From 1e52dff3276810c633a2ad5dd3b010ee97a6331a Mon Sep 17 00:00:00 2001 From: David Phillips Date: Mon, 5 Sep 2016 21:28:07 +1200 Subject: Remove free filename format due to vulnerability --- Makefile | 13 +------------ README.md | 6 +++--- cue-bin-split.c | 22 +++++++++++----------- test/001-basic.test/stderr.expected | 2 +- test/002-no-timestamp.test/run.sh | 2 +- test/003-run-to-eof.test/run.sh | 4 ++-- test/003-run-to-eof.test/stdout.expected | 2 +- test/004-multi-tracks.test/001-track.raw.expected | 1 + test/004-multi-tracks.test/002-track.raw.expected | 1 + test/004-multi-tracks.test/003-track.raw.expected | 1 + test/004-multi-tracks.test/004-track.raw.expected | 1 + test/004-multi-tracks.test/run.sh | 4 ++-- test/004-multi-tracks.test/stdout.expected | 8 ++++---- test/004-multi-tracks.test/track_1.raw.expected | 1 - test/004-multi-tracks.test/track_2.raw.expected | 1 - test/004-multi-tracks.test/track_3.raw.expected | 1 - test/004-multi-tracks.test/track_4.raw.expected | 1 - test/007-unreadable-infile.test/run.sh | 2 +- test/008-unwritable-outfile.test/run.sh | 8 ++++---- test/008-unwritable-outfile.test/stderr.expected | 1 - test/009-finish-before-start.test/run.sh | 4 ++-- test/009-finish-before-start.test/stderr.expected | 2 +- test/010-malformed-timestamp.test/run.sh | 2 +- test/011-filename-too-large.test/run.sh | 2 +- 24 files changed, 40 insertions(+), 52 deletions(-) create mode 100644 test/004-multi-tracks.test/001-track.raw.expected create mode 100644 test/004-multi-tracks.test/002-track.raw.expected create mode 100644 test/004-multi-tracks.test/003-track.raw.expected create mode 100644 test/004-multi-tracks.test/004-track.raw.expected delete mode 100644 test/004-multi-tracks.test/track_1.raw.expected delete mode 100644 test/004-multi-tracks.test/track_2.raw.expected delete mode 100644 test/004-multi-tracks.test/track_3.raw.expected delete mode 100644 test/004-multi-tracks.test/track_4.raw.expected delete mode 100644 test/008-unwritable-outfile.test/stderr.expected diff --git a/Makefile b/Makefile index f1cda51..47ad6ae 100644 --- a/Makefile +++ b/Makefile @@ -1,17 +1,6 @@ -OBJECTS = \ - cue-bin-split.o \ - -CFLAGS += -Wall -Werror - - all: cue-bin-split -cue-bin-split: $(OBJECTS) - $(CC) -o $@ $^ $(LDFLAGS) - -%.o: %.c %.h - $(CC) -c -o $@ $< $(CFLAGS) - +cue-bin-split: cue-bin-split.o test: all @./test/run-tests.sh diff --git a/README.md b/README.md index 9f5895e..d6e0c13 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ files named track_nnnn. -c channel_count -i input_file -s size of a single channel's sample (bytes) - -f name_format (%d and co are replaced with track number) + -n output file name (prepended with track number) ## Sample Usage @@ -30,9 +30,9 @@ were chopping up a 44100 Hz, two channel, 16 bit audio stream, grep "INDEX 01" audio.cue | \ sed -e 's/INDEX 01//g' | \ - cue-bin-split -i audio.bin -c 2 -r 44100 -s 2 -f track-%03d.raw + cue-bin-split -i audio.bin -c 2 -r 44100 -s 2 -f -track.raw -Would output each track named as `track-001.raw`, `track-002.raw` and so on. +Would output each track named as `001-track.raw`, `002-track.raw` and so on. You might then push them through ffmpeg, lame, and/or friends to get them to another audio format such as flac or mp3. diff --git a/cue-bin-split.c b/cue-bin-split.c index 8b0a5ae..89b4114 100644 --- a/cue-bin-split.c +++ b/cue-bin-split.c @@ -30,9 +30,9 @@ double get_sec() /* Constructs an output filename in the specified buffer based on the given format and track number * Main purpose is to catch buffer overflow with snprintf */ -int construct_out_name(char *buffer, size_t buffer_size, char* format, unsigned int track) +int construct_out_name(char *buffer, size_t buffer_size, char* name, unsigned int track) { - if (snprintf(buffer, buffer_size, format, track) >= buffer_size - 1) + if (snprintf(buffer, buffer_size, "%03d%s", track, name) >= buffer_size - 1) { fprintf(stderr, "Filename too large for buffer (max %zd)\n", buffer_size); return -1; @@ -52,15 +52,15 @@ void die_help() " -c channel_count\n" " -i input_file\n" " -s size of a single channel's sample (bytes)\n" - " -f name_format (%%d and co are replaced with track number)\n" + " -n output file name (prepended with track number)\n" ); exit(1); } -void args_collect(int *argc, char ***argv, int *rate, int *channels, int *sample_size, char **in_fname, char **format) +void args_collect(int *argc, char ***argv, int *rate, int *channels, int *sample_size, char **in_fname, char **name) { char opt = '\0'; - while ( ( opt = getopt(*argc, *argv, "r:c:i:s:f:") ) != -1 ) + while ( ( opt = getopt(*argc, *argv, "r:c:i:s:n:") ) != -1 ) { switch (opt) { @@ -68,7 +68,7 @@ void args_collect(int *argc, char ***argv, int *rate, int *channels, int *sample case 'c': *channels = atoi(optarg); break; case 's': *sample_size = atoi(optarg); break; case 'i': *in_fname = optarg; break; - case 'f': *format = optarg; break; + case 'n': *name = optarg; break; case '?': default: @@ -85,9 +85,9 @@ void args_collect(int *argc, char ***argv, int *rate, int *channels, int *sample } if (*in_fname == NULL || - *format == NULL) + *name == NULL) { - fprintf(stderr, "ERROR: Input filename and output name format must be present\n"); + fprintf(stderr, "ERROR: Input filename and output name must be present\n"); die_help(); } } @@ -99,7 +99,7 @@ int main(int argc, char **argv) FILE *fout = NULL; /* Command line options */ - char *format = NULL; + char *name = NULL; char *in_fname = NULL; int channels = 0; int rate = 0; @@ -118,7 +118,7 @@ int main(int argc, char **argv) unsigned long start_sample = 0; unsigned long finish_sample = 0; - args_collect(&argc, &argv, &rate, &channels, &sample_size, &in_fname, &format); + args_collect(&argc, &argv, &rate, &channels, &sample_size, &in_fname, &name); /* Open it up */ if ((fin = fopen(in_fname, "r")) == NULL) @@ -142,7 +142,7 @@ int main(int argc, char **argv) while ( finish_sample != ULONG_MAX ) { track++; - if (construct_out_name(out_fname, sizeof(out_fname), format, track) < 0) + if (construct_out_name(out_fname, sizeof(out_fname), name, track) < 0) { fclose(fin); return 1; diff --git a/test/001-basic.test/stderr.expected b/test/001-basic.test/stderr.expected index bdf19af..ca756eb 100644 --- a/test/001-basic.test/stderr.expected +++ b/test/001-basic.test/stderr.expected @@ -5,4 +5,4 @@ Options: -c channel_count -i input_file -s size of a single channel's sample (bytes) - -f name_format (%d and co are replaced with track number) + -n output file name (prepended with track number) diff --git a/test/002-no-timestamp.test/run.sh b/test/002-no-timestamp.test/run.sh index 37ac673..399eaee 100644 --- a/test/002-no-timestamp.test/run.sh +++ b/test/002-no-timestamp.test/run.sh @@ -1,6 +1,6 @@ #!