Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package dr_libs for openSUSE:Factory checked in at 2026-03-17 19:06:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dr_libs (Old) and /work/SRC/openSUSE:Factory/.dr_libs.new.8177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dr_libs" Tue Mar 17 19:06:04 2026 rev:4 rq:1339631 version:20260315 Changes: -------- --- /work/SRC/openSUSE:Factory/dr_libs/dr_libs.changes 2026-01-21 14:18:12.349029776 +0100 +++ /work/SRC/openSUSE:Factory/.dr_libs.new.8177/dr_libs.changes 2026-03-17 19:08:02.045461091 +0100 @@ -1,0 +2,7 @@ +Tue Mar 17 13:35:21 UTC 2026 - Richard Rahl <[email protected]> + +- Update to version 20260315: + * Try fixing a signed overflow bug in the MS-ADPCM decoder + * Fix a crash when loading files with a malformed "smpl" chunk + +------------------------------------------------------------------- Old: ---- dr_libs-20260117.tar.gz New: ---- dr_libs-20260315.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dr_libs.spec ++++++ --- /var/tmp/diff_new_pack.vG3Liz/_old 2026-03-17 19:08:02.565482532 +0100 +++ /var/tmp/diff_new_pack.vG3Liz/_new 2026-03-17 19:08:02.569482697 +0100 @@ -18,9 +18,9 @@ %define flacversion 0.13.3 %define mp3version 0.7.3 -%define wavversion 0.14.4 +%define wavversion 0.14.5 Name: dr_libs -Version: 20260117 +Version: 20260315 Release: 0 Summary: Audio decoding libraries for C/C++, each in a single source file License: MIT-0 OR Unlicense ++++++ dr_libs-20260117.tar.gz -> dr_libs-20260315.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dr_libs-20260117/dr_mp3.h new/dr_libs-20260315/dr_mp3.h --- old/dr_libs-20260117/dr_mp3.h 2026-01-17 00:06:53.000000000 +0100 +++ new/dr_libs-20260315/dr_mp3.h 2026-03-14 23:50:25.000000000 +0100 @@ -1,6 +1,6 @@ /* MP3 audio decoder. Choice of public domain or MIT-0. See license statements at the end of this file. -dr_mp3 - v0.7.3 - 2026-01-17 +dr_mp3 - v0.7.4 - TBD David Reid - [email protected] @@ -72,7 +72,7 @@ #define DRMP3_VERSION_MAJOR 0 #define DRMP3_VERSION_MINOR 7 -#define DRMP3_VERSION_REVISION 3 +#define DRMP3_VERSION_REVISION 4 #define DRMP3_VERSION_STRING DRMP3_XSTRINGIFY(DRMP3_VERSION_MAJOR) "." DRMP3_XSTRINGIFY(DRMP3_VERSION_MINOR) "." DRMP3_XSTRINGIFY(DRMP3_VERSION_REVISION) #include <stddef.h> /* For size_t. */ @@ -657,8 +657,10 @@ #if !defined(DR_MP3_NO_SIMD) -#if !defined(DR_MP3_ONLY_SIMD) && (defined(_M_X64) || defined(__x86_64__) || defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) -/* x64 always have SSE2, arm64 always have neon, no need for generic code */ +#if !defined(DR_MP3_ONLY_SIMD) && ((defined(_MSC_VER) && _MSC_VER >= 1400) && defined(_M_X64)) || ((defined(__i386) || defined(_M_IX86) || defined(__i386__) || defined(__x86_64__)) && ((defined(_M_IX86_FP) && _M_IX86_FP == 2) || defined(__SSE2__))) +#define DR_MP3_ONLY_SIMD +#endif +#if !defined(DR_MP3_ONLY_SIMD) && (defined(__ARM_NEON) || defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) #define DR_MP3_ONLY_SIMD #endif @@ -5007,6 +5009,9 @@ /* REVISION HISTORY ================ +v0.7.4 - TBD + - Improvements to SIMD detection. + v0.7.3 - 2026-01-17 - Fix an error in drmp3_open_and_read_pcm_frames_s16() and family when memory allocation fails. - Fix some compilation warnings. