packages/speex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!14 [sync] PR-13: update version to 1.2.1

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1
This commit is contained in:
openeuler-ci-bot 2022-11-07 11:39:56 +00:00 committed by Gitee
commit db1fe2a056
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
6 changed files with 8 additions and 214 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
backport-CVE-2020-23903.patch
View File

@ -1,26 +0,0 @@
From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
From: Tristan Matthews <tmatth@videolan.org>
Date: Mon, 13 Jul 2020 23:25:03 -0400
Subject: [PATCH] wav_io: guard against invalid channel numbers
Fixes #13
---
src/wav_io.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/wav_io.c b/src/wav_io.c
index c2e2bc8..4d77cd7 100644
--- a/src/wav_io.c
+++ b/src/wav_io.c
@@ -108,7 +108,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
stmp = le_short(stmp);
*channels = stmp;
- if (stmp>2)
+ if (stmp>2 || stmp<1)
{
fprintf (stderr, "Only mono and (intensity) stereo supported\n");
return -1;
--
1.8.3.1

123
backport-math_approx-use-unsigned-int-for-LCG-pseudorandom-ge.patch
View File

@ -1,123 +0,0 @@
From c1f82d214872cae4a60c2594cc8c53d11246e3a9 Mon Sep 17 00:00:00 2001
From: Tristan Matthews <tmatth@videolan.org>
Date: Sat, 2 Mar 2019 00:50:35 -0500
Subject: [PATCH] math_approx: use unsigned int for LCG pseudorandom generator
This avoids an integer overflow.
---
libspeex/cb_search.c | 4 ++--
libspeex/cb_search.h | 4 ++--
libspeex/math_approx.h | 4 ++--
libspeex/modes.h | 2 +-
libspeex/nb_celp.h | 2 +-
libspeex/sb_celp.h | 2 +-
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/libspeex/cb_search.c b/libspeex/cb_search.c
index 63f4c6a..9629772 100644
--- a/libspeex/cb_search.c
+++ b/libspeex/cb_search.c
@@ -517,7 +517,7 @@ const void *par, /* non-overlapping codebook */
int nsf, /* number of samples in subframe */
SpeexBits *bits,
char *stack,
-spx_int32_t *seed
+spx_uint32_t *seed
)
{
int i,j;
@@ -602,7 +602,7 @@ const void *par, /* non-overlapping codebook */
int nsf, /* number of samples in subframe */
SpeexBits *bits,
char *stack,
-spx_int32_t *seed
+spx_uint32_t *seed
)
{
int i;
diff --git a/libspeex/cb_search.h b/libspeex/cb_search.h
index 7687b45..eb45b56 100644
--- a/libspeex/cb_search.h
+++ b/libspeex/cb_search.h
@@ -70,7 +70,7 @@ const void *par, /* non-overlapping codebook */
int nsf, /* number of samples in subframe */
SpeexBits *bits,
char *stack,
-spx_int32_t *seed
+spx_uint32_t *seed
);
@@ -97,7 +97,7 @@ const void *par, /* non-overlapping codebook */
int nsf, /* number of samples in subframe */
SpeexBits *bits,
char *stack,
-spx_int32_t *seed
+spx_uint32_t *seed
);
#endif
diff --git a/libspeex/math_approx.h b/libspeex/math_approx.h
index 9ca8307..6573113 100644
--- a/libspeex/math_approx.h
+++ b/libspeex/math_approx.h
@@ -46,7 +46,7 @@
#define spx_atan atan
/** Generate a pseudo-random number */
-static inline spx_word16_t speex_rand(spx_word16_t std, spx_int32_t *seed)
+static inline spx_word16_t speex_rand(spx_word16_t std, spx_uint32_t *seed)
{
const unsigned int jflone = 0x3f800000;
const unsigned int jflmsk = 0x007fffff;
@@ -119,7 +119,7 @@ static inline spx_int16_t spx_ilog4(spx_uint32_t x)
#ifdef FIXED_POINT
/** Generate a pseudo-random number */
-static inline spx_word16_t speex_rand(spx_word16_t std, spx_int32_t *seed)
+static inline spx_word16_t speex_rand(spx_word16_t std, spx_uint32_t *seed)
{
spx_word32_t res;
*seed = 1664525 * *seed + 1013904223;
diff --git a/libspeex/modes.h b/libspeex/modes.h
index 26e2d86..0ae19cc 100644
--- a/libspeex/modes.h
+++ b/libspeex/modes.h
@@ -86,7 +86,7 @@ typedef void (*innovation_quant_func)(spx_word16_t *, spx_coef_t *, spx_coef_t *
spx_sig_t *, spx_word16_t *, SpeexBits *, char *, int, int);
/** Innovation unquantization function */
-typedef void (*innovation_unquant_func)(spx_sig_t *, const void *, int, SpeexBits*, char *, spx_int32_t *);
+typedef void (*innovation_unquant_func)(spx_sig_t *, const void *, int, SpeexBits*, char *, spx_uint32_t *);
/** Description of a Speex sub-mode (wither narrowband or wideband */
typedef struct SpeexSubmode {
diff --git a/libspeex/nb_celp.h b/libspeex/nb_celp.h
index 14c776f..41ccd15 100644
--- a/libspeex/nb_celp.h
+++ b/libspeex/nb_celp.h
@@ -153,7 +153,7 @@ typedef struct DecState {
spx_word16_t last_pitch_gain; /**< Pitch gain of last correctly decoded frame */
spx_word16_t pitch_gain_buf[3]; /**< Pitch gain of last decoded frames */
int pitch_gain_buf_idx; /**< Tail of the buffer */
- spx_int32_t seed; /** Seed used for random number generation */
+ spx_uint32_t seed; /** Seed used for random number generation */
int encode_submode;
const SpeexSubmode * const *submodes; /**< Sub-mode data */
diff --git a/libspeex/sb_celp.h b/libspeex/sb_celp.h
index e8c3761..24a2801 100644
--- a/libspeex/sb_celp.h
+++ b/libspeex/sb_celp.h
@@ -121,7 +121,7 @@ typedef struct SBDecState {
spx_word16_t *innov_save; /** If non-NULL, innovation is copied here */
spx_word16_t last_ener;
- spx_int32_t seed;
+ spx_uint32_t seed;
int encode_submode;
const SpeexSubmode * const *submodes;
--
2.23.0

