Update of /cvsroot/audacity/audacity-src/src
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv23164
Modified Files:
Tag: Audacity_UmixIt
Branding.cpp Envelope.cpp LabelTrack.cpp Project.cpp
Sequence.cpp TimeTrack.cpp WaveTrack.cpp
Log Message:
tweaks to security vulnerabilities
Index: Envelope.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Envelope.cpp,v
retrieving revision 1.27.2.6.2.1
retrieving revision 1.27.2.6.2.2
diff -u -d -r1.27.2.6.2.1 -r1.27.2.6.2.2
--- Envelope.cpp 17 Dec 2006 05:34:38 -0000 1.27.2.6.2.1
+++ Envelope.cpp 18 Dec 2006 05:26:22 -0000 1.27.2.6.2.2
@@ -220,7 +220,7 @@
XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
numPoints = nValue;
}
- if (nValue < 0)
+ if (numPoints < 0)
return false;
WX_CLEAR_ARRAY(mEnv);
Index: Branding.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Attic/Branding.cpp,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -d -r1.1.2.3 -r1.1.2.4
--- Branding.cpp 17 Dec 2006 05:34:38 -0000 1.1.2.3
+++ Branding.cpp 18 Dec 2006 05:26:22 -0000 1.1.2.4
@@ -50,9 +50,10 @@
m_BrandLogoFileName.Normalize(wxPATH_NORM_ABSOLUTE |
wxPATH_NORM_LONG);
}
else
- // Don't return failure. We'll just not have a logo to show.
- wxMessageBox(wxString::Format(_("Could not open branding logo
file: %s"), value),
- _("Error"), wxOK | wxICON_ERROR);
+ {
+ wxLogWarning(wxT("Could not open branding logo file: %s"), value);
+ return false;
+ }
}
else if (!strcmp(attr, "colorscheme") &&
XMLValueChecker::IsGoodString(value))
m_strBrandColorScheme = value;
Index: LabelTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/LabelTrack.cpp,v
retrieving revision 1.21.2.7.2.1
retrieving revision 1.21.2.7.2.2
diff -u -d -r1.21.2.7.2.1 -r1.21.2.7.2.2
--- LabelTrack.cpp 17 Dec 2006 05:34:38 -0000 1.21.2.7.2.1
+++ LabelTrack.cpp 18 Dec 2006 05:26:23 -0000 1.21.2.7.2.2
@@ -11,6 +11,8 @@
#include <wx/brush.h>
#include <wx/dc.h>
#include <wx/event.h>
+#include <wx/log.h>
+#include <wx/msgdlg.h>
#include <wx/pen.h>
#include <wx/string.h>
#include <wx/textfile.h>
@@ -429,7 +431,13 @@
if (!strcmp(attr, "name") && XMLValueChecker::IsGoodString(strValue))
mName = strValue;
else if (!strcmp(attr, "numlabels") &&
- XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue)) {
+ XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ {
+ if (nValue < 0)
+ {
+ wxLogWarning(wxT("Project shows negative number of labels:
%d"), nValue);
+ return false;
+ }
mLabels.Clear();
mLabels.Alloc(nValue);
}
Index: Sequence.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Sequence.cpp,v
retrieving revision 1.21.4.5.2.3
retrieving revision 1.21.4.5.2.4
diff -u -d -r1.21.4.5.2.3 -r1.21.4.5.2.4
--- Sequence.cpp 17 Dec 2006 05:34:38 -0000 1.21.4.5.2.3
+++ Sequence.cpp 18 Dec 2006 05:26:23 -0000 1.21.4.5.2.4
@@ -134,7 +134,6 @@
SeqBlock *b = mBlock->Item(i);
BlockFile *oldBlock = b->f;
sampleCount len = b->f->GetLength();
- if (len > mMaxSamples) len = mMaxSamples; // Prevent overruns, per NGS
report for UmixIt.
if (!oldBlock->IsAlias()) {
BlockFile *newBlock;
@@ -538,7 +537,6 @@
SeqBlock *newBlock = new SeqBlock();
newBlock->start = mNumSamples;
- if (len > mMaxSamples) len = mMaxSamples; // Prevent overruns, per NGS
report for UmixIt.
newBlock->f =
mDirManager->NewAliasBlockFile(fullPath, start, len, channel);
@@ -591,10 +589,7 @@
result += mBlock->Item(b)->f->GetLength();
}
- // Prevent overruns in Release build, per NGS report for UmixIt.
