[Audacity-cvs] audacity-src/src/blockfile LegacyBlockFile.cpp, 1.8.6.2, 1.8.6.3 PCMAliasBlockFile.cpp, 1.4.2.1.4.3, 1.4.2.1.4.4 SimpleBlockFile.cpp, 1.8.2.2.2.2, 1.8.2.2.2.3

Sun, 17 Dec 2006 21:26:28 -0800 

Update of /cvsroot/audacity/audacity-src/src/blockfile
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv23164/blockfile

Modified Files:
      Tag: Audacity_UmixIt
        LegacyBlockFile.cpp PCMAliasBlockFile.cpp SimpleBlockFile.cpp 
Log Message:
tweaks to security vulnerabilities

Index: LegacyBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/LegacyBlockFile.cpp,v
retrieving revision 1.8.6.2
retrieving revision 1.8.6.3
diff -u -d -r1.8.6.2 -r1.8.6.3
--- LegacyBlockFile.cpp 17 Dec 2006 05:34:38 -0000      1.8.6.2
+++ LegacyBlockFile.cpp 18 Dec 2006 05:26:23 -0000      1.8.6.3
@@ -275,7 +275,11 @@
          if( !strcmp(attr, "norms") )
             noRMS = (bool)nValue;
          if( !strcmp(attr, "format") )
+         {
+            if ((nValue != int16Sample) && (nValue != int24Sample) && (nValue 
!= floatSample))
+               return NULL;
             format = (sampleFormat)nValue;
+         }
          if( !strcmp(attr, "summarylen") )
             summaryLen = nValue;
        }
@@ -283,7 +287,7 @@
 
    if (!XMLValueChecker::IsGoodFileName(fileName.GetFullName(), 
                                          fileName.GetPath(wxPATH_GET_VOLUME)) 
|| 
-         (summaryLen < 0) || (len < 0))
+         (len < 0) || (summaryLen < 0))
       return NULL;
 
    return new LegacyBlockFile(fileName, format, summaryLen, len, noRMS);

Index: SimpleBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/SimpleBlockFile.cpp,v
retrieving revision 1.8.2.2.2.2
retrieving revision 1.8.2.2.2.3
diff -u -d -r1.8.2.2.2.2 -r1.8.2.2.2.3
--- SimpleBlockFile.cpp 17 Dec 2006 05:34:38 -0000      1.8.2.2.2.2
+++ SimpleBlockFile.cpp 18 Dec 2006 05:26:23 -0000      1.8.2.2.2.3
@@ -279,7 +279,7 @@
 
    if (!XMLValueChecker::IsGoodFileName(fileName.GetFullName(), 
                                          fileName.GetPath(wxPATH_GET_VOLUME)) 
|| 
-         (len < 0) || (rms < 0))
+         (len < 0) || (rms < 0.0))
       return NULL;
 
    return new SimpleBlockFile(fileName, len, min, max, rms);

Index: PCMAliasBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/PCMAliasBlockFile.cpp,v
retrieving revision 1.4.2.1.4.3
retrieving revision 1.4.2.1.4.4
diff -u -d -r1.4.2.1.4.3 -r1.4.2.1.4.4
--- PCMAliasBlockFile.cpp       17 Dec 2006 05:34:38 -0000      1.4.2.1.4.3
+++ PCMAliasBlockFile.cpp       18 Dec 2006 05:26:23 -0000      1.4.2.1.4.4
@@ -178,7 +178,7 @@
                                          
summaryFileName.GetPath(wxPATH_GET_VOLUME)) || 
          !XMLValueChecker::IsGoodFileName(aliasFileName.GetFullName(), 
                                           
aliasFileName.GetPath(wxPATH_GET_VOLUME)) ||
-         (aliasStart < 0) || (aliasLen < 0) || (aliasChannel < 0) || 
(aliasChannel > 2) || (rms < 0))
+         (aliasStart < 0) || (aliasLen < 0) || (aliasChannel < 0) || 
(aliasChannel > 2) || (rms < 0.0))
       return NULL;
 
    return new PCMAliasBlockFile(summaryFileName, aliasFileName,


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/audacity-cvs

Reply via email to