Author: sagamusix
Date: Sat May 11 22:11:21 2024
New Revision: 20762
URL: https://source.openmpt.org/browse/openmpt/?op=revision&rev=20762
Log:
Merged revision(s) 20693 from trunk/OpenMPT:
[Imp] XM: Reject files with impossible pattern header.
[Imp] XM: Speed up decoding early if pattern data cannot be read, ignore patterns > MAX_PATTERNS for decoding.
........
Modified:
branches/OpenMPT-1.30/ (props changed)
branches/OpenMPT-1.30/soundlib/Load_xm.cpp
Modified: branches/OpenMPT-1.30/soundlib/Load_xm.cpp
==============================================================================
--- branches/OpenMPT-1.30/soundlib/Load_xm.cpp Sat May 11 21:51:49 2024 (r20761)
+++ branches/OpenMPT-1.30/soundlib/Load_xm.cpp Sat May 11 22:11:21 2024 (r20762)
@@ -244,18 +244,16 @@
for(PATTERNINDEX pat = 0; pat < fileHeader.patterns; pat++)
{
FileReader::off_t curPos = file.GetPosition();
- uint32 headerSize = file.ReadUint32LE();
- file.Skip(1); // Pack method (= 0)
-
- ROWINDEX numRows = 64;
+ const uint32 headerSize = file.ReadUint32LE();
+ if(headerSize < 8 || !file.CanRead(headerSize - 4))
+ break;
+ file.Skip(1); // Pack method (= 0)
+ ROWINDEX numRows;
if(fileHeader.version == 0x0102)
- {
numRows = file.ReadUint8() + 1;
- } else
- {
+ else
numRows = file.ReadUint16LE();
- }
// A packed size of 0 indicates a completely empty pattern.
const uint16 packedSize = file.ReadUint16LE();
@@ -268,10 +266,8 @@
file.Seek(curPos + headerSize);
FileReader patternChunk = file.ReadChunk(packedSize);
- if(!sndFile.Patterns.Insert(pat, numRows) || packedSize == 0)
- {
+ if(pat >= MAX_PATTERNS || !sndFile.Patterns.Insert(pat, numRows) || packedSize == 0)
continue;
- }
enum PatternFlags
{
@@ -287,6 +283,9 @@
for(auto &m : sndFile.Patterns[pat])
{
+ if(!file.CanRead(1))
+ break;
+
uint8 info = patternChunk.ReadUint8();
uint8 vol = 0;
@@ -1217,7 +1216,7 @@
if(!p->IsEmpty())
emptyPattern = false;
- // Apparently, completely empty patterns are loaded as empty 64-row patterns in FT2, regardless of their original size.
+ // Completely empty patterns are loaded as empty 64-row patterns in FT2, regardless of their original size.
// We have to avoid this, so we add a "break to row 0" command in the last row.
if(j == 1 && emptyPattern && numRows != 64)
{
|
