git: 0eb74bac9c1d - main - audio/zynaddsubfx: Fix buffer overflows
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 29 Feb 2024 20:24:10 UTC
The branch main has been updated by tijl:
URL: https://cgit.FreeBSD.org/ports/commit/?id=0eb74bac9c1d8f485bc316ee51a23c6c87171322
commit 0eb74bac9c1d8f485bc316ee51a23c6c87171322
Author: Tijl Coosemans <tijl@FreeBSD.org>
AuthorDate: 2024-02-25 11:16:43 +0000
Commit: Tijl Coosemans <tijl@FreeBSD.org>
CommitDate: 2024-02-29 20:21:35 +0000
audio/zynaddsubfx: Fix buffer overflows
- Leave room for termination NUL in sscanf buffer.
- Use float instead of float_t. On FreeBSD/i386 they are not the same.
Discovered during an exp-run for bug 276478.
---
audio/zynaddsubfx/Makefile | 2 +-
audio/zynaddsubfx/files/patch-rtosc_src_cpp_savefile.cpp | 11 +++++++++++
audio/zynaddsubfx/files/patch-src_Effects_Distorsion.cpp | 11 +++++++++++
audio/zynaddsubfx/files/patch-src_Synth_ADnote.cpp | 11 +++++++++++
4 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/audio/zynaddsubfx/Makefile b/audio/zynaddsubfx/Makefile
index dae9ef544d75..4a1cd9c69b58 100644
--- a/audio/zynaddsubfx/Makefile
+++ b/audio/zynaddsubfx/Makefile
@@ -1,6 +1,6 @@
PORTNAME= zynaddsubfx
DISTVERSION= 3.0.6
-PORTREVISION= 2
+PORTREVISION= 3
PORTEPOCH= 2
CATEGORIES= audio
diff --git a/audio/zynaddsubfx/files/patch-rtosc_src_cpp_savefile.cpp b/audio/zynaddsubfx/files/patch-rtosc_src_cpp_savefile.cpp
new file mode 100644
index 000000000000..96e760e7cdd7
--- /dev/null
+++ b/audio/zynaddsubfx/files/patch-rtosc_src_cpp_savefile.cpp
@@ -0,0 +1,11 @@
+--- rtosc/src/cpp/savefile.cpp.orig 2021-12-31 15:58:28 UTC
++++ rtosc/src/cpp/savefile.cpp
+@@ -534,7 +534,7 @@ int load_from_file(const char* file_content,
+ n = 0;
+
+ sscanf(file_content,
+- "%% %128s v%u.%u.%u%n ", appbuf, &vma, &vmi, &vre, &n);
++ "%% %127s v%u.%u.%u%n ", appbuf, &vma, &vmi, &vre, &n);
+ if(n <= 0 || strcmp(appbuf, appname) || vma > 255 || vmi > 255 || vre > 255)
+ return -bytes_read-1;
+
diff --git a/audio/zynaddsubfx/files/patch-src_Effects_Distorsion.cpp b/audio/zynaddsubfx/files/patch-src_Effects_Distorsion.cpp
new file mode 100644
index 000000000000..f6b968afd117
--- /dev/null
+++ b/audio/zynaddsubfx/files/patch-src_Effects_Distorsion.cpp
@@ -0,0 +1,11 @@
+--- src/Effects/Distorsion.cpp.orig 2022-01-22 01:46:21 UTC
++++ src/Effects/Distorsion.cpp
+@@ -75,7 +75,7 @@ rtosc::Ports Distorsion::ports = {
+
+ for(int i=0; i<128; ++i)
+ buffer[i] = 2*(i/128.0)-1;
+- memcpy(orig, buffer, sizeof(float_t)*128);
++ memcpy(orig, buffer, sizeof(buffer));
+
+ waveShapeSmps(sizeof(buffer)/sizeof(buffer[0]), buffer,
+ dd.Ptype + 1, dd.Pdrive, dd.Poffset, dd.Pfuncpar);
diff --git a/audio/zynaddsubfx/files/patch-src_Synth_ADnote.cpp b/audio/zynaddsubfx/files/patch-src_Synth_ADnote.cpp
new file mode 100644
index 000000000000..1b207bbcfdf8
--- /dev/null
+++ b/audio/zynaddsubfx/files/patch-src_Synth_ADnote.cpp
@@ -0,0 +1,11 @@
+--- src/Synth/ADnote.cpp.orig 2022-01-22 01:46:21 UTC
++++ src/Synth/ADnote.cpp
+@@ -1264,7 +1264,7 @@ inline void ADnote::ComputeVoiceOscillator_SincInterpo
+ inline void ADnote::ComputeVoiceOscillator_SincInterpolation(int nvoice)
+ {
+ // windowed sinc kernel factor Fs*0.3, rejection 80dB
+- const float_t kernel[] = {
++ const float kernel[] = {
+ 0.0010596256917418426f,
+ 0.004273442181254887f,
+ 0.0035466063043375785f,