summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Export CMake targets to the build treeevpobr2020-10-261-3/+8
| | | | Properly export Vorbis targets when added via `add_subdirectory()`.
* Update version and copyright for the 1.3.7 release.Ralph Giles2020-07-031-2/+2
| | | | | | | | | | | | | Bump soname version and vendor string for the new release. Update the top-level copyright dates for the release. The have only been bug fixes to the encoder, no tuning changes, but we updated the codename last time. so doing so again this time. It's better to be able to distinguish releases than not. Signed-off-by: Mark Harris <mark.hsj@gmail.com> Signed-off-by: Thomas Daede <daede003@umn.edu>
* Link to archive.org for the LSP implementation.Ralph Giles2020-07-031-1/+2
| | | | | | | The page the LSP algorithm is based on is no longer online. Link to an archived version instead. Signed-off-by: Mark Harris <mark.hsj@gmail.com>
* Update website link in copyright headers.Ralph Giles2020-07-0368-68/+68
| | | | | | | Use the secure link, which should be the default. Prefer the url without the `www` prefix because it's shorter. Signed-off-by: Mark Harris <mark.hsj@gmail.com>
* Add further array bounds checks to bark_noise_hybridmp.Ralph Giles2020-07-011-10/+13
| | | | | | | | | | Make it clear to local analysis that no out-of-bounds array accesses are possible here. Follow-up to CVE-2018-10393 and CVE-2017-14160. Signed-off-by: Thomas Daede <daede003@umn.edu> Signed-off-by: Monty <xiphmont@xiph.org>
* Instead of SIGFPE when bytespersample is zero or negative, return OV_EINVALPetter Reinholdtsen2020-04-151-0/+3
| | | | | | | | Based on0002-Avoid-SIGFPE-when-bytespersample-is-zero.patch from Debian, see https://bugs.debian.org/635906 , adjusted with input from Ralph Giles. Signed-off-by: Ralph Giles <giles@thaumas.net>
* Silence some CMake build MSVC useless warningsevpobr2020-04-081-0/+6
| | | | | | Supress warnings about unsafe and deprecated functions like this: strcat is unsafe, use `strcat_s` instead and so on. Signed-off-by: Ralph Giles <giles@thaumas.net>
* Export public function on MinGW platformevpobr2020-04-081-1/+1
| | | | MinGW produces DLLs, but exports nothing.
* Fix CMake include install directoryevpobr2020-04-081-1/+1
|
* Clean up trailing whitespace.Ralph Giles2020-04-071-1/+1
|
* Add CMake config-file package generationevpobr2020-04-071-11/+60
| | | | Signed-off-by: Ralph Giles <giles@thaumas.net>
* Don't leak memory in test_sharedbook to please asan.Thomas Daede2019-01-281-0/+1
|
* os.h: make vorbis_ftoi() static inline if !VORBIS_FPU_CONTROLsezero2019-01-281-2/+2
|
* os.h: cleanup the _MSC_VER cpp checks mess.sezero2019-01-281-3/+2
|
* fix typo introduced in commit 8d73daasezero2019-01-281-1/+1
|
* Check for sse2 math before using it.tico-tico2019-01-281-2/+2
|
* info.c (tagcompare): use a locale-insensitive toupper()sezero2019-01-281-2/+5
| | | | see: https://gitlab.xiph.org/xiph/vorbis/issues/2079
* Port opus-tools check to see if underlying file was overwritten.Thomas Daede2019-01-281-0/+4
|
* Fix free of uninitialized memory if seek fails in ov_raw_seekJames Cowgill2019-01-281-10/+6
| | | | | | | | | | | | | | | | | If _seek_helper fails in ov_raw_seek, control jumps to the seek_error label which calls ogg_stream_clear on work_os. However, at this point in the function, work_os is not initialized so we end up attempting to free some uninitialized memory and crashing. Fix by removing the call to ogg_stream_clear. This is safe because the only code path to seek_error happens before work_os is initialized (so there is never anything to free anyway). I also refactor the code a bit: - Remove the ret variable which is unnessesary since we can just pass the result of _seek_helper directly to the if. - Since seek_error is only used once, move the contents of that block to the if statement so we can remove a goto.
