#! /bin/sh

# CVE-2017-15372
# There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i
# function of adpcm.c in Sound eXchange (SoX) 14.4.2.
# A Crafted input will lead to a denial of service attack
# during conversion of an audio file.
# Discovered by Liuzhu.
#
# https://bugzilla.redhat.com/show_bug.cgi?id=1500553

# 14.4.2:
# Segmentation fault (core dumped)
# and exits 139

# Debian:
# sox WARN wav: MSADPCM bpred >= nCoef, arbitrarily using 0
#
# sox WARN wav: Premature EOF on .wav input file
# and exits 0

# 42b355:
# sox FAIL formats: can't open input file `01-stack-overflow.wav': format[Microsoft ADPCM]: samplesPerBlock(500) != blockAlign(59395)
# and exits 2

rm -f core

${sox:-sox} 01-stack-overflow.wav out.snd
status=$?

rm -f core out.snd

case "$status" in
0) status=255;;
2) status=0;;
esac

exit $status
