#! /bin/sh

# CVE-2017-15370
# The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2
# allows remote attackers to cause a denial of service
# (divide-by-zero error and application crash) via a crafted snd file
# during conversion to a wav file.

# 14.4.2:
# sox WARN wav: Premature EOF on .wav input file
# sox FAIL sox: Segmentation fault (core dumped)
# and exits 139

# Debian:
# sox WARN wav: Premature EOF on .wav input file"
# and exits 0

# 42b355:
# sox FAIL formats: can't open input file `02-heap-buffer-over.wav': format[IMA ADPCM]: samplesPerBlock(489) != blockAlign(1536)
# and exits 2

rm -f core out.snd

${sox:-sox} 02-heap-buffer-over.wav out.snd
status=$?

rm -f core out.snd

case $status in
0) status=255 ;;
2) status=0 ;;
esac

exit $status
