Memory Safety: High
When parsing a DSF audio file, blocksize and channels are read as
uint32_t from untrusted file data and multiplied together for the
buffer allocation. A malicious file could set these to values whose
product overflows, resulting in a small allocation followed by
out-of-bounds writes when the buffer is filled.
Add overflow checking before the multiplication and validate that
neither value is zero. Also use calloc(channels, blocksize) instead
of calloc(1, blocksize * channels) to let calloc perform its own
internal overflow check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Now that the server asks for the right amount of samples for DSD, just
give it the right amount of samples without doing some weird scaling.
Make a method to calculate the size (stride) of one sample, which
depends on the interleave and channels of the stream.
See !2540
sndfile actually supports reading and writing from/to stdin/out with the -
filename, so allow that.
Add support for streaming in dsf, dff and midifile as well.
Add a -a option to pw-cat use a pipe with raw bytes, otherwise try to
use the parsers and sndfile to read/write from/to stdin/stdout.
You can then do things like:
sox 2L-053_04_stereo-DSD64.dff -t dsf - | pw-cat -pdv -
pw-cat 07.Joe.Satriani.Clouds.race.across.the.sky.wav | pw-cat -pv -
pw-cat -rmv --target=0 - | pw-mididump -
Fixes: #4204
