[Audacity-cvs] audacity-src/src Sequence.cpp, 1.21.4.5.2.6, 1.21.4.5.2.7

Mon, 01 Jan 2007 18:25:00 -0800 

Update of /cvsroot/audacity/audacity-src/src
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv7019

Modified Files:
      Tag: Audacity_UmixIt
        Sequence.cpp 
Log Message:
security vulnerability fixes per NGS report for UmixIt

Index: Sequence.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Sequence.cpp,v
retrieving revision 1.21.4.5.2.6
retrieving revision 1.21.4.5.2.7
diff -u -d -r1.21.4.5.2.6 -r1.21.4.5.2.7
--- Sequence.cpp        30 Dec 2006 02:35:18 -0000      1.21.4.5.2.6
+++ Sequence.cpp        2 Jan 2007 02:24:56 -0000       1.21.4.5.2.7
@@ -339,6 +339,8 @@
       SeqBlock *largerBlock = new SeqBlock();
       largerBlock->start = mBlock->Item(b)->start;
       int largerBlockLen = mBlock->Item(b)->f->GetLength() + addedLen;
+      if (largerBlockLen > mMaxSamples) 
+         largerBlockLen = mMaxSamples; // Prevent overruns, per NGS report for 
UmixIt.
       largerBlock->f =
          mDirManager->NewSimpleBlockFile(buffer, largerBlockLen, 
mSampleFormat);
 
@@ -675,14 +677,14 @@
             mNumSamples = nValue;
       } // while
 
-      // Both mMaxSamples and mSampleFormat should have been set. 
-      // Check that mMaxSamples is right for mSampleFormat, using the 
calculations from the constructor.
-      if ((mMinSamples != sMaxDiskBlockSize / SAMPLE_SIZE(mSampleFormat) / 2) 
|| 
-            (mMaxSamples != mMinSamples * 2))
-      {
-         mErrorOpening = true;
-         return false;
-      }
+      //// Both mMaxSamples and mSampleFormat should have been set. 
+      //// Check that mMaxSamples is right for mSampleFormat, using the 
calculations from the constructor.
+      //if ((mMinSamples != sMaxDiskBlockSize / SAMPLE_SIZE(mSampleFormat) / 
2) || 
+      //      (mMaxSamples != mMinSamples * 2))
+      //{
+      //   mErrorOpening = true;
+      //   return false;
+      //}
 
       return true;
    }


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
Audacity-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/audacity-cvs

Reply via email to