object->capacity_by_order < max_partition_order) { +- if(0 == (object->parameters = (unsigned*)realloc(object->parameters, sizeof(unsigned)*(1 << max_partition_order)))) ++ if(0 == (object->parameters = (unsigned*)safe_realloc_mul_2op_(object->parameters, sizeof(unsigned), /*times*/(1 << max_partition_order)))) + return false; +- if(0 == (object->raw_bits = (unsigned*)realloc(object->raw_bits, sizeof(unsigned)*(1 << max_partition_order)))) ++ if(0 == (object->raw_bits = (unsigned*)safe_realloc_mul_2op_(object->raw_bits, sizeof(unsigned), /*times*/(1 << max_partition_order)))) + return false; + object->capacity_by_order = max_partition_order; + } diff --git a/audio/flac/files/patch-src_libFLAC_include_private_md5.h b/audio/flac/files/patch-src_libFLAC_include_private_md5.h new file mode 100644 index 000000000000..5570635a4646 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_include_private_md5.h @@ -0,0 +1,14 @@ + +$FreeBSD$ + +--- src/libFLAC/include/private/md5.h.orig ++++ src/libFLAC/include/private/md5.h +@@ -41,7 +41,7 @@ + FLAC__uint32 bytes[2]; + FLAC__uint32 in[16]; + FLAC__byte *internal_buf; +- unsigned capacity; ++ size_t capacity; + }; + + FLAC_API void FLAC__MD5Init(struct FLAC__MD5Context *context); diff --git a/audio/flac/files/patch-src_libFLAC_md5.c b/audio/flac/files/patch-src_libFLAC_md5.c new file mode 100644 index 000000000000..db1cf692435a --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_md5.c @@ -0,0 +1,35 @@ + +$FreeBSD$ + +--- src/libFLAC/md5.c.orig ++++ src/libFLAC/md5.c +@@ -31,6 +31,7 @@ + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include "share/alloc.h" + + #ifndef FLaC__INLINE + #define FLaC__INLINE +@@ -230,13 +231,19 @@ + unsigned channel, sample, a_byte; + FLAC__int32 a_word; + FLAC__byte *buf_; +- const unsigned bytes_needed = channels * samples * bytes_per_sample; ++ const size_t bytes_needed = (size_t)channels * (size_t)samples * (size_t)bytes_per_sample; ++ ++ /* overflow check */ ++ if((size_t)channels > SIZE_MAX / (size_t)bytes_per_sample) ++ return false; ++ if((size_t)channels * (size_t)bytes_per_sample > SIZE_MAX / (size_t)samples) ++ return false; + + if(ctx->capacity < bytes_needed) { + FLAC__byte *tmp = (FLAC__byte*)realloc(ctx->internal_buf, bytes_needed); + if(0 == tmp) { + free(ctx->internal_buf); +- if(0 == (ctx->internal_buf = (FLAC__byte*)malloc(bytes_needed))) ++ if(0 == (ctx->internal_buf = (FLAC__byte*)safe_malloc_(bytes_needed))) + return false; + } + ctx->internal_buf = tmp; diff --git a/audio/flac/files/patch-src_libFLAC_memory.c b/audio/flac/files/patch-src_libFLAC_memory.c new file mode 100644 index 000000000000..6b0cf93481a9 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_memory.c @@ -0,0 +1,76 @@ + +$FreeBSD$ + +--- src/libFLAC/memory.c.orig ++++ src/libFLAC/memory.c +@@ -35,6 +35,7 @@ + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include "share/alloc.h" + + void *FLAC__memory_alloc_aligned(size_t bytes, void **aligned_address) + { +@@ -44,10 +45,10 @@ + + #ifdef FLAC__ALIGN_MALLOC_DATA + /* align on 32-byte (256-bit) boundary */ +- x = malloc(bytes+31); ++ x = safe_malloc_add_2op_(bytes, /*+*/31); + *aligned_address = (void*)(((unsigned)x + 31) & -32); + #else +- x = malloc(bytes); ++ x = safe_malloc_(bytes); + *aligned_address = x; + #endif + return x; +@@ -66,6 +67,9 @@ + FLAC__ASSERT(0 != aligned_pointer); + FLAC__ASSERT(unaligned_pointer != aligned_pointer); + ++ if((size_t)elements > SIZE_MAX / sizeof(*pu)) /* overflow check */ ++ return false; ++ + pu = (FLAC__int32*)FLAC__memory_alloc_aligned(sizeof(FLAC__int32) * elements, &u.pv); + if(0 == pu) { + return false; +@@ -92,6 +96,9 @@ + FLAC__ASSERT(0 != aligned_pointer); + FLAC__ASSERT(unaligned_pointer != aligned_pointer); + ++ if((size_t)elements > SIZE_MAX / sizeof(*pu)) /* overflow check */ ++ return false; ++ + pu = (FLAC__uint32*)FLAC__memory_alloc_aligned(sizeof(FLAC__uint32) * elements, &u.pv); + if(0 == pu) { + return false; +@@ -118,6 +125,9 @@ + FLAC__ASSERT(0 != aligned_pointer); + FLAC__ASSERT(unaligned_pointer != aligned_pointer); + ++ if((size_t)elements > SIZE_MAX / sizeof(*pu)) /* overflow check */ ++ return false; ++ + pu = (FLAC__uint64*)FLAC__memory_alloc_aligned(sizeof(FLAC__uint64) * elements, &u.pv); + if(0 == pu) { + return false; +@@ -144,6 +154,9 @@ + FLAC__ASSERT(0 != aligned_pointer); + FLAC__ASSERT(unaligned_pointer != aligned_pointer); + ++ if((size_t)elements > SIZE_MAX / sizeof(*pu)) /* overflow check */ ++ return false; ++ + pu = (unsigned*)FLAC__memory_alloc_aligned(sizeof(unsigned) * elements, &u.pv); + if(0 == pu) { + return false; +@@ -171,6 +184,9 @@ + FLAC__ASSERT(0 != unaligned_pointer); + FLAC__ASSERT(0 != aligned_pointer); + FLAC__ASSERT(unaligned_pointer != aligned_pointer); ++ ++ if((size_t)elements > SIZE_MAX / sizeof(*pu)) /* overflow check */ ++ return false; + + pu = (FLAC__real*)FLAC__memory_alloc_aligned(sizeof(FLAC__real) * elements, &u.pv); + if(0 == pu) { diff --git a/audio/flac/files/patch-src_libFLAC_metadata__iterators.c b/audio/flac/files/patch-src_libFLAC_metadata__iterators.c new file mode 100644 index 000000000000..6266b3c07e35 --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_metadata__iterators.c @@ -0,0 +1,67 @@ + +$FreeBSD$ + +--- src/libFLAC/metadata_iterators.c.orig ++++ src/libFLAC/metadata_iterators.c +@@ -48,6 +48,7 @@ + + #include "FLAC/assert.h" + #include "FLAC/file_decoder.h" ++#include "share/alloc.h" + + #ifdef max + #undef max +@@ -1928,7 +1929,7 @@ + block->data = 0; + } + else { +- if(0 == (block->data = (FLAC__byte*)malloc(block_length))) ++ if(0 == (block->data = (FLAC__byte*)safe_malloc_(block_length))) + return FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + + if(read_cb(block->data, 1, block_length, handle) != block_length) +@@ -1949,7 +1950,7 @@ + + if(block->num_points == 