Add 'nixpkgs/' from commit 'abf060725d7614bd3b9f96764262dfbc2f9c2199'

git-subtree-dir: nixpkgs
git-subtree-mainline: 4e31070265257dc67d120c27e0f75c2344fdfa9a
git-subtree-split: abf060725d7614bd3b9f96764262dfbc2f9c2199

3 files changed, 267 insertions, 0 deletions

diff --git a/nixpkgs/pkgs/development/libraries/audiofile/CVE-2015-7747.patch b/nixpkgs/pkgs/development/libraries/audiofile/CVE-2015-7747.patch
new file mode 100644
index 000000000000..a01aaa14dcee
--- /dev/null
+++ b/nixpkgs/pkgs/development/libraries/audiofile/CVE-2015-7747.patch
@@ -0,0 +1,161 @@
+Description: fix buffer overflow when changing both sample format and
+ number of channels
+Origin: backport, https://github.com/mpruett/audiofile/pull/25
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801102
+
+Index: audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp
+===================================================================
+--- audiofile-0.3.6.orig/libaudiofile/modules/ModuleState.cpp	2015-10-20 08:00:58.036128202 -0400
++++ audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp	2015-10-20 08:00:58.036128202 -0400
+@@ -402,7 +402,7 @@
+		addModule(new Transform(outfc, in.pcm, out.pcm));
+
+	if (in.channelCount != out.channelCount)
+-		addModule(new ApplyChannelMatrix(infc, isReading,
++		addModule(new ApplyChannelMatrix(outfc, isReading,
+			in.channelCount, out.channelCount,
+			in.pcm.minClip, in.pcm.maxClip,
+			track->channelMatrix));
+Index: audiofile-0.3.6/test/Makefile.am
+===================================================================
+--- audiofile-0.3.6.orig/test/Makefile.am	2015-10-20 08:00:58.036128202 -0400
++++ audiofile-0.3.6/test/Makefile.am	2015-10-20 08:00:58.036128202 -0400
+@@ -26,6 +26,7 @@
+	VirtualFile \
+	floatto24 \
+	query2 \
++	sixteen-stereo-to-eight-mono \
+	sixteen-to-eight \
+	testchannelmatrix \
+	testdouble \
+@@ -139,6 +140,7 @@
+ printmarkers_LDADD = $(LIBAUDIOFILE) -lm
+
+ sixteen_to_eight_SOURCES = sixteen-to-eight.c TestUtilities.cpp TestUtilities.h
++sixteen_stereo_to_eight_mono_SOURCES = sixteen-stereo-to-eight-mono.c TestUtilities.cpp TestUtilities.h
+
+ testchannelmatrix_SOURCES = testchannelmatrix.c TestUtilities.cpp TestUtilities.h
+
+Index: audiofile-0.3.6/test/sixteen-stereo-to-eight-mono.c
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ audiofile-0.3.6/test/sixteen-stereo-to-eight-mono.c	2015-10-20 08:33:57.512286416 -0400
+@@ -0,0 +1,117 @@
++/*
++	Audio File Library
++
++	Copyright 2000, Silicon Graphics, Inc.
++
++	This program is free software; you can redistribute it and/or modify
++	it under the terms of the GNU General Public License as published by
++	the Free Software Foundation; either version 2 of the License, or
++	(at your option) any later version.
++
++	This program is distributed in the hope that it will be useful,
++	but WITHOUT ANY WARRANTY; without even the implied warranty of
++	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++	GNU General Public License for more details.
++
++	You should have received a copy of the GNU General Public License along
++	with this program; if not, write to the Free Software Foundation, Inc.,
++	51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
++*/
++
++/*
++	sixteen-stereo-to-eight-mono.c
++
++	This program tests the conversion from 2-channel 16-bit integers to
++	1-channel 8-bit	integers.
++*/
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
++#include <stdint.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include <limits.h>
++
++#include <audiofile.h>
++
++#include "TestUtilities.h"
++
++int main (int argc, char **argv)
++{
++	AFfilehandle file;
++	AFfilesetup setup;
++	int16_t frames16[] = {14298, 392, 3923, -683, 958, -1921};
++	int8_t frames8[] = {28, 6, -2};
++	int i, frameCount = 3;
++	int8_t byte;
++	AFframecount result;
++
++	setup = afNewFileSetup();
++
++	afInitFileFormat(setup, AF_FILE_WAVE);
++
++	afInitSampleFormat(setup, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 16);
++	afInitChannels(setup, AF_DEFAULT_TRACK, 2);
++
++	char testFileName[PATH_MAX];
++	if (!createTemporaryFile("sixteen-to-eight", testFileName))
++	{
++		fprintf(stderr, "Could not create temporary file.\n");
++		exit(EXIT_FAILURE);
++	}
++
++	file = afOpenFile(testFileName, "w", setup);
++	if (file == AF_NULL_FILEHANDLE)
++	{
++		fprintf(stderr, "could not open file for writing\n");
++		exit(EXIT_FAILURE);
++	}
++
++	afFreeFileSetup(setup);
++
++	afWriteFrames(file, AF_DEFAULT_TRACK, frames16, frameCount);
++
++	afCloseFile(file);
++
++	file = afOpenFile(testFileName, "r", AF_NULL_FILESETUP);
++	if (file == AF_NULL_FILEHANDLE)
++	{
++		fprintf(stderr, "could not open file for reading\n");
