Bug#775959: [Fwd: Bug#775959: Patch for this issue]

Thu Jan 22 18:19:47 UTC 2015

Hi Rogerio,

would you apply the attached patch, courtesy of Maks Naumov, to LAME
upstream?

Thanks!

Cheers,

Fabian

Am Donnerstag, den 22.01.2015, 00:05 +0100 schrieb Jakub Wilk:
Package: lame
> Version: 3.99.5+repack1-5
> Usertags: afl
> 
> lame crashes while trying compress the attached WAV file, which 
> apparently has bogus sample rate:
> 
> $ lame crash.wav
> LAME 3.99.5 32bits (http://lame.sf.net)
> CPU features: MMX (ASM used), 3DNow! (ASM used), SSE (ASM used), SSE2
> Resampling:  input -2.14748e+06 kHz  output 8 kHz
> Using polyphase lowpass filter, transition band:  3000 Hz -  3097 Hz
> Encoding crash.wav to crash.mp3
> Encoding as 8 kHz single-ch MPEG-2.5 Layer III (16x)   8 kbps qval=3
>     Frame          |  CPU time/estim | REAL time/estim | play/CPU |
ETA
>      0/       ( 0%)|    0:00/     :  |    0:00/     :  |         x|
> :
>
00:00------------------------------------------------------------------
>    kbps      %     %
>     0.0           Segmentation fault
> 
> 
> This bug was found using American fuzzy lop:
> https://packages.debian.org/experimental/afl
> 
> Disclaimer: I don't have spare CPU cycles, so I fuzzed only till the 
> first crash (which took a few seconds). It's likely that extensive 
> fuzzing would uncover more interesting crashers. I'd encourage LAME 
> maintainers to perform fuzzing with AFL on their own. :-)
> 
> 
> -- System Information:
> Debian Release: 8.0
>   APT prefers unstable
>   APT policy: (990, 'unstable'), (500, 'experimental')
> Architecture: i386 (x86_64)
> Foreign Architectures: amd64
> 
> Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
> Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
> 
> Versions of packages lame depends on:
> ii  libc6        2.19-13
> ii  libmp3lame0  3.99.5+repack1-5
> ii  libncurses5  5.9+20140913-1+b1
> ii  libtinfo5    5.9+20140913-1+b1
> 
> _______________________________________________
> pkg-multimedia-maintainers mailing list
> pkg-multimedia-maintainers at lists.alioth.debian.org
>
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
> 

-------- Weitergeleitete Nachricht --------
Von: Maks Naumov <maksqwe1 at ukr.net>
Reply-to: Maks Naumov <maksqwe1 at ukr.net>, 775959 at bugs.debian.org
An: 775959 at bugs.debian.org
Betreff: Bug#775959: Patch for this issue
Datum: Thu, 22 Jan 2015 16:22:50 +0200

Need to check for input sample rate.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-check-for-invalid-input-sample-rate.patch
Type: application/x-patch
Size: 812 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20150122/60de79df/attachment.bin>