0) + block->points = 0; +- else if(0 == (block->points = (FLAC__StreamMetadata_SeekPoint*)malloc(block->num_points * sizeof(FLAC__StreamMetadata_SeekPoint)))) ++ else if(0 == (block->points = (FLAC__StreamMetadata_SeekPoint*)safe_malloc_mul_2op_(block->num_points, /*times*/ sizeof(FLAC__StreamMetadata_SeekPoint)))) + return FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + + for(i = 0; i < block->num_points; i++) { +@@ -1982,7 +1983,7 @@ + entry->entry = 0; + } + else { +- if(0 == (entry->entry = (FLAC__byte*)malloc(entry->length+1))) ++ if(0 == (entry->entry = (FLAC__byte*)safe_malloc_add_2op_(entry->length, /*+*/1))) + return FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + + if(read_cb(entry->entry, 1, entry->length, handle) != entry->length) +@@ -2145,7 +2146,7 @@ + block->data = 0; + } + else { +- if(0 == (block->data = (FLAC__byte*)malloc(block_length))) ++ if(0 == (block->data = (FLAC__byte*)safe_malloc_(block_length))) + return FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + + if(read_cb(block->data, 1, block_length, handle) != block_length) +@@ -2812,7 +2813,7 @@ + { + static const char *tempfile_suffix = ".metadata_edit"; + if(0 == tempfile_path_prefix) { +- if(0 == (*tempfilename = (char*)malloc(strlen(filename) + strlen(tempfile_suffix) + 1))) { ++ if(0 == (*tempfilename = (char*)safe_malloc_add_3op_(strlen(filename), /*+*/strlen(tempfile_suffix), /*+*/1))) { + *status = FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -2826,7 +2827,7 @@ + else + p++; + +- if(0 == (*tempfilename = (char*)malloc(strlen(tempfile_path_prefix) + 1 + strlen(p) + strlen(tempfile_suffix) + 1))) { ++ if(0 == (*tempfilename = (char*)safe_malloc_add_4op_(strlen(tempfile_path_prefix), /*+*/strlen(p), /*+*/strlen(tempfile_suffix), /*+*/2))) { + *status = FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libFLAC_metadata__object.c b/audio/flac/files/patch-src_libFLAC_metadata__object.c new file mode 100644 index 000000000000..c488976fe6bb --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_metadata__object.c @@ -0,0 +1,176 @@ + +$FreeBSD$ + +--- src/libFLAC/metadata_object.c.orig ++++ src/libFLAC/metadata_object.c +@@ -35,6 +35,7 @@ + #include "private/metadata.h" + + #include "FLAC/assert.h" ++#include "share/alloc.h" + + + /**************************************************************************** +@@ -47,7 +48,7 @@ + { + if(bytes > 0 && 0 != from) { + FLAC__byte *x; +- if(0 == (x = (FLAC__byte*)malloc(bytes))) ++ if(0 == (x = (FLAC__byte*)safe_malloc_(bytes))) + return false; + memcpy(x, from, bytes); + *to = x; +@@ -62,7 +63,7 @@ + + static FLAC__bool ensure_null_terminated_(FLAC__byte **entry, unsigned length) + { +- FLAC__byte *x = (FLAC__byte*)realloc(*entry, length+1); ++ FLAC__byte *x = (FLAC__byte*)safe_realloc_add_2op_(*entry, length, /*+*/1); + if(0 != x) { + x[length] = '\0'; + *entry = x; +@@ -82,7 +83,7 @@ + else { + FLAC__byte *x; + FLAC__ASSERT(from->length > 0); +- if(0 == (x = (FLAC__byte*)malloc(from->length+1))) ++ if(0 == (x = (FLAC__byte*)safe_malloc_add_2op_(from->length, /*+*/1))) + return false; + memcpy(x, from->entry, from->length); + x[from->length] = '\0'; +@@ -100,7 +101,7 @@ + else { + FLAC__StreamMetadata_CueSheet_Index *x; + FLAC__ASSERT(from->num_indices > 0); +- if(0 == (x = (FLAC__StreamMetadata_CueSheet_Index*)malloc(from->num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index)))) ++ if(0 == (x = (FLAC__StreamMetadata_CueSheet_Index*)safe_malloc_mul_2op_(from->num_indices, /*times*/sizeof(FLAC__StreamMetadata_CueSheet_Index)))) + return false; + memcpy(x, from->indices, from->num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index)); + to->indices = x; +@@ -122,7 +123,7 @@ + + FLAC__ASSERT(num_points > 0); + +- object_array = (FLAC__StreamMetadata_SeekPoint*)malloc(num_points * sizeof(FLAC__StreamMetadata_SeekPoint)); ++ object_array = (FLAC__StreamMetadata_SeekPoint*)safe_malloc_mul_2op_(num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)); + + if(0 != object_array) { + unsigned i; +@@ -155,7 +156,7 @@ + { + FLAC__ASSERT(num_comments > 0); + +- return (FLAC__StreamMetadata_VorbisComment_Entry*)calloc(num_comments, sizeof(FLAC__StreamMetadata_VorbisComment_Entry)); ++ return (FLAC__StreamMetadata_VorbisComment_Entry*)safe_calloc_(num_comments, sizeof(FLAC__StreamMetadata_VorbisComment_Entry)); + } + + static void vorbiscomment_entry_array_delete_(FLAC__StreamMetadata_VorbisComment_Entry *object_array, unsigned num_comments) +@@ -294,14 +295,14 @@ + { + FLAC__ASSERT(num_indices > 0); + +- return (FLAC__StreamMetadata_CueSheet_Index*)calloc(num_indices, sizeof(FLAC__StreamMetadata_CueSheet_Index)); ++ return (FLAC__StreamMetadata_CueSheet_Index*)safe_calloc_(num_indices, sizeof(FLAC__StreamMetadata_CueSheet_Index)); + } + + static FLAC__StreamMetadata_CueSheet_Track *cuesheet_track_array_new_(unsigned num_tracks) + { + FLAC__ASSERT(num_tracks > 0); + +- return (FLAC__StreamMetadata_CueSheet_Track*)calloc(num_tracks, sizeof(FLAC__StreamMetadata_CueSheet_Track)); ++ return (FLAC__StreamMetadata_CueSheet_Track*)safe_calloc_(num_tracks, sizeof(FLAC__StreamMetadata_CueSheet_Track)); + } + + static void cuesheet_track_array_delete_(FLAC__StreamMetadata_CueSheet_Track *object_array, unsigned num_tracks) +@@ -462,6 +463,10 @@ + break; + case FLAC__METADATA_TYPE_SEEKTABLE: + to->data.seek_table.num_points = object->data.seek_table.num_points; ++ if(to->data.seek_table.num_points > SIZE_MAX / sizeof(FLAC__StreamMetadata_SeekPoint)) { /* overflow check */ ++ FLAC__metadata_object_delete(to); ++ return 0; ++ } + if(!copy_bytes_((FLAC__byte**)&to->data.seek_table.points, (FLAC__byte*)object->data.seek_table.points, object->data.seek_table.num_points * sizeof(FLAC__StreamMetadata_SeekPoint))) { + FLAC__metadata_object_delete(to); + return 0; +@@ -788,8 +793,12 @@ + return false; + } + else { +- const unsigned old_size = object->data.seek_table.num_points * sizeof(FLAC__StreamMetadata_SeekPoint); +- const unsigned new_size = new_num_points * sizeof(FLAC__StreamMetadata_SeekPoint); ++ const size_t old_size = object->data.seek_table.num_points * sizeof(FLAC__StreamMetadata_SeekPoint); ++ const size_t new_size = new_num_points * sizeof(FLAC__StreamMetadata_SeekPoint); ++ ++ /* overflow check */ ++ if((size_t)new_num_points > SIZE_MAX / sizeof(FLAC__StreamMetadata_SeekPoint)) ++ return false; + + FLAC__ASSERT(object->data.seek_table.num_points > 0); + +@@ -982,8 +991,12 @@ + return false; + } + else { +- const unsigned old_size = object->data.vorbis_comment.num_comments * sizeof(FLAC__StreamMetadata_VorbisComment_Entry); +- const unsigned new_size = new_num_comments * sizeof(FLAC__StreamMetadata_VorbisComment_Entry); ++ const size_t old_size = object->data.vorbis_comment.num_comments * sizeof(FLAC__StreamMetadata_VorbisComment_Entry); ++ const size_t new_size = new_num_comments * sizeof(FLAC__StreamMetadata_VorbisComment_Entry); ++ ++ /* overflow check */ ++ if((size_t)new_num_comments > SIZE_MAX / sizeof(FLAC__StreamMetadata_VorbisComment_Entry)) ++ return false; + + FLAC__ASSERT(object->data.vorbis_comment.num_comments > 0); + +@@ -1131,7 +1144,7 @@ + const size_t nn = strlen(field_name); + const size_t nv = strlen(field_value); + entry->length = nn + 1 /*=*/ + nv; +- if(0 == (entry->entry = (FLAC__byte*)malloc(entry->length+1))) ++ if(0 == (entry->entry = (FLAC__byte*)safe_malloc_add_2op_(entry->length, /*+*/1))) + return false; + memcpy(entry->entry, field_name, nn); + entry->entry[nn] = '='; +@@ -1158,9 +1171,9 @@ + FLAC__ASSERT(0 != eq); + if(0 == eq) + return false; /* double protection */ +- if(0 == (*field_name = (char*)malloc(nn+1))) ++ if(0 == (*field_name = (char*)safe_malloc_add_2op_(nn, /*+*/1))) + return false; +- if(0 == (*field_value = (char*)malloc(nv+1))) { ++ if(0 == (*field_value = (char*)safe_malloc_add_2op_(nv, /*+*/1))) { + free(*field_name); + return false; + } +@@ -1290,8 +1303,12 @@ + return false; + } + else { +- const unsigned old_size = track->num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index); +- const unsigned new_size = new_num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index); ++ const size_t old_size = track->num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index); ++ const size_t new_size = new_num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index); ++ ++ /* overflow check */ ++ if((size_t)new_num_indices > SIZE_MAX / sizeof(FLAC__StreamMetadata_CueSheet_Index)) ++ return false; + + FLAC__ASSERT(track->num_indices > 0); + +@@ -1374,8 +1391,12 @@ + return false; + } + else { +- const unsigned old_size = object->data.cue_sheet.num_tracks * sizeof(FLAC__StreamMetadata_CueSheet_Track); +- const unsigned new_size = new_num_tracks * sizeof(FLAC__StreamMetadata_CueSheet_Track); ++ const size_t old_size = object->data.cue_sheet.num_tracks * sizeof(FLAC__StreamMetadata_CueSheet_Track); ++ const size_t new_size = new_num_tracks * sizeof(FLAC__StreamMetadata_CueSheet_Track); ++ ++ /* overflow check */ ++ if((size_t)new_num_tracks > SIZE_MAX / sizeof(FLAC__StreamMetadata_CueSheet_Track)) ++ return false; + + FLAC__ASSERT(object->data.cue_sheet.num_tracks > 0); + diff --git a/audio/flac/files/patch-src_libFLAC_stream__decoder.c b/audio/flac/files/patch-src_libFLAC_stream__decoder.c new file mode 100644 index 000000000000..dfbfa72fb5bb --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_stream__decoder.c @@ -0,0 +1,121 @@ + +$FreeBSD$ + +--- src/libFLAC/stream_decoder.c.orig ++++ src/libFLAC/stream_decoder.c +@@ -46,6 +46,7 @@ + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include "share/alloc.h" + + #ifdef max + #undef max +@@ -214,7 +215,7 @@ + } + + decoder->private_->metadata_filter_ids_capacity = 16; +- if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)malloc((FLAC__STREAM_METADATA_APPLICATION_ID_LEN/8) * decoder->private_->metadata_filter_ids_capacity))) { ++ if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)safe_malloc_mul_2op_((FLAC__STREAM_METADATA_APPLICATION_ID_LEN/8), /*times*/decoder->private_->metadata_filter_ids_capacity))) { + FLAC__bitbuffer_delete(decoder->private_->input); + free(decoder->private_); + free(decoder->protected_); +@@ -455,7 +456,7 @@ + FLAC__ASSERT(0 != decoder->private_->metadata_filter_ids); + + if(decoder->private_->metadata_filter_ids_count == decoder->private_->metadata_filter_ids_capacity) { +- if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)realloc(decoder->private_->metadata_filter_ids, decoder->private_->metadata_filter_ids_capacity * 2))) ++ if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)safe_realloc_mul_2op_(decoder->private_->metadata_filter_ids, decoder->private_->metadata_filter_ids_capacity, /*times*/2))) + return decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + decoder->private_->metadata_filter_ids_capacity *= 2; + } +@@ -512,7 +513,7 @@ + FLAC__ASSERT(0 != decoder->private_->metadata_filter_ids); + + if(decoder->private_->metadata_filter_ids_count == decoder->private_->metadata_filter_ids_capacity) { +- if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)realloc(decoder->private_->metadata_filter_ids, decoder->private_->metadata_filter_ids_capacity * 2))) ++ if(0 == (decoder->private_->metadata_filter_ids = (FLAC__byte*)safe_realloc_mul_2op_(decoder->private_->metadata_filter_ids, decoder->private_->metadata_filter_ids_capacity, /*times*/2))) + return decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + decoder->private_->metadata_filter_ids_capacity *= 2; + } +@@ -804,7 +805,7 @@ + * (at negative indices) for alignment purposes; we use 4 + * to keep the data well-aligned. + */ +- tmp = (FLAC__int32*)malloc(sizeof(FLAC__int32)*(size+4)); ++ tmp = (FLAC__int32*)safe_malloc_mul_2op_(sizeof(FLAC__int32), /*times*/(size+4)); + if(tmp == 0) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; +@@ -967,7 +968,7 @@ + case FLAC__METADATA_TYPE_APPLICATION: + /* remember, we read the ID already */ + if(real_length > 0) { +- if(0 == (block.data.application.data = (FLAC__byte*)malloc(real_length))) { ++ if(0 == (block.data.application.data = (FLAC__byte*)safe_malloc_(real_length))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -991,7 +992,7 @@ + break; + default: + if(real_length > 0) { +- if(0 == (block.data.unknown.data = (FLAC__byte*)malloc(real_length))) { ++ if(0 == (block.data.unknown.data = (FLAC__byte*)safe_malloc_(real_length))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1132,7 +1133,7 @@ + decoder->private_->seek_table.data.seek_table.num_points = length / FLAC__STREAM_METADATA_SEEKPOINT_LENGTH; + + /* use realloc since we may pass through here several times (e.g. after seeking) */ +- if(0 == (decoder->private_->seek_table.data.seek_table.points = (FLAC__StreamMetadata_SeekPoint*)realloc(decoder->private_->seek_table.data.seek_table.points, decoder->private_->seek_table.data.seek_table.num_points * sizeof(FLAC__StreamMetadata_SeekPoint)))) { ++ if(0 == (decoder->private_->seek_table.data.seek_table.points = (FLAC__StreamMetadata_SeekPoint*)safe_realloc_mul_2op_(decoder->private_->seek_table.data.seek_table.points, decoder->private_->seek_table.data.seek_table.num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1171,7 +1172,7 @@ + if(!FLAC__bitbuffer_read_raw_uint32_little_endian(decoder->private_->input, &obj->vendor_string.length, read_callback_, decoder)) + return false; /* the read_callback_ sets the state for us */ + if(obj->vendor_string.length > 0) { +- if(0 == (obj->vendor_string.entry = (FLAC__byte*)malloc(obj->vendor_string.length+1))) { ++ if(0 == (obj->vendor_string.entry = (FLAC__byte*)safe_malloc_add_2op_(obj->vendor_string.length, /*+*/1))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1189,7 +1190,7 @@ + + /* read comments */ + if(obj->num_comments > 0) { +- if(0 == (obj->comments = (FLAC__StreamMetadata_VorbisComment_Entry*)malloc(obj->num_comments * sizeof(FLAC__StreamMetadata_VorbisComment_Entry)))) { ++ if(0 == (obj->comments = (FLAC__StreamMetadata_VorbisComment_Entry*)safe_malloc_mul_2op_(obj->num_comments, /*times*/sizeof(FLAC__StreamMetadata_VorbisComment_Entry)))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1198,7 +1199,7 @@ + if(!FLAC__bitbuffer_read_raw_uint32_little_endian(decoder->private_->input, &obj->comments[i].length, read_callback_, decoder)) + return false; /* the read_callback_ sets the state for us */ + if(obj->comments[i].length > 0) { +- if(0 == (obj->comments[i].entry = (FLAC__byte*)malloc(obj->comments[i].length+1))) { ++ if(0 == (obj->comments[i].entry = (FLAC__byte*)safe_malloc_add_2op_(obj->comments[i].length, /*+*/1))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1244,7 +1245,7 @@ + obj->num_tracks = x; + + if(obj->num_tracks > 0) { +- if(0 == (obj->tracks = (FLAC__StreamMetadata_CueSheet_Track*)calloc(obj->num_tracks, sizeof(FLAC__StreamMetadata_CueSheet_Track)))) { ++ if(0 == (obj->tracks = (FLAC__StreamMetadata_CueSheet_Track*)safe_calloc_(obj->num_tracks, sizeof(FLAC__StreamMetadata_CueSheet_Track)))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -1277,7 +1278,7 @@ + track->num_indices = (FLAC__byte)x; + + if(track->num_indices > 0) { +- if(0 == (track->indices = (FLAC__StreamMetadata_CueSheet_Index*)calloc(track->num_indices, sizeof(FLAC__StreamMetadata_CueSheet_Index)))) { ++ if(0 == (track->indices = (FLAC__StreamMetadata_CueSheet_Index*)safe_calloc_(track->num_indices, sizeof(FLAC__StreamMetadata_CueSheet_Index)))) { + decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libFLAC_stream__encoder.c b/audio/flac/files/patch-src_libFLAC_stream__encoder.c new file mode 100644 index 000000000000..2bbfd294dafd --- /dev/null +++ b/audio/flac/files/patch-src_libFLAC_stream__encoder.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/libFLAC/stream_encoder.c.orig ++++ src/libFLAC/stream_encoder.c +@@ -50,6 +50,7 @@ + #ifdef HAVE_CONFIG_H + #include <config.h> + #endif ++#include "share/alloc.h" + + #ifdef min + #undef min +@@ -836,7 +837,7 @@ + */ + encoder->private_->verify.input_fifo.size = encoder->protected_->blocksize; + for(i = 0; i < encoder->protected_->channels; i++) { +- if(0 == (encoder->private_->verify.input_fifo.data[i] = (FLAC__int32*)malloc(sizeof(FLAC__int32) * encoder->private_->verify.input_fifo.size))) ++ if(0 == (encoder->private_->verify.input_fifo.data[i] = (FLAC__int32*)safe_malloc_mul_2op_(sizeof(FLAC__int32), /*times*/encoder->private_->verify.input_fifo.size))) + return encoder->protected_->state = FLAC__STREAM_ENCODER_MEMORY_ALLOCATION_ERROR; + } + encoder->private_->verify.input_fifo.tail = 0; diff --git a/audio/flac/files/patch-src_libOggFLAC_file__decoder.c b/audio/flac/files/patch-src_libOggFLAC_file__decoder.c new file mode 100644 index 000000000000..213336bb84a6 --- /dev/null +++ b/audio/flac/files/patch-src_libOggFLAC_file__decoder.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/libOggFLAC/file_decoder.c.orig ++++ src/libOggFLAC/file_decoder.c +@@ -43,6 +43,7 @@ + #include "FLAC/assert.h" + #include "protected/file_decoder.h" + #include "protected/seekable_stream_decoder.h" ++#include "share/alloc.h" + + /*********************************************************************** + * +@@ -248,7 +249,7 @@ + decoder->private_->filename = 0; + } + if(0 != strcmp(value, "-")) { +- if(0 == (decoder->private_->filename = (char*)malloc(strlen(value)+1))) { ++ if(0 == (decoder->private_->filename = (char*)safe_malloc_add_2op_(strlen(value), /*+*/1))) { + decoder->protected_->state = OggFLAC__FILE_DECODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libOggFLAC_file__encoder.c b/audio/flac/files/patch-src_libOggFLAC_file__encoder.c new file mode 100644 index 000000000000..3c035a88109b --- /dev/null +++ b/audio/flac/files/patch-src_libOggFLAC_file__encoder.