#! /bin/sh

# CVE-2017-15371
# There is a reachable assertion abort in the function sox_append_comment()
# in formats.c in Sound eXchange (SoX) 14.4.2.
# A crafted input will lead to a denial of service attack
# during conversion of an audio file.
#
# https://bugzilla.redhat.com/show_bug.cgi?id=1500570

# 14.4.2:
# sox: formats.c:227: sox_append_comment: Assertion `comment' failed.
# Aborted (core dumped)
# and exits 134

# Debian:
# sox FAIL formats: can't open input file `03-abort': FLAC ERROR whilst decoding metadata
# and exits 2

# 42b355:
# sox FAIL formats: can't open input file `03-abort': FLAC ERROR whilst decoding metadata
# and exits 2

rm -f core

${sox:-sox} 03-abort out.wav
status=$?

rm -f core out.wav

case $status in
0) status=255;;
2) status=0;;
esac

exit $status
