Package: libsmf0 Version: 1.3-2+b4 Severity: normal Dear Maintainer,
The libsmf is affected by a set of bugs which expose the programs which use it to crashes, possibly even security issues. The problems are triggered when the library opens data in unexpected format. The data is not necessarily maliciously crafted in order to obtain a crash, it can also happen by feeding MIDI files which are not fully conformant to SMF specifications. I have patched the issues I have encountered, which range from memory errors to raised assertions. About the assertions, they may not cause the program to abort in case of a release build, but it could let the program behave unexpectedly in some ways. (such as exposing midi events of length 0) I have made a collection of commits, test cases and descriptions (described both in same chronological order). https://github.com/stump/libsmf/pull/7 The test cases should permit to reproduce the errors described, on a build of libsmf with -fsanitize=address enabled. This small program may be used to load the test files: https://git.io/fhXvu I submit this series of fixes to your examination. The project libsmf itself seems to have received no activity since year 2013. -- System Information: Architecture: amd64 (x86_64) Kernel: Linux 4.20.4-arch1-1-ARCH (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/bash Init: systemd (via /run/systemd/system)