/bin/sh -echo | ${EXECUTABLE} -r 44100 -c 1 -s 2 -i /dev/zero -f track_%d.raw +echo | ${EXECUTABLE} -r 44100 -c 1 -s 2 -i /dev/zero -n track.raw if [ $? -eq 0 ]; then exit 1 diff --git a/test/003-run-to-eof.test/run.sh b/test/003-run-to-eof.test/run.sh index 6fa2fd4..80cd3ab 100644 --- a/test/003-run-to-eof.test/run.sh +++ b/test/003-run-to-eof.test/run.sh @@ -3,6 +3,6 @@ # create large file dd if=/dev/urandom of=raw bs=1M count=1 -echo 0:0:0 | ${EXECUTABLE} -r 44100 -c 1 -s 2 -i raw -f track_%d.raw +echo 0:0:0 | ${EXECUTABLE} -r 44100 -c 1 -s 2 -i raw -n -track.raw -diff raw track_1.raw >/dev/null && rm raw track_1.raw +diff raw 001-track.raw >/dev/null && rm raw 001-track.raw diff --git a/test/003-run-to-eof.test/stdout.expected b/test/003-run-to-eof.test/stdout.expected index ae96076..612c42c 100644 --- a/test/003-run-to-eof.test/stdout.expected +++ b/test/003-run-to-eof.test/stdout.expected @@ -1 +1 @@ -track_1.raw starts 0.000000 s, finishes EOF +001-track.raw starts 0.000000 s, finishes EOF diff --git a/test/004-multi-tracks.test/001-track.raw.expected b/test/004-multi-tracks.test/001-track.raw.expected new file mode 100644 index 0000000..c227083 --- /dev/null +++ b/test/004-multi-tracks.test/001-track.raw.expected @@ -0,0 +1 @@ +0 \ No newline at end of file diff --git a/test/004-multi-tracks.test/002-track.raw.expected b/test/004-multi-tracks.test/002-track.raw.expected new file mode 100644 index 0000000..d800886 --- /dev/null +++ b/test/004-multi-tracks.test/002-track.raw.expected @@ -0,0 +1 @@ +123 \ No newline at end of file diff --git a/test/004-multi-tracks.test/003-track.raw.expected b/test/004-multi-tracks.test/003-track.raw.expected new file mode 100644 index 0000000..be01025 --- /dev/null +++ b/test/004-multi-tracks.test/003-track.raw.expected @@ -0,0 +1 @@ +456789 \ No newline at end of file diff --git a/test/004-multi-tracks.test/004-track.raw.expected b/test/004-multi-tracks.test/004-track.raw.expected new file mode 100644 index 0000000..72d007b --- /dev/null +++ b/test/004-multi-tracks.test/004-track.raw.expected @@ -0,0 +1 @@ +ABCDEFGHIJKLMNOPQRSTUVWXYZ diff --git a/test/004-multi-tracks.test/run.sh b/test/004-multi-tracks.test/run.sh index 7bb987c..ada523a 100644 --- a/test/004-multi-tracks.test/run.sh +++ b/test/004-multi-tracks.test/run.sh @@ -3,10 +3,10 @@ # create large file echo 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ > raw -echo -e '0:0:0\n0:1:0\n0:4:0\n0:10:0' | ${EXECUTABLE} -r 1 -c 1 -s 1 -i raw -f track_%d.raw +echo -e '0:0:0\n0:1:0\n0:4:0\n0:10:0' | ${EXECUTABLE} -r 1 -c 1 -s 1 -i raw -n -track.raw -for track in track_{1..4}.raw ; do +for track in {001..004}-track.raw ; do diff $track $track.expected >/dev/null if [ $? -eq 0 ] ; then rm $track diff --git a/test/004-multi-tracks.test/stdout.expected b/test/004-multi-tracks.test/stdout.expected index fc02f0b..4d4dc27 100644 --- a/test/004-multi-tracks.test/stdout.expected +++ b/test/004-multi-tracks.test/stdout.expected @@ -1,4 +1,4 @@ -track_1.raw starts 0.000000 s, finishes 1.000000 s -track_2.raw starts 1.000000 s, finishes 4.000000 s -track_3.raw starts 4.000000 s, finishes 10.000000 s -track_4.raw starts 10.000000 s, finishes EOF +001-track.raw starts 0.000000 s, finishes 1.000000 s +002-track.raw starts 1.000000 s, finishes 4.000000 s +003-track.raw starts 4.000000 s, finishes 10.000000 s +004-track.raw starts 10.000000 s, finishes EOF diff --git a/test/004-multi-tracks.test/track_1.raw.expected b/test/004-multi-tracks.test/track_1.raw.expected deleted file mode 100644 index c227083..0000000 --- a/test/004-multi-tracks.test/track_1.raw.expected +++ /dev/null @@ -1 +0,0 @@ -0 \ No newline at end of file diff --git a/test/004-multi-tracks.test/track_2.raw.expected b/test/004-multi-tracks.test/track_2.raw.expected deleted file mode 100644 index d800886..0000000 --- a/test/004-multi-tracks.test/track_2.raw.expected +++ /dev/null @@ -1 +0,0 @@ -123 \ No newline at end of file diff --git a/test/004-multi-tracks.test/track_3.raw.expected b/test/004-multi-tracks.test/track_3.raw.expected