- // wxASSERT(result > 0 && result <= mMaxSamples);
- if (result < 1) result = 1;
- else if (result > mMaxSamples) result = mMaxSamples;
+ wxASSERT(result > 0 && result <= mMaxSamples);
return result;
}
@@ -617,9 +612,9 @@
if (!value)
break;
- // All these attributes have integer values, so just test & convert
here.
+ // All these attributes have non-negative integer values, so just
test & convert here.
const wxString strValue = value;
- if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue))
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) || (nValue < 0))
{
mErrorOpening = true;
return false;
@@ -648,9 +643,9 @@
if (!value)
break;
- // All these attributes have integer values, so just test & convert
here.
+ // All these attributes have non-negative integer values, so just
test & convert here.
const wxString strValue = value;
- if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue))
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) || (nValue < 0))
{
mErrorOpening = true;
return false;
@@ -670,16 +665,16 @@
mDirManager->SetMaxSamples(mMaxSamples);
}
else if (!strcmp(attr, "sampleformat"))
- mSampleFormat = (sampleFormat)nValue;
- else if (!strcmp(attr, "numsamples"))
{
- if (nValue < 0)
+ if ((nValue != int16Sample) && (nValue != int24Sample) && (nValue
!= floatSample))
{
mErrorOpening = true;
return false;
}
- mNumSamples = nValue;
+ mSampleFormat = (sampleFormat)nValue;
}
+ else if (!strcmp(attr, "numsamples"))
+ mNumSamples = nValue;
} // while
return true;
@@ -775,18 +770,11 @@
int Sequence::FindBlock(sampleCount pos, sampleCount lo,
sampleCount guess, sampleCount hi) const
{
- // Prevent overruns in Release build, per NGS report for UmixIt.
- // wxASSERT(mBlock->Item(guess)->f->GetLength() > 0);
- sampleCount guessLen = mBlock->Item(guess)->f->GetLength();
- if ((guessLen < 1) || (guessLen > mMaxSamples))
- // Bad blockfile, so skip it.
- return FindBlock(pos, guess + 1, (guess + 1 + hi) / 2, hi); //vvvvv
Right way to skip it?
-
- //vvvvv Will the above cause this to fail, so need to catch in release
build?
+ wxASSERT(mBlock->Item(guess)->f->GetLength() > 0);
wxASSERT(lo <= guess && guess <= hi && lo <= hi);
if (pos >= mBlock->Item(guess)->start &&
- pos < mBlock->Item(guess)->start + guessLen)
+ pos < mBlock->Item(guess)->start + mBlock->Item(guess)->f->GetLength())
return guess;
if (pos < mBlock->Item(guess)->start)
@@ -809,16 +797,9 @@
int rval = FindBlock(pos, 0, numBlocks / 2, numBlocks);
- // Prevent overruns in Release build, per NGS report for UmixIt.
- // wxASSERT(rval >= 0 && rval < numBlocks &&
- // pos >= mBlock->Item(rval)->start &&
- // pos < mBlock->Item(rval)->start +
mBlock->Item(rval)->f->GetLength());
- if ((rval < 0) ||
- (pos < mBlock->Item(rval)->start) ||
- (pos >= mBlock->Item(rval)->start +
mBlock->Item(rval)->f->GetLength()))
- return 0;
- else if (rval >= numBlocks)
- return (numBlocks - 1);
+ wxASSERT(rval >= 0 && rval < numBlocks &&
+ pos >= mBlock->Item(rval)->start &&
+ pos < mBlock->Item(rval)->start +
mBlock->Item(rval)->f->GetLength());
return rval;
}
@@ -826,13 +807,9 @@
bool Sequence::Read(samplePtr buffer, sampleFormat format,
SeqBlock * b, sampleCount start, sampleCount len) const
{
- // Prevent overruns in Release build, per NGS report for UmixIt.
- // wxASSERT(b);
- // wxASSERT(start >= 0);
- // wxASSERT(start + len <= b->f->GetLength());
- if (!b || (start < 0) || (start + len > mMaxSamples) ||
- (start + len > b->f->GetLength()) || (b->f->GetLength() >
mMaxSamples))
- return false; //vvvvv ...Or treat it like the (result != len) case below?
+ wxASSERT(b);
+ wxASSERT(start >= 0);
+ wxASSERT(start + len <= b->f->GetLength());
BlockFile *f = b->f;
@@ -857,25 +834,19 @@
// we copy the old block entirely into memory, dereference it,
// make the change, and then write the new block to disk.
- // Check in Release build, too, per NGS report for UmixIt.
- // wxASSERT(b);
- // wxASSERT(b->f->GetLength() <= mMaxSamples);
- // wxASSERT(start + len <= b->f->GetLength());
- sampleCount blockLen;
- if (!b ||
- ((blockLen = b->f->GetLength()) > mMaxSamples) || // Prevent
overruns, per NGS report for UmixIt.
- (start + len > blockLen))
- return false;
+ wxASSERT(b);
+ wxASSERT(b->f->GetLength() <= mMaxSamples);
+ wxASSERT(start + len <= b->f->GetLength());
int sampleSize = SAMPLE_SIZE(mSampleFormat);
samplePtr newBuffer = NewSamples(mMaxSamples, mSampleFormat);
wxASSERT(newBuffer);
- Read(newBuffer, mSampleFormat, b, 0, blockLen);
+ Read(newBuffer, mSampleFormat, b, 0, b->f->GetLength());
memcpy(newBuffer + start*sampleSize, buffer, len*sampleSize);
BlockFile *oldBlockFile = b->f;
- b->f = mDirManager->NewSimpleBlockFile(newBuffer, blockLen, mSampleFormat);
+ b->f = mDirManager->NewSimpleBlockFile(newBuffer, b->f->GetLength(),
mSampleFormat);
mDirManager->Deref(oldBlockFile);
@@ -1150,7 +1121,7 @@
if (numBlocks == 0)
return max;
- lastBlockLen = mBlock->Item(numBlocks-1)->f->GetLength(); //vvvvv Need to
check for mMaxSamples for NGS report fixes?
+ lastBlockLen = mBlock->Item(numBlocks-1)->f->GetLength();
if (lastBlockLen == max)
return max;
else
Index: Project.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Project.cpp,v
retrieving revision 1.178.2.17.2.7
retrieving revision 1.178.2.17.2.8
diff -u -d -r1.178.2.17.2.7 -r1.178.2.17.2.8
--- Project.cpp 17 Dec 2006 05:34:38 -0000 1.178.2.17.2.7
+++ Project.cpp 18 Dec 2006 05:26:23 -0000 1.178.2.17.2.8
@@ -177,7 +177,7 @@
if (XMLValueChecker::IsGoodFileName(strPathName,
fileName.GetPath(wxPATH_GET_VOLUME))) {
strPathName = fileName.GetFullPath();
} else {
- wxMessageBox(_("Could not import file: ") + strPathName, _("Error"),
wxOK | wxICON_ERROR);
+ wxLogWarning(wxT("Could not import file: %s"), strPathName);
return false;
}
}
@@ -2000,7 +2000,7 @@
if (!strcmp(attr, "vpos"))
{
long longVpos;
- if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&longVpos))
+ if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&longVpos) && (longVpos >= 0))
mViewInfo.vpos = longVpos;
}
@@ -2010,7 +2010,8 @@
if (!strcmp(attr, "zoom") && Internat::CompatibleToDouble(strValue,
&dblValue))
mViewInfo.zoom = dblValue;
- if (!strcmp(attr, "rate") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ if (!strcmp(attr, "rate") && Internat::CompatibleToDouble(strValue,
&dblValue) &&
+ (dblValue >= 100.0) && (dblValue <= 100000.0)) // same bounds as
ImportRawDialog::OnOK
{
mRate = dblValue;
mStatus->SetRate(mRate);
Index: WaveTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/WaveTrack.cpp,v
retrieving revision 1.51.2.2.2.1
retrieving revision 1.51.2.2.2.2
diff -u -d -r1.51.2.2.2.1 -r1.51.2.2.2.2
--- WaveTrack.cpp 17 Dec 2006 05:34:38 -0000 1.51.2.2.2.1
+++ WaveTrack.cpp 18 Dec 2006 05:26:23 -0000 1.51.2.2.2.2
@@ -880,10 +880,13 @@
break;
const wxString strValue = value;
- if (!strcmp(attr, "rate") &&
- XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue) &&
- (dblValue >= 100.0) && (dblValue <= 100000.0)) // same bounds
as ImportRawDialog::OnOK
+ if (!strcmp(attr, "rate"))
+ {
+ if (!XMLValueChecker::IsGoodString(strValue) ||
!Internat::CompatibleToDouble(strValue, &dblValue) ||
+ (dblValue < 100.0) || (dblValue > 100000.0)) // same bounds
as ImportRawDialog::OnOK
+ return false;
mRate = dblValue;
+ }
else if (!strcmp(attr, "offset") &&
XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue))
{
@@ -899,10 +902,13 @@
mPan = dblValue;
else if (!strcmp(attr, "name") &&
XMLValueChecker::IsGoodString(strValue))
mName = strValue;
- else if (!strcmp(attr, "channel") &&
- XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue) &&
- (nValue >= LeftChannel) && (nValue <= MonoChannel))
+ else if (!strcmp(attr, "channel"))
+ {
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) ||
+ (nValue < LeftChannel) || (nValue > MonoChannel))
+ return false;
mChannel = nValue;
+ }
else if (!strcmp(attr, "linked") &&
XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
mLinked = (bool)nValue;
Index: TimeTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/TimeTrack.cpp,v
retrieving revision 1.8.2.1.4.1
retrieving revision 1.8.2.1.4.2
diff -u -d -r1.8.2.1.4.1 -r1.8.2.1.4.2
--- TimeTrack.cpp 17 Dec 2006 05:34:38 -0000 1.8.2.1.4.1
+++ TimeTrack.cpp 18 Dec 2006 05:26:23 -0000 1.8.2.1.4.2
@@ -106,16 +106,22 @@
break;
const wxString strValue = value;
- if (!strcmp(attr, "offset") &&
- XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue))
+ if (!strcmp(attr, "offset"))
{
+ if (!XMLValueChecker::IsGoodString(strValue) ||
!Internat::CompatibleToDouble(strValue, &dblValue))
+ return false;
mOffset = dblValue;
mEnvelope->SetOffset(mOffset);
}
else if (!strcmp(attr, "name") &&
XMLValueChecker::IsGoodString(strValue))
mName = strValue;
- else if (!strcmp(attr, "channel") &&
XMLValueChecker::IsGoodInt(strValue) && strValue.ToLong(&nValue))
+ else if (!strcmp(attr, "channel"))
+ {
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) ||
+ (nValue < LeftChannel) || (nValue > MonoChannel))
+ return false;
mChannel = nValue;
+ }
} // while
return true;
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/audacity-cvs