++		exit(EXIT_FAILURE);
++	}
++
++	afSetVirtualSampleFormat(file, AF_DEFAULT_TRACK, AF_SAMPFMT_TWOSCOMP, 8);
++	afSetVirtualChannels(file, AF_DEFAULT_TRACK, 1);
++
++	for (i=0; i<frameCount; i++)
++	{
++		/* Read one frame. */
++		result = afReadFrames(file, AF_DEFAULT_TRACK, &byte, 1);
++
++		if (result != 1)
++			break;
++
++		/* Compare the byte read with its precalculated value. */
++		if (memcmp(&byte, &frames8[i], 1) != 0)
++		{
++			printf("error\n");
++			printf("expected %d, got %d\n", frames8[i], byte);
++			exit(EXIT_FAILURE);
++		}
++		else
++		{
++#ifdef DEBUG
++			printf("got what was expected: %d\n", byte);
++#endif
++		}
++	}
++
++	afCloseFile(file);
++	unlink(testFileName);
++
++	exit(EXIT_SUCCESS);
++}
diff --git a/nixpkgs/pkgs/development/libraries/audiofile/default.nix b/nixpkgs/pkgs/development/libraries/audiofile/default.nix
new file mode 100644
index 000000000000..1ed457aa5fe1
--- /dev/null
+++ b/nixpkgs/pkgs/development/libraries/audiofile/default.nix
@@ -0,0 +1,76 @@
+{ stdenv, fetchurl, fetchpatch, alsaLib, AudioUnit, CoreServices }:
+
+let
+
+  fetchDebianPatch = { name, debname, sha256 }:
+    fetchpatch {
+      inherit sha256 name;
+      url = "https://salsa.debian.org/multimedia-team/audiofile/raw/debian/0.3.6-4/debian/patches/${debname}";
+    };
+
+in
+
+stdenv.mkDerivation rec {
+  name = "audiofile-0.3.6";
+
+  buildInputs =
+    stdenv.lib.optionals stdenv.isLinux [
+      alsaLib
+    ] ++ stdenv.lib.optionals stdenv.isDarwin [
+      CoreServices AudioUnit
+    ];
+
+  src = fetchurl {
+    url = "https://audiofile.68k.org/${name}.tar.gz";
+    sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind";
+  };
+
+  patches = [
+    ./gcc-6.patch
+    ./CVE-2015-7747.patch
+
+    (fetchDebianPatch {
+      name = "CVE-2017-6829.patch";
+      debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch";
+      sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch";
+      debname = "05_Always-check-the-number-of-coefficients.patch";
+      sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6839.patch";
+      debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch";
+      sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch";
+      debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch";
+      sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l";
+    })
+    (fetchDebianPatch {
+      name = "audiofile-fix-multiplyCheckOverflow-signature.patch";
+      debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch";
+      sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6831.patch";
+      debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch";
+      sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6833.patch";
+      debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch";
+      sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7";
+    })
+  ];
+
+  meta = with stdenv.lib; {
+    description = "Library for reading and writing audio files in various formats";
+    homepage    = http://www.68k.org/~michael/audiofile/;
+    license     = licenses.lgpl21Plus;
+    maintainers = with maintainers; [ lovek323 ];
+    platforms   = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/development/libraries/audiofile/gcc-6.patch b/nixpkgs/pkgs/development/libraries/audiofile/gcc-6.patch
new file mode 100644
index 000000000000..1a7edd5af9a1
--- /dev/null
+++ b/nixpkgs/pkgs/development/libraries/audiofile/gcc-6.patch
@@ -0,0 +1,30 @@
+http://patchwork.ozlabs.org/patch/630200/
+
+From 28cfdbbcb96a69087c3d21faf69b5eae7bcf6d69 Mon Sep 17 00:00:00 2001
+From: Hodorgasm <nsane457@gmail.com>
+Date: Wed, 11 May 2016 21:42:07 -0400
+Subject: [PATCH] Cast to unsigned while left bit-shifting
+
+GCC-6 now treats the left bitwise-shift of a negative integer as nonconformant so explicitly cast to an unsigned int while bit-shifting.
+
+Downloaded from upstream PR:
+https://github.com/mpruett/audiofile/pull/28
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ libaudiofile/modules/SimpleModule.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libaudiofile/modules/SimpleModule.h b/libaudiofile/modules/SimpleModule.h
+index 03c6c69..4014fb2 100644
+--- a/libaudiofile/modules/SimpleModule.h
++++ b/libaudiofile/modules/SimpleModule.h
+@@ -123,7 +123,7 @@ struct signConverter
+ 	typedef typename IntTypes<Format>::UnsignedType UnsignedType;
+ 
+ 	static const int kScaleBits = (Format + 1) * CHAR_BIT - 1;
+-	static const int kMinSignedValue = -1 << kScaleBits;
++	static const int kMinSignedValue = static_cast<signed>(static_cast<unsigned>(-1) << kScaleBits);;
+ 
+ 	struct signedToUnsigned : public std::unary_function<SignedType, UnsignedType>
+ 	{