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dr_libs-20260117/dr_wav.h new/dr_libs-20260315/dr_wav.h --- old/dr_libs-20260117/dr_wav.h 2026-01-17 00:06:53.000000000 +0100 +++ new/dr_libs-20260315/dr_wav.h 2026-03-14 23:50:25.000000000 +0100 @@ -1,6 +1,6 @@ /* WAV audio loader and writer. Choice of public domain or MIT-0. See license statements at the end of this file. -dr_wav - v0.14.4 - 2026-01-17 +dr_wav - v0.14.5 - 2026-03-03 David Reid - [email protected] @@ -147,7 +147,7 @@ #define DRWAV_VERSION_MAJOR 0 #define DRWAV_VERSION_MINOR 14 -#define DRWAV_VERSION_REVISION 4 +#define DRWAV_VERSION_REVISION 5 #define DRWAV_VERSION_STRING DRWAV_XSTRINGIFY(DRWAV_VERSION_MAJOR) "." DRWAV_XSTRINGIFY(DRWAV_VERSION_MINOR) "." DRWAV_XSTRINGIFY(DRWAV_VERSION_REVISION) #include <stddef.h> /* For size_t. */ @@ -2189,6 +2189,22 @@ if (pMetadata != NULL && bytesJustRead == sizeof(smplHeaderData)) { drwav_uint32 iSampleLoop; + drwav_uint32 loopCount; + drwav_uint32 calculatedLoopCount; + + /* + When we calcualted the amount of memory required for the "smpl" chunk we excluded the chunk entirely + if the loop count in the header did not match with the calculated count based on the size of the + chunk. When this happens, the second stage will still hit this path but the `pMetadata` will be + non-null, but will either be pointing at the very end of the allocation or at the start of another + chunk. We need to check the loop counts for consistency *before* dereferencing the pMetadata object + so it's consistent with how we do it in the first stage. + */ + loopCount = drwav_bytes_to_u32(smplHeaderData + 28); + calculatedLoopCount = (pChunkHeader->sizeInBytes - DRWAV_SMPL_BYTES) / DRWAV_SMPL_LOOP_BYTES; + if (loopCount != calculatedLoopCount) { + return totalBytesRead; + } pMetadata->type = drwav_metadata_type_smpl; pMetadata->data.smpl.manufacturerId = drwav_bytes_to_u32(smplHeaderData + 0); @@ -2205,7 +2221,7 @@ The loop count needs to be validated against the size of the chunk for safety so we don't attempt to read over the boundary of the chunk. */ - if (pMetadata->data.smpl.sampleLoopCount == (pChunkHeader->sizeInBytes - DRWAV_SMPL_BYTES) / DRWAV_SMPL_LOOP_BYTES) { + if (pMetadata->data.smpl.sampleLoopCount == calculatedLoopCount) { pMetadata->data.smpl.pLoops = (drwav_smpl_loop*)drwav__metadata_get_memory(pParser, sizeof(drwav_smpl_loop) * pMetadata->data.smpl.sampleLoopCount, DRWAV_METADATA_ALIGNMENT); for (iSampleLoop = 0; iSampleLoop < pMetadata->data.smpl.sampleLoopCount; ++iSampleLoop) { @@ -2230,6 +2246,15 @@ drwav__metadata_parser_read(pParser, pMetadata->data.smpl.pSamplerSpecificData, pMetadata->data.smpl.samplerSpecificDataSizeInBytes, &totalBytesRead); } + } else { + /* + Getting here means the loop count in the header does not match up with the size of the + chunk. Clear out the data to zero just to be safe. + + This should never actually get hit because we check for it above, but keeping this here + for added safety. + */ + DRWAV_ZERO_OBJECT(&pMetadata->data.smpl); } } @@ -6379,11 +6404,8 @@ newSample0 += nibble0 * pWav->msadpcm.delta[0]; newSample0 = drwav_clamp(newSample0, -32768, 32767); - pWav->msadpcm.delta[0] = (adaptationTable[((nibbles & 0xF0) >> 4)] * pWav->msadpcm.delta[0]) >> 8; - if (pWav->msadpcm.delta[0] < 16) { - pWav->msadpcm.delta[0] = 16; - } - + pWav->msadpcm.delta[0] = (drwav_int32)drwav_clamp(((drwav_int64)adaptationTable[((nibbles & 0xF0) >> 4)] * pWav->msadpcm.delta[0]) >> 8, 16, 0x7FFFFFFF); + pWav->msadpcm.prevFrames[0][0] = pWav->msadpcm.prevFrames[0][1]; pWav->msadpcm.prevFrames[0][1] = newSample0; @@ -6392,10 +6414,7 @@ newSample1 += nibble1 * pWav->msadpcm.delta[0]; newSample1 = drwav_clamp(newSample1, -32768, 32767); - pWav->msadpcm.delta[0] = (adaptationTable[((nibbles & 0x0F) >> 0)] * pWav->msadpcm.delta[0]) >> 8; - if (pWav->msadpcm.delta[0] < 16) { - pWav->msadpcm.delta[0] = 16; - } + pWav->msadpcm.delta[0] = (drwav_int32)drwav_clamp(((drwav_int64)adaptationTable[((nibbles & 0x0F) >> 0)] * pWav->msadpcm.delta[0]) >> 8, 16, 0x7FFFFFFF); pWav->msadpcm.prevFrames[0][0] = pWav->msadpcm.prevFrames[0][1]; pWav->msadpcm.prevFrames[0][1] = newSample1; @@ -6417,10 +6436,7 @@ newSample0 += nibble0 * pWav->msadpcm.delta[0]; newSample0 = drwav_clamp(newSample0, -32768, 32767); - pWav->msadpcm.delta[0] = (adaptationTable[((nibbles & 0xF0) >> 4)] * pWav->msadpcm.delta[0]) >> 8; - if (pWav->msadpcm.delta[0] < 16) { - pWav->msadpcm.delta[0] = 16; - } + pWav->msadpcm.delta[0] = (drwav_int32)drwav_clamp(((drwav_int64)adaptationTable[((nibbles & 0xF0) >> 4)] * pWav->msadpcm.delta[0]) >> 8, 16, 0x7FFFFFFF); pWav->msadpcm.prevFrames[0][0] = pWav->msadpcm.prevFrames[0][1]; pWav->msadpcm.prevFrames[0][1] = newSample0; @@ -6435,10 +6451,7 @@ newSample1 += nibble1 * pWav->msadpcm.delta[1]; newSample1 = drwav_clamp(newSample1, -32768, 32767); - pWav->msadpcm.delta[1] = (adaptationTable[((nibbles & 0x0F) >> 0)] * pWav->msadpcm.delta[1]) >> 8; - if (pWav->msadpcm.delta[1] < 16) { - pWav->msadpcm.delta[1] = 16; - } + pWav->msadpcm.delta[1] = (drwav_int32)drwav_clamp(((drwav_int64)adaptationTable[((nibbles & 0x0F) >> 0)] * pWav->msadpcm.delta[1]) >> 8, 16, 0x7FFFFFFF); pWav->msadpcm.prevFrames[1][0] = pWav->msadpcm.prevFrames[1][1]; pWav->msadpcm.prevFrames[1][1] = newSample1; @@ -8544,6 +8557,10 @@ /* REVISION HISTORY ================ +v0.14.5 - 2026-03-03 + - Fix a crash when loading files with a malformed "smpl" chunk. + - Fix a signed overflow bug with the MS-ADPCM decoder. + v0.14.4 - 2026-01-17 - Fix some compilation warnings.
