Menu
▾
▴
[OMPT-svn-commit] SF.net SVN: modplug:[255] trunk/OpenMPT
|
From: <rel...@us...> - 2009-05-01 14:12:37
|
Revision: 255
http://modplug.svn.sourceforge.net/modplug/?rev=255&view=rev
Author: relabsoluness
Date: 2009-05-01 14:12:28 +0000 (Fri, 01 May 2009)
Log Message:
-----------
. Fix to faulty portamento handling on loading AMF (patch copied from libmodplug).
. Various string null termination and other validations to load functions.
Modified Paths:
--------------
trunk/OpenMPT/mptrack/misc_util.h
trunk/OpenMPT/soundlib/Dlsbank.cpp
trunk/OpenMPT/soundlib/LOAD_AMF.CPP
trunk/OpenMPT/soundlib/Load_far.cpp
trunk/OpenMPT/soundlib/Load_it.cpp
trunk/OpenMPT/soundlib/Load_mdl.cpp
trunk/OpenMPT/soundlib/Load_med.cpp
trunk/OpenMPT/soundlib/Load_mt2.cpp
trunk/OpenMPT/soundlib/Load_ult.cpp
trunk/OpenMPT/soundlib/Sampleio.cpp
Modified: trunk/OpenMPT/mptrack/misc_util.h
===================================================================
--- trunk/OpenMPT/mptrack/misc_util.h 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/mptrack/misc_util.h 2009-05-01 14:12:28 UTC (rev 255)
@@ -38,5 +38,14 @@
*/
}
+// Sets last character to null in given char array.
+// Size of the array must be known at compile time.
+template <size_t size>
+inline void SetNullTerminator(char (&buffer)[size])
+{
+ STATIC_ASSERT(size > 0);
+ buffer[size-1] = 0;
+}
+
#endif
Modified: trunk/OpenMPT/soundlib/Dlsbank.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Dlsbank.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Dlsbank.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -1592,7 +1592,7 @@
if (pSndFile->m_nType & MOD_TYPE_XM) psmp->uFlags |= CHN_PANNING;
}
}
- if (pins->szName[0]) memcpy(pSndFile->m_szNames[nSample], pins->szName, 32);
+ if (pins->szName[0]) memcpy(pSndFile->m_szNames[nSample], pins->szName, 31);
bOk = TRUE;
}
FreeWaveForm(pWaveForm);
@@ -1672,6 +1672,7 @@
} else
{
memcpy(penv->name, pins->szName, 32);
+ SetNullTerminator(penv->name);
}
int nTranspose = 0;
for (UINT iNoteMap=0; iNoteMap<NOTE_MAX; iNoteMap++)
Modified: trunk/OpenMPT/soundlib/LOAD_AMF.CPP
===================================================================
--- trunk/OpenMPT/soundlib/LOAD_AMF.CPP 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/LOAD_AMF.CPP 2009-05-01 14:12:28 UTC (rev 255)
@@ -109,8 +109,10 @@
else param = (param&0x0F)<<4;
break;
// 0x04: Porta Up/Down
- case 0x04: if (param & 0x80) { command = CMD_PORTAMENTOUP; param = -(signed char)param; }
- else { command = CMD_PORTAMENTODOWN; } break;
+ //case 0x04: if (param & 0x80) { command = CMD_PORTAMENTOUP; param = -(signed char)param; }
+ // else { command = CMD_PORTAMENTODOWN; } break;
+ case 0x04: if (param & 0x80) { command = CMD_PORTAMENTOUP; param = (-(signed char)param)&0x7F; }
+ else { command = CMD_PORTAMENTODOWN; } break;
// 0x06: Tone Portamento
case 0x06: command = CMD_TONEPORTAMENTO; break;
// 0x07: Tremor
@@ -268,7 +270,7 @@
|| (!pfh->numsamples) || (pfh->numsamples > MAX_SAMPLES)
|| (pfh->numchannels < 4) || (pfh->numchannels > 32))
return FALSE;
- memcpy(m_szNames[0], pfh->title, 32);
+ memcpy(m_szNames[0], pfh->title, 31);
dwMemPos = sizeof(AMFFILEHEADER);
m_nType = MOD_TYPE_AMF;
m_nChannels = pfh->numchannels;
@@ -330,7 +332,7 @@
AMFSAMPLE *psh = (AMFSAMPLE *)(lpStream + dwMemPos);
dwMemPos += sizeof(AMFSAMPLE);
- memcpy(m_szNames[iIns+1], psh->samplename, 32);
+ memcpy(m_szNames[iIns+1], psh->samplename, 31);
memcpy(pins->name, psh->filename, 13);
pins->nLength = LittleEndian(psh->length);
pins->nC4Speed = LittleEndianW(psh->c2spd);
Modified: trunk/OpenMPT/soundlib/Load_far.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_far.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_far.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -67,7 +67,7 @@
FARHEADER1 farHeader;
memcpy(&farHeader, lpStream, sizeof(FARHEADER1));
FARHEADER1 *pmh1 = &farHeader;
- FARHEADER2 *pmh2;
+ FARHEADER2 *pmh2 = 0;
DWORD dwMemPos = sizeof(FARHEADER1);
UINT headerlen;
BYTE samplemap[8];
@@ -87,7 +87,7 @@
m_nDefaultTempo = 80;
m_nDefaultGlobalVolume = 256;
- memcpy(m_szNames[0], pmh1->songname, 32);
+ memcpy(m_szNames[0], pmh1->songname, 31);
// Channel Setting
for (UINT nchpan=0; nchpan<16; nchpan++)
{
@@ -124,7 +124,7 @@
if (dwMemPos >= dwMemLength) return TRUE;
// byteswap pattern data.
- for(uint16 psfix = 256; psfix--;)
+ for(uint16 psfix = 0; psfix < 256; psfix++)
{
pmh2->patsiz[psfix] = LittleEndianW( pmh2->patsiz[psfix] ) ;
}
@@ -249,7 +249,7 @@
const FARSAMPLE *pfs = reinterpret_cast<const FARSAMPLE*>(lpStream + dwMemPos);
dwMemPos += sizeof(FARSAMPLE);
m_nSamples = ismp + 1;
- memcpy(m_szNames[ismp+1], pfs->samplename, 32);
+ memcpy(m_szNames[ismp+1], pfs->samplename, 31);
const DWORD length = LittleEndian( pfs->length );
pins->nLength = length;
pins->nLoopStart = LittleEndian(pfs->reppos) ;
Modified: trunk/OpenMPT/soundlib/Load_it.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_it.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_it.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -600,6 +600,7 @@
// ChnSettings[i].szName
memcpy(&ChnSettings[i].szName[0],lpStream+streamPos,len);
+ SetNullTerminator(ChnSettings[i].szName);
streamPos += len;
}
@@ -647,6 +648,7 @@
for(i=0; i<m_nInstruments; i++){
ASSERT_CAN_READ(len);
memcpy(&m_szInstrumentPath[i][0],lpStream+streamPos,len);
+ SetNullTerminator(m_szInstrumentPath[i]);
streamPos += len;
}
@@ -1008,7 +1010,7 @@
if (m_nChannels < GetModSpecifications().channelsMin) m_nChannels = GetModSpecifications().channelsMin;
// Reading Song Message
- if ((pifh->special & 0x01) && (pifh->msglength) && (pifh->msgoffset + pifh->msglength < dwMemLength))
+ if ((pifh->special & 0x01) && (pifh->msglength) && (pifh->msglength <= dwMemLength) && (pifh->msgoffset < dwMemLength - pifh->msglength))
{
m_lpszSongComments = new char[pifh->msglength+1];
if (m_lpszSongComments)
@@ -1759,6 +1761,7 @@
memset(&itss, 0, sizeof(itss));
memcpy(itss.filename, psmp->name, 12);
memcpy(itss.name, m_szNames[nsmp], 26);
+ SetNullTerminator(itss.name);
itss.id = 0x53504D49;
itss.gvl = (BYTE)psmp->nGlobalVol;
@@ -2055,6 +2058,7 @@
memset(smpcount, 0, sizeof(smpcount));
memcpy(iti.filename, penv->filename, 12);
memcpy(iti.name, penv->name, 26);
+ SetNullTerminator(iti.name);
iti.mbank = penv->wMidiBank;
iti.mpr = penv->nMidiProgram;
iti.mch = penv->nMidiChannel;
@@ -2372,6 +2376,7 @@
memset(&itss, 0, sizeof(itss));
memcpy(itss.filename, psmp->name, 12);
memcpy(itss.name, m_szNames[nsmp], 26);
+ SetNullTerminator(itss.name);
itss.id = 0x53504D49;
itss.gvl = (BYTE)psmp->nGlobalVol;
if (m_nInstruments)
@@ -2681,6 +2686,7 @@
memset(smpcount, 0, sizeof(smpcount));
memcpy(iti.filename, penv->filename, 12);
memcpy(iti.name, penv->name, 26);
+ SetNullTerminator(iti.name);
iti.mbank = penv->wMidiBank;
iti.mpr = penv->nMidiProgram;
iti.mch = penv->nMidiChannel;
@@ -2988,6 +2994,7 @@
memset(&itss, 0, sizeof(itss));
memcpy(itss.filename, psmp->name, 12);
memcpy(itss.name, m_szNames[nsmp], 26);
+ SetNullTerminator(itss.name);
itss.id = 0x53504D49;
itss.gvl = (BYTE)psmp->nGlobalVol;
if (m_nInstruments)
Modified: trunk/OpenMPT/soundlib/Load_mdl.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_mdl.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_mdl.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -215,7 +215,7 @@
block = *((WORD *)(lpStream+dwMemPos));
blocklen = *((DWORD *)(lpStream+dwMemPos+2));
dwMemPos += 6;
- if (dwMemPos + blocklen > dwMemLength)