deleted file mode 100644 index be01025..0000000 --- a/test/004-multi-tracks.test/track_3.raw.expected +++ /dev/null @@ -1 +0,0 @@ -456789 \ No newline at end of file diff --git a/test/004-multi-tracks.test/track_4.raw.expected b/test/004-multi-tracks.test/track_4.raw.expected deleted file mode 100644 index 72d007b..0000000 --- a/test/004-multi-tracks.test/track_4.raw.expected +++ /dev/null @@ -1 +0,0 @@ -ABCDEFGHIJKLMNOPQRSTUVWXYZ diff --git a/test/007-unreadable-infile.test/run.sh b/test/007-unreadable-infile.test/run.sh index 0d8262d..e260961 100755 --- a/test/007-unreadable-infile.test/run.sh +++ b/test/007-unreadable-infile.test/run.sh @@ -3,7 +3,7 @@ touch foo.in chmod -r foo.in -${EXECUTABLE} -r 1 -c 1 -i foo.in -s 1 -f track%2d.raw +${EXECUTABLE} -r 1 -c 1 -i foo.in -s 1 -n -track.raw if [ $? -eq 0 ]; then exit 1 diff --git a/test/008-unwritable-outfile.test/run.sh b/test/008-unwritable-outfile.test/run.sh index c8f1b4c..60336ae 100755 --- a/test/008-unwritable-outfile.test/run.sh +++ b/test/008-unwritable-outfile.test/run.sh @@ -1,13 +1,13 @@ #!/bin/sh -touch track.raw -chmod -w track.raw +touch 001-track.raw +chmod -w 001-track.raw -echo -e '0:0:0\n1:0:0' | ${EXECUTABLE} -r 1 -c 1 -i /dev/null -s 1 -f track.raw +echo -e '0:0:0\n1:0:0' | ${EXECUTABLE} -r 1 -c 1 -i /dev/null -s 1 -n -track.raw if [ $? -eq 0 ]; then exit 1 else - rm -f track.raw + rm -f 001-track.raw exit 0 fi diff --git a/test/008-unwritable-outfile.test/stderr.expected b/test/008-unwritable-outfile.test/stderr.expected deleted file mode 100644 index 37328e8..0000000 --- a/test/008-unwritable-outfile.test/stderr.expected +++ /dev/null @@ -1 +0,0 @@ -Failed to open 'track.raw': fopen: Permission denied diff --git a/test/009-finish-before-start.test/run.sh b/test/009-finish-before-start.test/run.sh index bc7422c..156f5bf 100755 --- a/test/009-finish-before-start.test/run.sh +++ b/test/009-finish-before-start.test/run.sh @@ -2,11 +2,11 @@ dd if=/dev/urandom of=input.raw bs=1M count=1 2>/dev/null -echo -e '0:1:0\n0:0:0\n' | ${EXECUTABLE} -r 1 -c 1 -i input.raw -s 1 -f track.raw +echo -e '0:1:0\n0:0:0\n' | ${EXECUTABLE} -r 1 -c 1 -i input.raw -s 1 -n -track.raw retval=$? if [ $retval -eq 0 ]; then - rm -f {track,input}.raw + rm -f {001-track,input}.raw fi exit $retval diff --git a/test/009-finish-before-start.test/stderr.expected b/test/009-finish-before-start.test/stderr.expected index 55896ae..2547f51 100644 --- a/test/009-finish-before-start.test/stderr.expected +++ b/test/009-finish-before-start.test/stderr.expected @@ -1 +1 @@ -ERROR: Finish time can't be before start time, skipping track.raw +ERROR: Finish time can't be before start time, skipping 001-track.raw diff --git a/test/010-malformed-timestamp.test/run.sh b/test/010-malformed-timestamp.test/run.sh index e33ff75..069e955 100755 --- a/test/010-malformed-timestamp.test/run.sh +++ b/test/010-malformed-timestamp.test/run.sh @@ -1,6 +1,6 @@ #!/bin/sh -echo -e '0:a' | ${EXECUTABLE} -r 1 -c 1 -i /dev/zero -s 1 -f track.raw +echo -e '0:a' | ${EXECUTABLE} -r 1 -c 1 -i /dev/zero -s 1 -n -track.raw if [ $? -eq 0 ]; then exit 1 diff --git a/test/011-filename-too-large.test/run.sh b/test/011-filename-too-large.test/run.sh index f09779e..69471c8 100644 --- a/test/011-filename-too-large.test/run.sh +++ b/test/011-filename-too-large.test/run.sh @@ -2,7 +2,7 @@ dd if=/dev/zero of=in.raw bs=1K count=1 2>/dev/null -${EXECUTABLE} -r 1 -c 1 -s 1 -i in.raw -f aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ +${EXECUTABLE} -r 1 -c 1 -s 1 -i in.raw -n aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ -- cgit v1.1