sox_ng wiki - Fork-sox
Here is the correspondence between the sox.sf.net
tickets and sox_ng’s issues.
Legend
- Not required in `sox_ng`
Patch | Issue |
---|---|
129 a sane build system | #271 |
128 Division by zero at wav.c:967 |
Only affects 42b355 |
127 Division by zero at voc.c:334 |
#242 |
126 Global-buffer-overflow at adpcms.c:58 |
#262 |
125 Fix property_size = sizeof(name) |
#167 |
124 low-latency pulseaudio pipeline using –input-buffer | #185 |
123 configure.ac: fix static linking with id3tag | Only affects 42b355 |
122 configure.ac: put back –disable-protector | #254 |
121 Full RF64 support | #253 |
120 Initialize channel map for pulseaudio | #252 |
116 [PATCH] Adding FFTW support speeds up spectrogram by factor of ten | #109 |
108 Fix multi-channel LADSPA effects + draining for all LADSPA effects | #245 |
107 Win32 Progress Flush Fix | #244 |
106 Support for “DynAudNorm” Effect | #164 |
105 Win32 Unicode (UTF-8) support | #203 |
104 missing version number in sox –version output | #159 |
103 ignore SIGPIPE so stop callbacks may fire | #243 |
102 [PATCH] modified spectrogram hh:mm:ss in X-axis | #242 |
94 libmpg123 support for mp3 decoding | #150 |
93 flac (decoder): simplify EOF state and fix MD5 check | - |
89 Docs: libsox.3 update | - |
65 Enable SoX to be built as a Windows DLL | #251 |
41 MIDI Sample Dump Module | #157 |
35 Amiga Module support | #158 |
sox_ng
stems from sox-14.4.2
, not from a more recent sox.sf.net
commit,
because the first sox_ng
release (micro) concentrates on bug fixes and
Some of its commits have been applied: those which became Debian patches and others necessary for other patches to apply including:
Segmentation fault in rate.c:504:30
See bug 334 and issue #56.Clean up lsx_malloc and friends
See issue #57.and it would be worth scanning the 169 commits since 14.4.2 for bug fixes.
Bugs reported on sox.sf.net
since 14.4.2 need importing into the sox_ng
issue tracker.
Bug 321: Stack-Buffer-Overflow in fft4g.c is addressed by patch b7883ae, imported by Debian, but on the test case it makes sox loop for 6 seconds consuming gigabytes of memory and creates a 127MB audio file of random noise just over an hour long. See issue #18: CVE-2017–8356.
This is because the check against FFT4G_MAX_SIZE
makes the functions
in fft4g.c
return
instead of failing. The solution is to turn each
if (n > FFT4G_MAX_SIZE)
return;
into
if (n > FFT4G_MAX_SIZE) {
lsx_fail("FFT size is too large");
exit(2);
}
README
to the repositorySoX’s README
file is generated by README.sh
and is not included
in the repository. As a consequence, code browsed at sox.sf.net
shows at the bottom of the page README.osx
or README.win32
which are irrelevant.
It would be better to run README.sh
and add the generated README
to the repository. People editing README.sh
or FEATURES.in
will have to remember to update README
too and commit it,
unless this can be automated.
If sox.sf.net
maintainers wish to import patches from sox_ng
and make a sox-14.4.3
release, that is of course fine.
After all, it’s where everyone goes to get the latest sox
and where semiautomatic distros update from.