+ if (blocklen > dwMemLength - dwMemPos)
{
if (dwMemPos == 11) return FALSE;
break;
@@ -228,7 +228,7 @@
Log("infoblock: %d bytes\n", blocklen);
#endif
pmib = (MDLINFOBLOCK *)(lpStream+dwMemPos);
- memcpy(m_szNames[0], pmib->songname, 32);
+ memcpy(m_szNames[0], pmib->songname, 31);
norders = pmib->norders;
if (norders > MAX_ORDERS) norders = MAX_ORDERS;
m_nRestartPos = pmib->repeatpos;
@@ -328,6 +328,7 @@
INSTRUMENTHEADER *penv = Headers[nins];
memset(penv, 0, sizeof(INSTRUMENTHEADER));
memcpy(penv->name, lpStream+dwPos+2, 32);
+ SetNullTerminator(penv->name);
penv->nGlobalVol = 64;
penv->nPPC = 5*12;
SetDefaultInstrumentValues(penv);
@@ -411,7 +412,7 @@
if ((nins >= MAX_SAMPLES) || (!nins)) continue;
if (m_nSamples < nins) m_nSamples = nins;
MODINSTRUMENT *pins = &Ins[nins];
- memcpy(m_szNames[nins], lpStream+dwPos+1, 32);
+ memcpy(m_szNames[nins], lpStream+dwPos+1, 31);
memcpy(pins->name, lpStream+dwPos+33, 8);
const BYTE *p = lpStream+dwPos+41;
if (pmsh->version > 0)
Modified: trunk/OpenMPT/soundlib/Load_med.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_med.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_med.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -699,9 +699,11 @@
UINT annotxt = BigEndian(pmex->annotxt);
UINT annolen = BigEndian(pmex->annolen);
annolen = min(annolen, MED_MAX_COMMENT_LENGTH); //Thanks to Luigi Auriemma for pointing out an overflow risk
- if ((annotxt) && (annolen) && (annolen <= dwMemLength) && (annotxt <= dwMemLength - annolen) ) {
+ if ((annotxt) && (annolen) && (annolen <= dwMemLength) && (annotxt <= dwMemLength - annolen) )
+ {
m_lpszSongComments = new char[annolen+1];
- if (m_lpszSongComments) {
+ if (m_lpszSongComments)
+ {
memcpy(m_lpszSongComments, lpStream+annotxt, annolen);
m_lpszSongComments[annolen] = 0;
}
@@ -709,7 +711,7 @@
// Song Name
UINT songname = BigEndian(pmex->songname);
UINT songnamelen = BigEndian(pmex->songnamelen);
- if ((songname) && (songnamelen) && (songname+songnamelen <= dwMemLength))
+ if ((songname) && (songnamelen) && (songname <= dwMemLength) && (songnamelen <= dwMemLength-songname))
{
if (songnamelen > 31) songnamelen = 31;
memcpy(m_szNames[0], lpStream+songname, songnamelen);
@@ -722,14 +724,14 @@
UINT ientries = BigEndianW(pmex->i_ext_entries);
UINT ientrysz = BigEndianW(pmex->i_ext_entrsz);
- if ((iinfoptr) && (ientrysz < 256) && (iinfoptr + ientries*ientrysz < dwMemLength))
+ if ((iinfoptr) && (ientrysz < 256) && (ientries*ientrysz < dwMemLength) && (iinfoptr < dwMemLength - ientries*ientrysz))
{
LPCSTR psznames = (LPCSTR)(lpStream + iinfoptr);
UINT maxnamelen = ientrysz;
- if (maxnamelen > 32) maxnamelen = 32;
+ if (maxnamelen > 31) maxnamelen = 31;
for (UINT i=0; i<ientries; i++) if (i < m_nSamples)
{
- lstrcpyn(m_szNames[i+1], psznames + i*ientrysz, maxnamelen);
+ memcpy(m_szNames[i+1], psznames + i*ientrysz, maxnamelen);
}
}
}
@@ -742,7 +744,7 @@
{
DWORD trknameofs = 0, trknamelen = 0;
DWORD trktagofs = BigEndian(ptrktags[i]);
- if (trktagofs)
+ if (trktagofs && (trktagofs <= dwMemLength - 8) )
{
while (trktagofs+8 < dwMemLength)
{
@@ -757,9 +759,10 @@
trktagofs += 8;
}