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/libOggFLAC/file_encoder.c.orig ++++ src/libOggFLAC/file_encoder.c +@@ -35,6 +35,7 @@ + #include "FLAC/assert.h" + #include "OggFLAC/seekable_stream_encoder.h" + #include "protected/file_encoder.h" ++#include "share/alloc.h" + + #ifdef max + #undef max +@@ -450,7 +451,7 @@ + free(encoder->private_->filename); + encoder->private_->filename = 0; + } +- if(0 == (encoder->private_->filename = (char*)malloc(strlen(value)+1))) { ++ if(0 == (encoder->private_->filename = (char*)safe_malloc_add_2op_(strlen(value), /*+*/1))) { + encoder->protected_->state = OggFLAC__FILE_ENCODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_libOggFLAC_ogg__helper.c b/audio/flac/files/patch-src_libOggFLAC_ogg__helper.c new file mode 100644 index 000000000000..d843825582b2 --- /dev/null +++ b/audio/flac/files/patch-src_libOggFLAC_ogg__helper.c @@ -0,0 +1,31 @@ + +$FreeBSD$ + +--- src/libOggFLAC/ogg_helper.c.orig ++++ src/libOggFLAC/ogg_helper.c +@@ -34,6 +34,7 @@ + #include "FLAC/assert.h" + #include "private/ogg_helper.h" + #include "protected/seekable_stream_encoder.h" ++#include "share/alloc.h" + + + static FLAC__bool full_read_(OggFLAC__SeekableStreamEncoder *encoder, FLAC__byte *buffer, unsigned bytes, OggFLAC__SeekableStreamEncoderReadCallback read_callback, void *client_data) +@@ -102,7 +103,7 @@ + } + + /* allocate space for the page header */ +- if(0 == (page->header = (unsigned char *)malloc(OGG_MAX_HEADER_LEN))) { ++ if(0 == (page->header = (unsigned char *)safe_malloc_(OGG_MAX_HEADER_LEN))) { + encoder->protected_->state = OggFLAC__SEEKABLE_STREAM_ENCODER_MEMORY_ALLOCATION_ERROR; + return false; + } +@@ -144,7 +145,7 @@ + } + + /* allocate space for the page body */ +- if(0 == (page->body = (unsigned char *)malloc(page->body_len))) { ++ if(0 == (page->body = (unsigned char *)safe_malloc_(page->body_len))) { + encoder->protected_->state = OggFLAC__SEEKABLE_STREAM_ENCODER_MEMORY_ALLOCATION_ERROR; + return false; + } diff --git a/audio/flac/files/patch-src_metaflac_operations.c b/audio/flac/files/patch-src_metaflac_operations.c new file mode 100644 index 000000000000..4bc7e111e987 --- /dev/null +++ b/audio/flac/files/patch-src_metaflac_operations.c @@ -0,0 +1,24 @@ + +$FreeBSD$ + +--- src/metaflac/operations.c.orig ++++ src/metaflac/operations.c +@@ -21,6 +21,7 @@ + #include "utils.h" + #include "FLAC/assert.h" + #include "FLAC/metadata.h" ++#include "share/alloc.h" + #include "share/grabbag.h" + #include <stdio.h> + #include <stdlib.h> +@@ -430,8 +431,8 @@ + } + + if( +- 0 == (title_gains = (float*)malloc(sizeof(float) * num_files)) || +- 0 == (title_peaks = (float*)malloc(sizeof(float) * num_files)) ++ 0 == (title_gains = (float*)safe_malloc_mul_2op_(sizeof(float), /*times*/num_files)) || ++ 0 == (title_peaks = (float*)safe_malloc_mul_2op_(sizeof(float), /*times*/num_files)) + ) + die("out of memory allocating space for title gains/peaks"); + diff --git a/audio/flac/files/patch-src_metaflac_options.c b/audio/flac/files/patch-src_metaflac_options.c new file mode 100644 index 000000000000..5777d634331b --- /dev/null +++ b/audio/flac/files/patch-src_metaflac_options.c @@ -0,0 +1,66 @@ + +$FreeBSD$ + +--- src/metaflac/options.c.orig ++++ src/metaflac/options.c +@@ -20,6 +20,7 @@ + #include "usage.h" + #include "utils.h" + #include "FLAC/assert.h" ++#include "share/alloc.h" + #include <ctype.h> + #include <stdio.h> + #include <stdlib.h> +@@ -183,7 +184,7 @@ + + if(options->num_files > 0) { + unsigned i = 0; +- if(0 == (options->filenames = (char**)malloc(sizeof(char*) * options->num_files))) ++ if(0 == (options->filenames = (char**)safe_malloc_mul_2op_(sizeof(char*), /*times*/options->num_files))) + die("out of memory allocating space for file names list"); + while(share__optind < argc) + options->filenames[i++] = local_strdup(argv[share__optind++]); +@@ -661,8 +662,10 @@ + } + if(options->ops.capacity <= options->ops.num_operations) { + unsigned original_capacity = options->ops.capacity; +- options->ops.capacity *= 4; +- if(0 == (options->ops.operations = (Operation*)realloc(options->ops.operations, sizeof(Operation) * options->ops.capacity))) ++ if(options->ops.capacity > SIZE_MAX / 2) /* overflow check */ ++ die("out of memory allocating space for option list"); ++ options->ops.capacity *= 2; ++ if(0 == (options->ops.operations = (Operation*)safe_realloc_mul_2op_(options->ops.operations, sizeof(Operation), /*times*/options->ops.capacity))) + die("out of memory allocating space for option list"); + memset(options->ops.operations + original_capacity, 0, sizeof(Operation) * (options->ops.capacity - original_capacity)); + } +@@ -680,8 +683,10 @@ + } + if(options->args.capacity <= options->args.num_arguments) { + unsigned original_capacity = options->args.capacity; +- options->args.capacity *= 4; +- if(0 == (options->args.arguments = (Argument*)realloc(options->args.arguments, sizeof(Argument) * options->args.capacity))) ++ if(options->args.capacity > SIZE_MAX / 2) /* overflow check */ ++ die("out of memory allocating space for option list"); ++ options->args.capacity *= 2; ++ if(0 == (options->args.arguments = (Argument*)safe_realloc_mul_2op_(options->args.arguments, sizeof(Argument), /*times*/options->args.capacity))) + die("out of memory allocating space for option list"); + memset(options->args.arguments + original_capacity, 0, sizeof(Argument) * (options->args.capacity - original_capacity)); + } +@@ -897,7 +902,7 @@ + + /* make space */ + FLAC__ASSERT(out->num_entries > 0); +- if(0 == (out->entries = (unsigned*)malloc(sizeof(unsigned) * out->num_entries))) ++ if(0 == (out->entries = (unsigned*)safe_malloc_mul_2op_(sizeof(unsigned), /*times*/out->num_entries))) + die("out of memory allocating space for option list"); + + /* load 'em up */ +@@ -936,7 +941,7 @@ + + /* make space */ + FLAC__ASSERT(out->num_entries > 0); +- if(0 == (out->entries = (Argument_BlockTypeEntry*)malloc(sizeof(Argument_BlockTypeEntry) * out->num_entries))) ++ if(0 == (out->entries = (Argument_BlockTypeEntry*)safe_malloc_mul_2op_(sizeof(Argument_BlockTypeEntry), /*times*/out->num_entries))) + die("out of memory allocating space for option list"); + + /* load 'em up */ diff --git a/audio/flac/files/patch-src_metaflac_utils.c b/audio/flac/files/patch-src_metaflac_utils.c new file mode 100644 index 000000000000..eab7b132ff03 --- /dev/null +++ b/audio/flac/files/patch-src_metaflac_utils.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/metaflac/utils.c.orig ++++ src/metaflac/utils.c +@@ -18,6 +18,7 @@ + + #include "utils.h" + #include "FLAC/assert.h" ++#include "share/alloc.h" + #include "share/utf8.h" + #include <ctype.h> + #include <stdarg.h> +@@ -64,7 +65,7 @@ + if(nsource == 0) + return; + +- *dest = (char*)realloc(*dest, ndest + nsource + 1); ++ *dest = (char*)safe_realloc_add_3op_(*dest, ndest, /*+*/nsource, /*+*/1); + if(0 == *dest) + die("out of memory growing string"); + strcpy((*dest)+ndest, source); diff --git a/audio/flac/files/patch-src_plugin__common_charset.c b/audio/flac/files/patch-src_plugin__common_charset.c new file mode 100644 index 000000000000..ec73bd8e3042 --- /dev/null +++ b/audio/flac/files/patch-src_plugin__common_charset.c @@ -0,0 +1,25 @@ + +$FreeBSD$ + +--- src/plugin_common/charset.c.orig ++++ src/plugin_common/charset.c +@@ -83,6 +83,8 @@ + /* Due to a GLIBC bug, round outbuf_size up to a multiple of 4 */ + /* + 1 for nul in case len == 1 */ + outsize = ((length + 3) & ~3) + 1; ++ if(outsize < length) /* overflow check */ ++ return NULL; + out = (char*)malloc(outsize); + outleft = outsize - 1; + outptr = out; +@@ -95,6 +97,10 @@ + { + case E2BIG: + used = outptr - out; ++ if((outsize - 1) * 2 + 1 <= outsize) { /* overflow check */ ++ free(out); ++ return NULL; ++ } + outsize = (outsize - 1) * 2 + 1; + out = realloc(out, outsize); + outptr = out + used; diff --git a/audio/flac/files/patch-src_plugin__common_tags.c b/audio/flac/files/patch-src_plugin__common_tags.c new file mode 100644 index 000000000000..1439821d2f77 --- /dev/null +++ b/audio/flac/files/patch-src_plugin__common_tags.c @@ -0,0 +1,59 @@ + +$FreeBSD$ + +--- src/plugin_common/tags.c.orig ++++ src/plugin_common/tags.c +@@ -23,6 +23,7 @@ + #include "tags.h" + #include "FLAC/assert.h" + #include "FLAC/metadata.h" ++#include "share/alloc.h" + + + static __inline unsigned local__wide_strlen(const FLAC__uint16 *s) +@@ -82,7 +83,7 @@ + } + + /* allocate */ +- out = (FLAC__uint16*)malloc(chars * sizeof(FLAC__uint16)); ++ out = (FLAC__uint16*)safe_malloc_mul_2op_(chars, /*times*/sizeof(FLAC__uint16)); + if (0 == out) { + FLAC__ASSERT(0); + return 0; +@@ -130,19 +131,23 @@ + static char *local__convert_ucs2_to_utf8(const FLAC__uint16 *src, unsigned length) + { + char *out; +- unsigned len = 0; ++ unsigned len = 0, n; + + FLAC__ASSERT(0 != src); + + /* calculate length */ + { + unsigned i; +- for (i = 0; i < length; i++) +- len += local__ucs2len(src[i]); ++ for (i = 0; i < length; i++) { ++ n += local__ucs2len(src[i]); ++ if(len + n < len) /* overflow check */ ++ return 0; ++ len += n; ++ } + } + + /* allocate */ +- out = (char*)malloc(len * sizeof(char)); ++ out = (char*)safe_malloc_mul_2op_(len, /*times*/sizeof(char)); + if (0 == out) + return 0; + +@@ -265,7 +270,7 @@ + const size_t value_len = strlen(value); + const size_t separator_len = strlen(separator); + FLAC__byte *new_entry; +- if(0 == (new_entry = (FLAC__byte*)realloc(entry->entry, entry->length + value_len + separator_len + 1))) ++ if(0 == (new_entry = (FLAC__byte*)safe_realloc_add_4op_(entry->entry, entry->length, /*+*/value_len, /*+*/separator_len, /*+*/1))) + return false; + memcpy(new_entry+entry->length, separator, separator_len); + entry->length += separator_len; diff --git a/audio/flac/files/patch-src_share_utf8_charset.c b/audio/flac/files/patch-src_share_utf8_charset.c new file mode 100644 index 000000000000..109f3c8afafb --- /dev/null +++ b/audio/flac/files/patch-src_share_utf8_charset.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/share/utf8/charset.c.orig ++++ src/share/utf8/charset.c +@@ -35,6 +35,7 @@ + + #include <stdlib.h> + ++#include "share/alloc.h" + #include "charset.h" + + #include "charmaps.h" +@@ -492,7 +493,7 @@ + if (!charset1 || !charset2 ) + return -1; + +- tobuf = (char *)malloc(fromlen * charset2->max + 1); ++ tobuf = (char *)safe_malloc_mul2add_(fromlen, /*times*/charset2->max, /*+*/1); + if (!tobuf) + return -2; + diff --git a/audio/flac/files/patch-src_share_utf8_iconvert.c b/audio/flac/files/patch-src_share_utf8_iconvert.c new file mode 100644 index 000000000000..755f1eaabd39 --- /dev/null +++ b/audio/flac/files/patch-src_share_utf8_iconvert.c @@ -0,0 +1,49 @@ + +$FreeBSD$ + +--- src/share/utf8/iconvert.c.orig ++++ src/share/utf8/iconvert.c +@@ -27,6 +27,7 @@ + #include <iconv.h> + #include <stdlib.h> + #include <string.h> ++#include "share/alloc.h" + + /* + * Convert data from one encoding to another. Return: +@@ -79,7 +80,7 @@ + * This is deliberately not a config option as people often + * change their iconv library without rebuilding applications. + */ +- tocode1 = (char *)malloc(strlen(tocode) + 11); ++ tocode1 = (char *)safe_malloc_add_2op_(strlen(tocode), /*+*/11); + if (!tocode1) + goto fail; + +@@ -117,6 +118,8 @@ + break; + if (obl < 6) { + /* Enlarge the buffer */ ++ if(utflen*2 < utflen) /* overflow check */ ++ goto fail; + utflen *= 2; + newbuf = (char *)realloc(utfbuf, utflen); + if (!newbuf) +@@ -143,7 +146,7 @@ + iconv_close(cd1); + return ret; + } +- newbuf = (char *)realloc(utfbuf, (ob - utfbuf) + 1); ++ newbuf = (char *)safe_realloc_add_2op_(utfbuf, (ob - utfbuf), /*+*/1); + if (!newbuf) + goto fail; + ob = (ob - utfbuf) + newbuf; +@@ -194,7 +197,7 @@ + outlen += ob - tbuf; + + /* Convert from UTF-8 for real */ +- outbuf = (char *)malloc(outlen + 1); ++ outbuf = (char *)safe_malloc_add_2op_(outlen, /*+*/1); + if (!outbuf) + goto fail; + ib = utfbuf; diff --git a/audio/flac/files/patch-src_share_utf8_utf8.c b/audio/flac/files/patch-src_share_utf8_utf8.c new file mode 100644 index 000000000000..ecb45334861a --- /dev/null +++ b/audio/flac/files/patch-src_share_utf8_utf8.c @@ -0,0 +1,72 @@ + +$FreeBSD$ + +--- src/share/utf8/utf8.c.orig ++++ src/share/utf8/utf8.c +@@ -28,6 +28,7 @@ + #include <config.h> + #endif + ++#include "share/alloc.h" + #include "utf8.h" + #include "charset.h" + +@@ -57,10 +58,13 @@ + } else { + size += 3; + } ++ if(size+n < size) /* overflow check */ ++ return NULL; ++ size += n; + c = unicode[index++]; + } + +- out = malloc(size + 1); ++ out = safe_malloc_add_2op_(size, /*+*/1); + if (out == NULL) + return NULL; + index = 0; +@@ -101,11 +105,15 @@ + } else { + index += 1; + } ++ if(size + 1 == 0) /* overflow check */ ++ return NULL; + size += 1; + c = utf8[index++]; + } + +- out = malloc((size + 1) * sizeof(wchar_t)); ++ if(size + 1 == 0) /* overflow check */ ++ return NULL; ++ out = safe_malloc_mul_2op_((size + 1), /*times*/sizeof(wchar_t)); + if (out == NULL) + return NULL; + index = 0; +@@ -147,7 +155,7 @@ + return -1; + } + +- unicode = calloc(wchars + 1, sizeof(unsigned short)); ++ unicode = safe_calloc_(wchars + 1, sizeof(unsigned short)); + if(unicode == NULL) + { + fprintf(stderr, "Out of memory processing string to UTF8\n"); +@@ -197,7 +205,7 @@ + return -1; + } + +- *to = calloc(chars + 1, sizeof(unsigned char)); ++ *to = safe_calloc_(chars + 1, sizeof(unsigned char)); + if(*to == NULL) + { + fprintf(stderr, "Out of memory processing string to local charset\n"); +@@ -285,7 +293,7 @@ + if (ret != -1) + return ret; + +- s = malloc(fromlen + 1); ++ s = safe_malloc_add_2op_(fromlen, /*+*/1); + if (!s) + return -1; + strcpy(s, from); diff --git a/audio/xmms-flac/Makefile b/audio/xmms-flac/Makefile index 066bebc3236d..e8643e5c269a 100644 --- a/audio/xmms-flac/Makefile +++ b/audio/xmms-flac/Makefile @@ -7,11 +7,14 @@ PORTNAME= xmms-flac PORTVERSION= 1.1.2 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= audio -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= flac +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:S/$/:sf/} \ + ${MASTER_SITE_LOCAL:S/$/:local/} +MASTER_SITE_SUBDIR= flac/:sf naddy/:local DISTNAME= flac-${PORTVERSION} +DISTFILES= ${EXTRACT_ONLY}:sf flac-alloc.h:local +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= naddy@FreeBSD.org COMMENT= XMMS input plugin for playing FLAC files @@ -28,6 +31,9 @@ MAKE_ARGS= LIBTOOL="${LIBTOOL} --tag=disable-static" MAKE_ENV= MAKEOBJDIR=/nonexistent # ignore ${WRKSRC}/obj MAKEFILE= ${FILESDIR}/Makefile +post-extract: + @${CP} ${DISTDIR}/flac-alloc.h ${WRKSRC}/include/share/alloc.h + # XXX post-install: ${RM} ${PREFIX}/lib/xmms/Input/libxmms-flac.la diff --git a/audio/xmms-flac/distinfo b/audio/xmms-flac/distinfo index c6618ce633a8..0928ac572faf 100644 --- a/audio/xmms-flac/distinfo +++ b/audio/xmms-flac/distinfo @@ -1,3 +1,6 @@ MD5 (flac-1.1.2.tar.gz) = 2bfc127cdda02834d0491ab531a20960 SHA256 (flac-1.1.2.tar.gz) = ce4f7d11b3c04a7368c916ca4abc284dd0c0256f461dfb7f07df1ab445e7a5c0 SIZE (flac-1.1.2.tar.gz) = 1516235 +MD5 (flac-alloc.h) = 08891390039e2aee9bd4335f784467db +SHA256 (flac-alloc.h) = da40afc663e5b3fe6dccd1a0f1c218b7ec02d3699d72b41d6978696896d7df98 +SIZE (flac-alloc.h) = 5697 diff --git a/audio/xmms-flac/files/patch-src_plugin__common_charset.c b/audio/xmms-flac/files/patch-src_plugin__common_charset.c new file mode 100644 index 000000000000..ec73bd8e3042 --- /dev/null +++ b/audio/xmms-flac/files/patch-src_plugin__common_charset.c @@ -0,0 +1,25 @@ + +$FreeBSD$ + +--- src/plugin_common/charset.c.orig ++++ src/plugin_common/charset.c +@@ -83,6 +83,8 @@ + /* Due to a GLIBC bug, round outbuf_size up to a multiple of 4 */ + /* + 1 for nul in case len == 1 */ + outsize = ((length + 3) & ~3) + 1; ++ if(outsize < length) /* overflow check */ ++ return NULL; + out = (char*)malloc(outsize); + outleft = outsize - 1; + outptr = out; +@@ -95,6 +97,10 @@ + { + case E2BIG: + used = outptr - out; ++ if((outsize - 1) * 2 + 1 <= outsize) { /* overflow check */ ++ free(out); ++ return NULL; ++ } + outsize = (outsize - 1) * 2 + 1; + out = realloc(out, outsize); + outptr = out + used; diff --git a/audio/xmms-flac/files/patch-src_plugin__common_tags.c b/audio/xmms-flac/files/patch-src_plugin__common_tags.c new file mode 100644 index 000000000000..1439821d2f77 --- /dev/null +++ b/audio/xmms-flac/files/patch-src_plugin__common_tags.c @@ -0,0 +1,59 @@ + +$FreeBSD$ + +--- src/plugin_common/tags.c.orig ++++ src/plugin_common/tags.c +@@ -23,6 +23,7 @@ + #include "tags.h" + #include "FLAC/assert.h" + #include "FLAC/metadata.h" ++#include "share/alloc.h" + + + static __inline unsigned local__wide_strlen(const FLAC__uint16 *s) +@@ -82,7 +83,7 @@ + } + + /* allocate */ +- out = (FLAC__uint16*)malloc(chars * sizeof(FLAC__uint16)); ++ out = (FLAC__uint16*)safe_malloc_mul_2op_(chars, /*times*/sizeof(FLAC__uint16)); + if (0 == out) { + FLAC__ASSERT(0); + return 0; +@@ -130,19 +131,23 @@ + static char *local__convert_ucs2_to_utf8(const FLAC__uint16 *src, unsigned length) + { + char *out; +- unsigned len = 0; ++ unsigned len = 0, n; + + FLAC__ASSERT(0 != src); + + /* calculate length */ + { + unsigned i; +- for (i = 0; i < length; i++) +- len += local__ucs2len(src[i]); ++ for (i = 0; i < length; i++) { ++ n += local__ucs2len(src[i]); ++ if(len + n < len) /* overflow check */ ++ return 0; ++ len += n; ++ } + } + + /* allocate */ +- out = (char*)malloc(len * sizeof(char)); ++ out = (char*)safe_malloc_mul_2op_(len, /*times*/sizeof(char)); + if (0 == out) + return 0; + +@@ -265,7 +270,7 @@ + const size_t value_len = strlen(value); + const size_t separator_len = strlen(separator); + FLAC__byte *new_entry; +- if(0 == (new_entry = (FLAC__byte*)realloc(entry->entry, entry->length + value_len + separator_len + 1))) ++ if(0 == (new_entry = (FLAC__byte*)safe_realloc_add_4op_(entry->entry, entry->length, /*+*/value_len, /*+*/separator_len, /*+*/1))) + return false; + memcpy(new_entry+entry->length, separator, separator_len); + entry->length += separator_len; diff --git a/audio/xmms-flac/files/patch-src_plugin__xmms_plugin.c b/audio/xmms-flac/files/patch-src_plugin__xmms_plugin.c index 9cc9f8ed6995..fc950fee81f4 100644 --- a/audio/xmms-flac/files/patch-src_plugin__xmms_plugin.c +++ b/audio/xmms-flac/files/patch-src_plugin__xmms_plugin.c @@ -16,3 +16,19 @@ $FreeBSD$ xmms_cfg_read_int(cfg, "flac", "stream.http_buffer_size", &flac_cfg.stream.http_buffer_size); xmms_cfg_read_int(cfg, "flac", "stream.http_prebuffer", &flac_cfg.stream.http_prebuffer); xmms_cfg_read_boolean(cfg, "flac", "stream.use_proxy", &flac_cfg.stream.use_proxy); +@@ -425,8 +431,13 @@ + if(title) { + if (source_to_decoder_type (filename) == DECODER_FILE) { + static const char *errtitle = "Invalid FLAC File: "; +- *title = g_malloc(strlen(errtitle) + 1 + strlen(filename) + 1 + 1); +- sprintf(*title, "%s\"%s\"", errtitle, filename); ++ if(strlen(errtitle) + 1 + strlen(filename) + 1 + 1 < strlen(filename)) { /* overflow check */ ++ *title = NULL; ++ } ++ else { ++ *title = g_malloc(strlen(errtitle) + 1 + strlen(filename) + 1 + 1); ++ sprintf(*title, "%s\"%s\"", errtitle, filename); ++ } + } else { + *title = NULL; + } diff --git a/audio/xmms-flac/files/patch-src_share_utf8_charset.c b/audio/xmms-flac/files/patch-src_share_utf8_charset.c new file mode 100644 index 000000000000..109f3c8afafb --- /dev/null +++ b/audio/xmms-flac/files/patch-src_share_utf8_charset.c @@ -0,0 +1,22 @@ + +$FreeBSD$ + +--- src/share/utf8/charset.c.orig ++++ src/share/utf8/charset.c +@@ -35,6 +35,7 @@ + + #include <stdlib.h> + ++#include "share/alloc.h" + #include "charset.h" + + #include "charmaps.h" +@@ -492,7 +493,7 @@ + if (!charset1 || !charset2 ) + return -1; + +- tobuf = (char *)malloc(fromlen * charset2->max + 1); ++ tobuf = (char *)safe_malloc_mul2add_(fromlen, /*times*/charset2->max, /*+*/1); + if (!tobuf) + return -2; + diff --git a/audio/xmms-flac/files/patch-src_share_utf8_iconvert.c b/audio/xmms-flac/files/patch-src_share_utf8_iconvert.c new file mode 100644 index 000000000000..755f1eaabd39 --- /dev/null +++ b/audio/xmms-flac/files/patch-src_share_utf8_iconvert.c @@ -0,0 +1,49 @@ + +$FreeBSD$ + +--- src/share/utf8/iconvert.c.orig ++++ src/share/utf8/iconvert.c +@@ -27,6 +27,7 @@ + #include <iconv.h> + #include <stdlib.h> + #include <string.h> ++#include "share/alloc.h" + + /* + * Convert data from one encoding to another. Return: +@@ -79,7 +80,7 @@ + * This is deliberately not a config option as people often + * change their iconv library without rebuilding applications. + */ +- tocode1 = (char *)malloc(strlen(tocode) + 11); ++ tocode1 = (char *)safe_malloc_add_2op_(strlen(tocode), /*+*/11); + if (!tocode1) + goto fail; + +@@ -117,6 +118,8 @@ + break; + if (obl < 6) { + /* Enlarge the buffer */ ++ if(utflen*2 < utflen) /* overflow check */ ++ goto fail; + utflen *= 2; + newbuf = (char *)realloc(utfbuf, utflen); + if (!newbuf) +@@ -143,7 +146,7 @@ + iconv_close(cd1); + return ret; + } +- newbuf = (char *)realloc(utfbuf, (ob - utfbuf) + 1); ++ newbuf = (char *)safe_realloc_add_2op_(utfbuf, (ob - utfbuf), /*+*/1); + if (!newbuf) + goto fail; + ob = (ob - utfbuf) + newbuf; +@@ -194,7 +197,7 @@ + outlen += ob - tbuf; + + /* Convert from UTF-8 for real */ +- outbuf = (char *)malloc(outlen + 1); ++ outbuf = (char *)safe_malloc_add_2op_(outlen, /*+*/1); + if (!outbuf) + goto fail; + ib = utfbuf; diff --git a/audio/xmms-flac/files/patch-src_share_utf8_utf8.c b/audio/xmms-flac/files/patch-src_share_utf8_utf8.c new file mode 100644 index 000000000000..ecb45334861a --- /dev/null +++ b/audio/xmms-flac/files/patch-src_share_utf8_utf8.c @@ -0,0 +1,72 @@ + +$FreeBSD$ + +--- src/share/utf8/utf8.c.orig ++++ src/share/utf8/utf8.c +@@ -28,6 +28,7 @@ + #include <config.h> + #endif + ++#include "share/alloc.h" + #include "utf8.h" + #include "charset.h" + +@@ -57,10 +58,13 @@ + } else { + size += 3; + } ++ if(size+n < size) /* overflow check */ ++ return NULL; ++ size += n; + c = unicode[index++]; + } + +- out = malloc(size + 1); ++ out = safe_malloc_add_2op_(size, /*+*/1); + if (out == NULL) + return NULL; + index = 0; +@@ -101,11 +105,15 @@ + } else { + index += 1; + } ++ if(size + 1 == 0) /* overflow check */ ++ return NULL; + size += 1; + c = utf8[index++]; + } + +- out = malloc((size + 1) * sizeof(wchar_t)); ++ if(size + 1 == 0) /* overflow check */ ++ return NULL; ++ out = safe_malloc_mul_2op_((size + 1), /*times*/sizeof(wchar_t)); + if (out == NULL) + return NULL; + index = 0; +@@ -147,7 +155,7 @@ + return -1; + } + +- unicode = calloc(wchars + 1, sizeof(unsigned short)); ++ unicode = safe_calloc_(wchars + 1, sizeof(unsigned short)); + if(unicode == NULL) + { + fprintf(stderr, "Out of memory processing string to UTF8\n"); +@@ -197,7 +205,7 @@ + return -1; + } + +- *to = calloc(chars + 1, sizeof(unsigned char)); ++ *to = safe_calloc_(chars + 1, sizeof(unsigned char)); + if(*to == NULL) + { + fprintf(stderr, "Out of memory processing string to local charset\n"); +@@ -285,7 +293,7 @@ + if (ret != -1) + return ret; + +- s = malloc(fromlen + 1); ++ s = safe_malloc_add_2op_(fromlen, /*+*/1); + if (!s) + return -1; + strcpy(s, from); |