mirrors
/
SDL
mirror of https://github.com/libsdl-org/SDL
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
SDL/include
History
Sam Lantinga 990e166a3b Fixed bug 3894 - Fuzzing crashes for SDL_LoadWAV 
Simon Hug

I had a look at this and made some additions to SDL_wave.c.

The attached patch adds many checks and error messages. For some reason I also added A-law and ?-law decoders. Forgot exactly why... but hey, they're small.

The WAVE format is seriously underspecified (at least by the documents that are publicly available on the internet) and it's a shame Microsoft never put something better out there. The language used in them is so loose at times, it's not surprising the encoders and decoders behave very differently. The Windows Media Player doesn't even support MS ADPCM correctly.

The patch also adds some hints to make the decoder more strict at the cost of compatibility with weird WAVE files.

I still think it needs a bit of cleaning up (Not happy with the MultiplySize function. Don't like the name and other SDL code may want to use something like this too.) and some duplicated code may be folded together. It does work in this state and I have thrown all kinds of WAVE files at it. The AFL files also pass with it and some even play (obviously just noise). Crafty little fuzzer.

Any critique would be welcome. I have a fork of SDL with a audio-loadwav branch over here if someone wants to use the commenting feature of Bitbucket:

https://bitbucket.org/ChliHug/SDL

I also cobbled some Lua scripts together to create WAVE test files:

https://bitbucket.org/ChliHug/gendat
 		2019-06-08 19:02:42 -07:00
..
SDL.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_assert.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_atomic.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_audio.h Fixed bug 3894 - Fuzzing crashes for SDL_LoadWAV 2019-06-08 19:02:42 -07:00
SDL_bits.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_blendmode.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_clipboard.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config.h.cmake Use _Exit() when available 2019-04-23 07:59:31 -07:00
SDL_config.h.in Use _Exit() when available 2019-04-23 07:59:31 -07:00
SDL_config_android.h Initial Android OpenSL ES implementation, contributed by ANTA 2019-01-12 12:18:44 -08:00
SDL_config_iphoneos.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_macosx.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_minimal.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_os2.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_pandora.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_psp.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_windows.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_winrt.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_config_wiz.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_copying.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_cpuinfo.h Fixed bug 4557 - SDL_SIMDAlloc and *Free should be in the public interface 2019-06-08 14:54:37 -07:00
SDL_egl.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_endian.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_error.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_events.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_filesystem.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_gamecontroller.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_gesture.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_haptic.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_hints.h Fixed bug 3894 - Fuzzing crashes for SDL_LoadWAV 2019-06-08 19:02:42 -07:00
SDL_joystick.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_keyboard.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_keycode.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_loadso.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_log.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_main.h Fixed building with C++ 2019-03-19 10:59:41 -07:00
SDL_messagebox.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_mouse.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_mutex.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_name.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_opengl.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_opengl_glext.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_opengles2.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_opengles2_gl2.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_gl2ext.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_gl2platform.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_khrplatform.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_pixels.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_platform.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_power.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_quit.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_rect.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_render.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_revision.h revert files I didnt mean to commit! 2017-09-29 10:15:44 -07:00
SDL_rwops.h Fixed bug 4526 - replace SDL_RW* macros with functions for using in bindings 2019-06-08 17:43:23 -07:00
SDL_scancode.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_sensor.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_shape.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_stdinc.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_surface.h Rename surface aligned memory flag to SDL_SIMD_ALIGNED 2019-02-04 08:34:24 +01:00
SDL_system.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_syswm.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_assert.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_common.h test: unify all the command line usage logging. 2019-05-28 17:39:13 -04:00
SDL_test_compare.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_crc32.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_font.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_fuzzer.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_harness.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_images.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_log.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_md5.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_memory.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_test_random.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_thread.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_timer.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_touch.h Add hint SDL_HINT_MOUSE_TOUCH_EVENTS for mouse events to generate touch events 2019-04-04 16:51:50 +02:00
SDL_types.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_version.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_video.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
SDL_vulkan.h vulkan: SDL_Vulkan_GetInstanceExtensions should accept a NULL window. 2018-08-24 09:49:48 -04:00
begin_code.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00
close_code.h Updated copyright for 2019 2019-01-04 22:01:14 -08:00