59
backport-wav_io-check-for-EOF-when-seeking-in-wav.patch
View File

@ -1,59 +0,0 @@
From bdc392257c330e49872a5217dfb56becd1ee8f45 Mon Sep 17 00:00:00 2001
From: Tristan Matthews <tmatth@videolan.org>
Date: Tue, 11 Sep 2018 05:12:53 -0400
Subject: [PATCH] wav_io: check for EOF when seeking in wav
Fixes hang discovered by fuzzing: https://github.com/xiph/speex/issues/9
---
src/wav_io.c | 24 +++++++++++++++++-------
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/src/wav_io.c b/src/wav_io.c
index c2e2bc85..b5183015 100644
--- a/src/wav_io.c
+++ b/src/wav_io.c
@@ -75,8 +75,11 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
itmp = le_int(itmp);
/*fprintf (stderr, "skip=%d\n", itmp);*/
/*strange way of seeking, but it works even for pipes*/
- for (i=0;i<itmp;i++)
- fgetc(file);
+ for (i=0;i<itmp;i++) {
+ if (fgetc(file) == EOF) {
+ break;
+ }
+ }
/*fseek(file, itmp, SEEK_CUR);*/
fread(ch, 1, 4, file);
if (feof(file))
@@ -152,9 +155,13 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
/*strange way of seeking, but it works even for pipes*/
- if (skip_bytes>0)
- for (i=0;i<skip_bytes;i++)
- fgetc(file);
+ if (skip_bytes>0) {
+ for (i=0;i<skip_bytes;i++) {
+ if (fgetc(file) == EOF) {
+ break;
+ }
+ }
+ }
/*fseek(file, skip_bytes, SEEK_CUR);*/
@@ -164,8 +171,11 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
fread(&itmp, 4, 1, file);
itmp = le_int(itmp);
/*strange way of seeking, but it works even for pipes*/
- for (i=0;i<itmp;i++)
- fgetc(file);
+ for (i=0;i<itmp;i++) {
+ if (fgetc(file) == EOF) {
+ break;
+ }
+ }
/*fseek(file, itmp, SEEK_CUR);*/
fread(ch, 1, 4, file);
if (feof(file))

BIN
speex-1.2.0.tar.gz
View File

Binary file not shown.

BIN
speex-1.2.1.tar.gz Normal file
View File

Binary file not shown.

14
speex.spec
View File

@ -1,15 +1,11 @@
Name: speex Name: speex
Version: 1.2.0 Version: 1.2.1
Release: 7 Release: 1
Summary: A Free Codec For Free Speech Summary: A Free Codec For Free Speech
License: BSD License: BSD
URL: https://www.speex.org/ URL: https://www.speex.org/
Source0: http://downloads.us.xiph.org/releases/speex/%{name}-%{version}.tar.gz Source0: http://downloads.us.xiph.org/releases/speex/%{name}-%{version}.tar.gz
Patch6000: backport-math_approx-use-unsigned-int-for-LCG-pseudorandom-ge.patch
Patch6001: backport-CVE-2020-23903.patch
Patch6002: backport-wav_io-check-for-EOF-when-seeking-in-wav.patch
BuildRequires: gcc git pkgconfig(ogg) pkgconfig(speexdsp) BuildRequires: gcc git pkgconfig(ogg) pkgconfig(speexdsp)
Obsoletes: %{name}-tools Obsoletes: %{name}-tools
@ -71,6 +67,12 @@ This package is the development and files for speex.
%{_mandir}/man1/speexdec.1.gz %{_mandir}/man1/speexdec.1.gz
%changelog %changelog
* Mon Nov 7 2022 Bin Hu <hubin73@huawei.com> - 1.2.1-1
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:update version 1.2.1
* Mon Jun 20 2022 shixuantong<shixuantong@h-partners.com> - 1.2.0-7 * Mon Jun 20 2022 shixuantong<shixuantong@h-partners.com> - 1.2.0-7
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA