#! /bin/sh

# CVE-2004-0557
# SoX buffer overflows when handling .WAV files
#
# https://seclists.org/fulldisclosure/2004/Jul/1227
# Versions 12.17.4, 12.17.3 and 12.17.2 are vulnerable
# Older versions including 12.17.1, 12.17 and 12.16 are not vulnerable.
# Result: Segmentation fault

# 12.17.3
# On a 32-bit Debian system, edit config-guess to do:
#	echo i686-linux-gnu
#	exit 0
# then you can configure and make it.
# sox=../../sox-12.17.3/sox sh run
# Segmentation fault (core dumped)

# 14.4.2, 42b355 and Debian
# Work and exit 0

rm -f core out.wav

${sox:-sox} buffy.wav out.wav
status=$?

rm -f core out.wav

exit $status