* Remove C99-style comments.Thomas Daede2019-01-282-5/+2
|
* Fix the compiling errors on msvc ARM64 configuration.Minmin Gong2018-07-051-1/+1
|
* Fix shift by negative value when reading blocksize.Thomas Daede2018-05-231-2/+7
|
* Sanity check number of channels in setup.Thomas Daede2018-05-171-0/+1
| | | | Fixes #2335.
* Clamp large exponents in float32_unpack.Thomas Daede2018-05-171-1/+9
|
* CVE-2017-14160: fix bounds check on very low sample rates.Thomas Daede2018-05-091-1/+2
|
* vorbisenc: detect if new_template is NULLTristan Matthews2018-04-091-1/+1
| | | | Fixes #1975
* Include CMake build scripts in release archivesMarcel Metz2018-03-201-1/+1
| | | | Fixes xiph/vorbis#32
* Bump version to 1.3.6Thomas Daede2018-03-161-2/+2
|
* CVE-2018-5146: Prevent out-of-bounds write in codebook decoding.Thomas Daede2018-03-161-38/+10
| | | | | Codebooks that are not an exact divisor of the partition size are now truncated to fit within the partition.
* CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb if not initializedGuido Günther2017-12-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the number of channels is not within the allowed range we call oggback_writeclear altough it's not initialized yet. This fixes =23371== Invalid free() / delete / delete[] / realloc() ==23371== at 0x4C2CE1B: free (vg_replace_malloc.c:530) ==23371== by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2) ==23371== by 0x84B96EE: vorbis_analysis_headerout (info.c:652) ==23371== by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so) ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) ==23371== by 0x10D82A: open_output_file (sox.c:1556) ==23371== by 0x10D82A: process (sox.c:1753) ==23371== by 0x10D82A: main (sox.c:3012) ==23371== Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd ==23371== at 0x4C2BB1F: malloc (vg_replace_malloc.c:298) ==23371== by 0x4C2DE9F: realloc (vg_replace_malloc.c:785) ==23371== by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) ==23371== by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so) ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) ==23371== by 0x10D82A: open_output_file (sox.c:1556) ==23371== by 0x10D82A: process (sox.c:1753) ==23371== by 0x10D82A: main (sox.c:3012) as seen when using the testcase from CVE-2017-11333 with 008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was there before.
* CVE-2017-14633: Don't allow for more than 256 channelsGuido Günther2017-12-111-1/+1
| | | | | | | | | | | | Otherwise for(i=0;i<vi->channels;i++){ /* the encoder setup assumes that all the modes used by any specific bitrate tweaking use the same floor */ int submap=info->chmuxlist[i]; overreads later in mapping0_forward since chmuxlist is a fixed array of 256 elements max.
* vorbis: avoid invalid freeTristan Matthews2017-11-101-1/+1
| | | | Regression started at commit "4b67376 Remove multiple subtly different inline..."
* mapping0.c (mapping0_unpack): kill a useless memset()sezero2017-07-241-1/+0
| | | | | | info is allocated with calloc() already. Signed-off-by: Ralph Giles <giles@thaumas.net>
* os.h: change elif _WIN32 to elif defined(_WIN32)sezero2017-07-241-1/+1
| | | | | | | This symbol is only defined (with the value 1) when building for the Windows target, so we need to ifdef, not if. Signed-off-by: Ralph Giles <giles@thaumas.net>
* Cleanup: Removed tailing white-spaces in C code filesPhilipp Schafft2017-07-233-35/+35
| | | | Signed-off-by: Ralph Giles <giles@thaumas.net>
* CMake: Add vorbisenc.c to vorbis target for WIN32 buildsMarcel Metz2017-07-221-0/+4
| | | | | | | | On Windows the vorbis shared library exports some symbols defined in the vorbisen.c file. To allow error free linking this file should be added to to the VORBIS_SOURCES. Signed-off-by: Ralph Giles <giles@thaumas.net>
* Fix reading maximum, nominal, minimum bitrate in _vorbis_unpack_info().Jörn Heusipp2017-07-221-3/+3
| | | | | | | | | | | | | | | | | | | | https://xiph.org/vorbis/doc/Vorbis_I_spec.html#x1-630004.2.2 specifies these fields as 32bit signed. oggpack_read(opb,32), which is used to read these fields, returns 32 bits stored in a long. On architectures where long is 64bit, this results in a positive value being returned. This value is then stored in struct vorbis_info in bitrate_upper, bitrate_nominal and bitrate_lower, also as long. ogginfo relies on these values in order to display the respective header fields and thus misrepresented the stored value -1 (which has the intended meaning of "bitrate not set") as 2**32-1 on architectures where long is 64bit. Explicitly cast the return value of oggpack_read() to a signed 32bit integer type. A nominal bitrate value of -1 is valid as per specification, and is written by libvorbis for VBR files with samplerate >= 50000Hz. Signed-off-by: Timothy B. Terriberry <tterribe@xiph.org>
* Remove svn $Id$ header.Ralph Giles2017-06-1667-67/+0
| | | | | | | Most checked-in files had a comment with a filename and last-modified string automatically updated by the subversion version control tool. These became obsolete when we migrated the repository to git. Remove them.
