[OMPT-svn-commit] OpenMPT r20641 - trunk/OpenMPT/soundlib

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Author: sagamusix
Date: Sun Apr 21 21:11:24 2024
New Revision: 20641
URL: https://source.openmpt.org/browse/openmpt/?op=revision&rev=20641

Log:
[Mod] MO3: Further reduce maximum allowed music data (not samples) size from 2GB to 512MB.

Modified:
   trunk/OpenMPT/soundlib/Load_mo3.cpp

Modified: trunk/OpenMPT/soundlib/Load_mo3.cpp
==============================================================================

--- trunk/OpenMPT/soundlib/Load_mo3.cpp	Sun Apr 21 20:21:05 2024	(r20640)
+++ trunk/OpenMPT/soundlib/Load_mo3.cpp	Sun Apr 21 21:11:24 2024	(r20641)
@@ -805,7 +805,9 @@
 	{
 		return false;
 	}
-	if(containerHeader.musicSize <= sizeof(MO3FileHeader) || containerHeader.musicSize >= uint32_max / 2u)
+	// Due to the LZ algorithm's unbounded back window, we could reach gigantic sizes with just a few dozen bytes.
+	// 512 MB of music data (not samples) is chosen as a safeguard that is probably (hopefully) *way* beyond anything a real-world module will ever reach.
+	if(containerHeader.musicSize <= sizeof(MO3FileHeader) || containerHeader.musicSize >= 0x2000'0000)
 	{
 		return false;
 	}




[OMPT-svn-commit] OpenMPT r20641 - trunk/OpenMPT/soundlib

A music tracker software for Windows.

[OMPT-svn-commit] OpenMPT r20641 - trunk/OpenMPT/soundlib