if (trknamelen > MAX_CHANNELNAME) trknamelen = MAX_CHANNELNAME;
- if ((trknameofs) && (trknameofs + trknamelen < dwMemLength))
+ if ((trknameofs) && (trknameofs < dwMemLength - trknamelen))
{
- lstrcpyn(ChnSettings[i].szName, (LPCSTR)(lpStream+trknameofs), MAX_CHANNELNAME);
+ memcpy(ChnSettings[i].szName, (LPCSTR)(lpStream+trknameofs), MAX_CHANNELNAME);
+ SetNullTerminator(ChnSettings[i].szName);
}
}
}
Modified: trunk/OpenMPT/soundlib/Load_mt2.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_mt2.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_mt2.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -406,6 +406,7 @@
{
memset(penv, 0, sizeof(INSTRUMENTHEADER));
memcpy(penv->name, pmi->szName, 32);
+ SetNullTerminator(penv->name);
penv->nGlobalVol = 64;
penv->nPan = 128;
for (UINT i=0; i<NOTE_MAX; i++)
@@ -536,7 +537,7 @@
#endif
if (iSmp < MAX_SAMPLES)
{
- memcpy(m_szNames[iSmp], pms->szName, 32);
+ memcpy(m_szNames[iSmp], pms->szName, 31);
}
if (pms->dwDataLen > 0)
{
Modified: trunk/OpenMPT/soundlib/Load_ult.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Load_ult.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Load_ult.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -60,7 +60,7 @@
m_nType = MOD_TYPE_ULT;
m_nDefaultSpeed = 6;
m_nDefaultTempo = 125;
- memcpy(m_szNames[0], pmh->songtitle, 32);
+ memcpy(m_szNames[0], pmh->songtitle, 31);
// read songtext
dwMemPos = sizeof(ULTHEADER);
if ((pmh->reserved) && (dwMemPos + pmh->reserved * 32 < dwMemLength))
@@ -89,7 +89,7 @@
{
pus = (ULTSAMPLE *)(lpStream+dwMemPos);
MODINSTRUMENT *pins = &Ins[ins];
- memcpy(m_szNames[ins], pus->samplename, 32);
+ memcpy(m_szNames[ins], pus->samplename, 31);
memcpy(pins->name, pus->dosname, 12);
pins->nLoopStart = pus->loopstart;
pins->nLoopEnd = pus->loopend;
Modified: trunk/OpenMPT/soundlib/Sampleio.cpp
===================================================================
--- trunk/OpenMPT/soundlib/Sampleio.cpp 2009-04-04 20:15:12 UTC (rev 254)
+++ trunk/OpenMPT/soundlib/Sampleio.cpp 2009-05-01 14:12:28 UTC (rev 255)
@@ -524,7 +524,7 @@
if ((dwInfoList+d+8+len <= dwFileLength) && (len))
{
DWORD dwNameLen = len;
- if (dwNameLen > 32) dwNameLen = 32;
+ if (dwNameLen > 31) dwNameLen = 31;
memcpy(m_szNames[nSample], lpMemFile+dwInfoList+d+8, dwNameLen);
if (phdr->id_RIFF != 0x46464952)
{
@@ -560,12 +560,13 @@
LPSTR pszTextEx = (LPSTR)(pxh+1);
if (xtrabytes >= 32)
{
- memcpy(m_szNames[nSample], pszTextEx, 32);
+ memcpy(m_szNames[nSample], pszTextEx, 31);
pszTextEx += 32;
xtrabytes -= 32;
if (xtrabytes >= 22)
{
memcpy(pins->name, pszTextEx, 22);
+ SetNullTerminator(pins->name);
xtrabytes -= 22;
}
}
@@ -1875,6 +1876,7 @@
iti->id = 0x49504D49; // "IMPI"
memcpy(iti->filename, penv->filename, 12);
memcpy(iti->name, penv->name, 26);
+ SetNullTerminator(iti->name);
iti->mpr = penv->nMidiProgram;
iti->mch = penv->nMidiChannel;
iti->mbank = penv->wMidiBank; //rewbs.MidiBank
@@ -2125,7 +2127,7 @@
case IFFID_NAME:
{
UINT len = dwChunkLen;
- if (len > 32) len = 32;
+ if (len > 31) len = 31;
memset(m_szNames[nSample], 0, 32);
memcpy(m_szNames[nSample], pChunkData, len);
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