* Fix signed overflow in _book_maptype1_quantvals().Timothy B. Terriberry2017-06-161-4/+14
| | | | | | | | If b->dims is very large, vals will be 1 and acc1 will overflow a long. This causes us to read too many values for this codebook. Signed-off-by: Monty <xiphmont@xiph.org>
* Fix CMake errorRussell Greene2016-10-041-2/+2
| | | | | | Include vorbis library when linking vorbisfile and vorbisenc. Signed-off-by: Ralph Giles <giles@thaumas.net>
* Allocate comment temporaries on the heap.Ralph Giles2015-10-131-6/+12
| | | | | | | | Use malloc/free instead of the more convenient alloca for comment data. Album art can easily be larger than the local stack limit and crash the process. Thanks to Robert Kausch for the suggestion.
* Add CMake script to build vorbis.stopiccot2015-06-181-0/+104
| | | | Signed-off-by: Ralph Giles <giles@thaumas.net>
* Fix automake warning.Ralph Giles2015-05-201-1/+1
| | | | | Newer versions prefer AM_CPPFLAGS to INCLUDES. Tell libtool about our m4 directory.
* Bump more copyright dates.v1.3.5Ralph Giles2015-03-0310-10/+10
| | | | svn path=/trunk/vorbis/; revision=19457
* Suppress spurious 'may be used uninitialized' gcc warnings in floor1.cMonty2015-03-021-1/+3
| | | | | | | encode with static initializers. svn path=/trunk/vorbis/; revision=19455
* Roll back unintentionally chaged file (barkmel.c) from previous commit.Monty2015-03-021-8/+0
| | | | svn path=/trunk/vorbis/; revision=19454
* Remove a set-but-unused variable (lastdelta) in the encode-side lspMonty2015-03-022-2/+8
| | | | | | | | code. Note that the code in question is effectively dead as it's for floor0 encoding, and floor zero has been deprecated for over a decade. svn path=/trunk/vorbis/; revision=19453
* Don't use MSVC inline assembly on arm targets.Ralph Giles2015-02-271-2/+3
| | | | | | Patch from Hugo Beauzée-Luyssen. Fixes the build in WindowsRT/ARM. svn path=/trunk/vorbis/; revision=19449
* Trac 2139 indirectly brought to light the case of a stream that uses aMonty2015-02-262-50/+65
| | | | | | | | | | | | | | | single-entry codebook, but does not code a codeword of length 1 equal to zero. Such a stream could cause a stream to read garbage. There is no apparent chance of garbage memory writes as this happen entirely after decode setup, however there is playback DoS potential. This commit special cases single-entry codebook setup so that decode is well-defined for streams with single-entry codebooks, and adds some comments to make it more clear how the case is handled. svn path=/trunk/vorbis/; revision=19444
* Render prototype and actual function declatation of ov_ilog() semantically ↵Monty2015-01-211-1/+1
| | | | | | consistent svn path=/trunk/vorbis/; revision=19442
View Lorry Controller Status