Skip to content

Panic attempt to multiply with overflow in src/iff/wav/properties.rs #471

New issue
New issue
Closed
#476
Closed
Panic attempt to multiply with overflow in src/iff/wav/properties.rs#471
#476
Labels
bugSomething isn't working
Milestone
 
0.22.0
@qarmin

Description

@qarmin
qarmin
opened on Oct 21, 2024

Reproducer

I tried this code:

#![no_main]

use libfuzzer_sys::{fuzz_target, Corpus};
use lofty::file::AudioFile;
use lofty::file::{FileType, TaggedFileExt};
use lofty::probe::Probe;

const ALL_FILE_TYPES: &[FileType] = &[
    FileType::Aac,
    FileType::Aiff,
    FileType::Ape,
    FileType::Flac,
    FileType::Mpeg,
    FileType::Mp4,
    FileType::Mpc,
    FileType::Opus,
    FileType::Vorbis,
    FileType::Speex,
    FileType::Wav,
    FileType::WavPack,
];

fuzz_target!(|data: &[u8]| -> Corpus {
    let mut corpus = Corpus::Reject;
    for i in ALL_FILE_TYPES {
        let s = std::io::Cursor::new(data);
        let tagged_file = match Probe::with_file_type(s, *i).read() {
            Ok(t) => t,
            Err(_e) => {
                continue;
            }
        };
        corpus = Corpus::Keep;
        tagged_file.properties();
        tagged_file.tags();
        tagged_file.primary_tag();
    }

    corpus
});

Summary

thread 'main' panicked at /home/rafal/.cargo/git/checkouts/lofty-rs-f5e48f8219b271cf/4a2bcf5/lofty/src/iff/wav/properties.rs:212:26:
attempt to multiply with overflow
stack backtrace:
   0: rust_begin_unwind
             at /rustc/f6e511eec7342f59a25f7c0534f1dbea00d01b14/library/std/src/panicking.rs:662:5
   1: core::panicking::panic_fmt
             at /rustc/f6e511eec7342f59a25f7c0534f1dbea00d01b14/library/core/src/panicking.rs:74:14
   2: core::panicking::panic_const::panic_const_mul_overflow
             at /rustc/f6e511eec7342f59a25f7c0534f1dbea00d01b14/library/core/src/panicking.rs:181:21
   3: lofty::iff::wav::properties::read_properties
             at /home/rafal/.cargo/git/checkouts/lofty-rs-f5e48f8219b271cf/4a2bcf5/lofty/src/iff/wav/properties.rs:212:20
   4: lofty::iff::wav::read::read_from
             at /home/rafal/.cargo/git/checkouts/lofty-rs-f5e48f8219b271cf/4a2bcf5/lofty/src/iff/wav/read.rs:125:3
   5: <lofty::iff::wav::WavFile as lofty::file::audio_file::AudioFile>::read_from
             at /home/rafal/.cargo/git/checkouts/lofty-rs-f5e48f8219b271cf/4a2bcf5/lofty/src/iff/wav/mod.rs:16:10
   6: lofty::probe::Probe<R>::read
             at /home/rafal/.cargo/git/checkouts/lofty-rs-f5e48f8219b271cf/4a2bcf5/lofty/src/probe.rs:475:22
   7: lofty::check_file
             at /home/rafal/Projekty/Rust/run_command_for_every_file/src/crates/lofty/src/main.rs:42:33
   8: lofty::main
             at /home/rafal/Projekty/Rust/run_command_for_every_file/src/crates/lofty/src/main.rs:26:9
   9: core::ops::function::FnOnce::call_once
             at /rustc/f6e511eec7342f59a25f7c0534f1dbea00d01b14/library/core/src/ops/function.rs:250:5

Expected behavior

No response

Assets

aa.zip

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions