[Audacity-cvs] audacity-src/src Sequence.cpp, 1.21.4.5.2.5, 1.21.4.5.2.6

Fri, 29 Dec 2006 18:35:24 -0800 

Update of /cvsroot/audacity/audacity-src/src
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv25347

Modified Files:
      Tag: Audacity_UmixIt
        Sequence.cpp 
Log Message:
security issues per NGS report

Index: Sequence.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Sequence.cpp,v
retrieving revision 1.21.4.5.2.5
retrieving revision 1.21.4.5.2.6
diff -u -d -r1.21.4.5.2.5 -r1.21.4.5.2.6
--- Sequence.cpp        20 Dec 2006 22:55:45 -0000      1.21.4.5.2.5
+++ Sequence.cpp        30 Dec 2006 02:35:18 -0000      1.21.4.5.2.6
@@ -339,8 +339,6 @@
       SeqBlock *largerBlock = new SeqBlock();
       largerBlock->start = mBlock->Item(b)->start;
       int largerBlockLen = mBlock->Item(b)->f->GetLength() + addedLen;
-      if (largerBlockLen > mMaxSamples) 
-         largerBlockLen = mMaxSamples; // Prevent overruns, per NGS report for 
UmixIt.
       largerBlock->f =
          mDirManager->NewSimpleBlockFile(buffer, largerBlockLen, 
mSampleFormat);
 
@@ -519,11 +517,11 @@
 
    sTrack->mNumSamples = pos;
 
-   Paste(s0, sTrack);
+   bool bResult = Paste(s0, sTrack);
 
    delete sTrack;
 
-   return ConsistencyCheck("InsertSilence");
+   return bResult && ConsistencyCheck("InsertSilence");
 }
 
 bool Sequence::AppendAlias(wxString fullPath,
@@ -677,6 +675,15 @@
             mNumSamples = nValue;
       } // while
 
+      // Both mMaxSamples and mSampleFormat should have been set. 
+      // Check that mMaxSamples is right for mSampleFormat, using the 
calculations from the constructor.
+      if ((mMinSamples != sMaxDiskBlockSize / SAMPLE_SIZE(mSampleFormat) / 2) 
|| 
+            (mMaxSamples != mMinSamples * 2))
+      {
+         mErrorOpening = true;
+         return false;
+      }
+
       return true;
    }
    


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/audacity-cvs

Reply via email to