[Python-checkins] cpython (2.7): Issue #13806: The size check in audioop decompression functions was too strict

antoine.pitrou python-checkins at python.org
Sat Jan 28 22:07:35 CET 2012


http://hg.python.org/cpython/rev/f1ee3bb6ba64
changeset:   74672:f1ee3bb6ba64
branch:      2.7
parent:      74664:eaf553b063a7
user:        Antoine Pitrou <solipsis at pitrou.net>
date:        Sat Jan 28 22:01:59 2012 +0100
summary:
  Issue #13806: The size check in audioop decompression functions was too strict and could reject valid compressed data.
Patch by Oleg Plakhotnyuk.

files:
  Lib/test/test_audioop.py |  25 +++++++++++++++++++------
  Misc/NEWS                |   3 +++
  Modules/audioop.c        |   6 +++---
  3 files changed, 25 insertions(+), 9 deletions(-)


diff --git a/Lib/test/test_audioop.py b/Lib/test/test_audioop.py
--- a/Lib/test/test_audioop.py
+++ b/Lib/test/test_audioop.py
@@ -21,9 +21,9 @@
 data = [gendata1(), gendata2(), gendata4()]
 
 INVALID_DATA = [
-    ('abc', 0),
-    ('abc', 2),
-    ('abc', 4),
+    (b'abc', 0),
+    (b'abc', 2),
+    (b'abc', 4),
 ]
 
 
@@ -94,7 +94,9 @@
 
     def test_adpcm2lin(self):
         # Very cursory test
-        self.assertEqual(audioop.adpcm2lin('\0\0', 1, None), ('\0\0\0\0', (0,0)))
+        self.assertEqual(audioop.adpcm2lin(b'\0\0', 1, None), (b'\0' * 4, (0,0)))
+        self.assertEqual(audioop.adpcm2lin(b'\0\0', 2, None), (b'\0' * 8, (0,0)))
+        self.assertEqual(audioop.adpcm2lin(b'\0\0', 4, None), (b'\0' * 16, (0,0)))
 
     def test_lin2adpcm(self):
         # Very cursory test
@@ -109,6 +111,9 @@
         # Cursory
         d = audioop.lin2alaw(data[0], 1)
         self.assertEqual(audioop.alaw2lin(d, 1), data[0])
+        self.assertEqual(audioop.alaw2lin(d, 2), b'\x08\x00\x08\x01\x10\x02')
+        self.assertEqual(audioop.alaw2lin(d, 4),
+            b'\x00\x00\x08\x00\x00\x00\x08\x01\x00\x00\x10\x02')
 
     def test_lin2ulaw(self):
         self.assertEqual(audioop.lin2ulaw(data[0], 1), '\xff\xe7\xdb')
@@ -119,6 +124,9 @@
         # Cursory
         d = audioop.lin2ulaw(data[0], 1)
         self.assertEqual(audioop.ulaw2lin(d, 1), data[0])
+        self.assertEqual(audioop.ulaw2lin(d, 2), b'\x00\x00\x04\x01\x0c\x02')
+        self.assertEqual(audioop.ulaw2lin(d, 4),
+            b'\x00\x00\x00\x00\x00\x00\x04\x01\x00\x00\x0c\x02')
 
     def test_mul(self):
         data2 = []
@@ -193,10 +201,15 @@
             self.assertRaises(audioop.error, audioop.lin2lin, data, size, size2)
             self.assertRaises(audioop.error, audioop.ratecv, data, size, 1, 1, 1, state)
             self.assertRaises(audioop.error, audioop.lin2ulaw, data, size)
+            self.assertRaises(audioop.error, audioop.lin2alaw, data, size)
+            self.assertRaises(audioop.error, audioop.lin2adpcm, data, size, state)
+
+    def test_wrongsize(self):
+        data = b'abc'
+        state = None
+        for size in (-1, 3, 5):
             self.assertRaises(audioop.error, audioop.ulaw2lin, data, size)
-            self.assertRaises(audioop.error, audioop.lin2alaw, data, size)
             self.assertRaises(audioop.error, audioop.alaw2lin, data, size)
-            self.assertRaises(audioop.error, audioop.lin2adpcm, data, size, state)
             self.assertRaises(audioop.error, audioop.adpcm2lin, data, size, state)
 
 def test_main():
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -90,6 +90,9 @@
 Library
 -------
 
+- Issue #13806: The size check in audioop decompression functions was too
+  strict and could reject valid compressed data.  Patch by Oleg Plakhotnyuk.
+
 - Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
   IV attack countermeasure.
 
diff --git a/Modules/audioop.c b/Modules/audioop.c
--- a/Modules/audioop.c
+++ b/Modules/audioop.c
@@ -1298,7 +1298,7 @@
                            &cp, &len, &size) )
         return 0;
 
-    if (!audioop_check_parameters(len, size))
+    if (!audioop_check_size(size))
         return NULL;
 
     if (len > INT_MAX/size) {
@@ -1367,7 +1367,7 @@
                            &cp, &len, &size) )
         return 0;
 
-    if (!audioop_check_parameters(len, size))
+    if (!audioop_check_size(size))
         return NULL;
 
     if (len > INT_MAX/size) {
@@ -1509,7 +1509,7 @@
                            &cp, &len, &size, &state) )
         return 0;
 
-    if (!audioop_check_parameters(len, size))
+    if (!audioop_check_size(size))
         return NULL;
 
     /* Decode state, should have (value, step) */

-- 
Repository URL: http://hg.python.org/cpython


More information about the Python-checkins mailing list