Update of /cvsroot/audacity/audacity-src/src
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv12696/src
Modified Files:
Tag: AUDACITY_1_2
DirManager.cpp DirManager.h Envelope.cpp LabelTrack.cpp
Menus.cpp Project.cpp Sequence.cpp Tags.cpp TimeTrack.cpp
WaveTrack.cpp
Log Message:
Backport NGS security fixes for UmixIt to AUDACITY_1_2,
plus a fix to reduce flickering when importing multiple files.
Index: Envelope.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Envelope.cpp,v
retrieving revision 1.27.2.6
retrieving revision 1.27.2.7
diff -u -d -r1.27.2.6 -r1.27.2.7
--- Envelope.cpp 6 Nov 2006 04:50:10 -0000 1.27.2.6
+++ Envelope.cpp 12 Jan 2007 00:27:41 -0000 1.27.2.7
@@ -208,13 +208,21 @@
{
if (!strcmp(tag, "envelope")) {
int numPoints = 0;
+ long nValue = -1;
while (*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
- if (!strcmp(attr, "numpoints"))
- numPoints = atoi(value);
+ if (!value)
+ break;
+ const wxString strValue = value;
+ if( !strcmp(attr, "numpoints") &&
+ XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ numPoints = nValue;
}
+ if (numPoints < 0)
+ return false;
+
WX_CLEAR_ARRAY(mEnv);
mEnv.Alloc(numPoints);
return true;
Index: LabelTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/LabelTrack.cpp,v
retrieving revision 1.21.2.7
retrieving revision 1.21.2.8
diff -u -d -r1.21.2.7 -r1.21.2.8
--- LabelTrack.cpp 6 Nov 2006 04:50:10 -0000 1.21.2.7
+++ LabelTrack.cpp 12 Jan 2007 00:27:41 -0000 1.21.2.8
@@ -11,6 +11,8 @@
#include <wx/brush.h>
#include <wx/dc.h>
#include <wx/event.h>
+#include <wx/log.h>
+#include <wx/msgdlg.h>
#include <wx/pen.h>
#include <wx/string.h>
#include <wx/textfile.h>
@@ -380,6 +382,7 @@
// loop through attrs, which is a null-terminated list of
// attribute-value pairs
bool has_t1 = false;
+ double dblValue;
while(*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
@@ -387,14 +390,22 @@
if (!value)
break;
- if (!strcmp(attr, "t"))
- Internat::CompatibleToDouble(wxString(value), &l->t);
- else if (!strcmp(attr, "t1")) {
+ const wxString strValue = value;
+ if (!XMLValueChecker::IsGoodString(strValue))
+ {
+ delete l;
+ return false;
+ }
+
+ if (!strcmp(attr, "t") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ l->t = dblValue;
+ else if (!strcmp(attr, "t1") &&
Internat::CompatibleToDouble(strValue, &dblValue))
+ {
has_t1 = true;
- Internat::CompatibleToDouble(wxString(value), &l->t1);
+ l->t1 = dblValue;
}
else if (!strcmp(attr, "title"))
- l->title = value;
+ l->title = strValue;
} // while
@@ -408,19 +419,27 @@
return true;
}
else if (!strcmp(tag, "labeltrack")) {
- if (*attrs) {
+ long nValue = -1;
+ while (*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
if (!value)
return true;
- if (!strcmp(attr, "name"))
- mName = value;
- else if (!strcmp(attr, "numlabels")) {
- int len = atoi(value);
+ const wxString strValue = value;
+ if (!strcmp(attr, "name") && XMLValueChecker::IsGoodString(strValue))
+ mName = strValue;
+ else if (!strcmp(attr, "numlabels") &&
+ XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ {
+ if (nValue < 0)
+ {
+ wxLogWarning(wxT("Project shows negative number of labels:
%d"), nValue);
+ return false;
+ }
mLabels.Clear();
- mLabels.Alloc(len);
+ mLabels.Alloc(nValue);
}
}
Index: Tags.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Tags.cpp,v
retrieving revision 1.20.2.4
retrieving revision 1.20.2.5
diff -u -d -r1.20.2.4 -r1.20.2.5
--- Tags.cpp 28 Jun 2004 04:18:47 -0000 1.20.2.4
+++ Tags.cpp 12 Jan 2007 00:27:42 -0000 1.20.2.5
@@ -113,6 +113,7 @@
// loop through attrs, which is a null-terminated list of
// attribute-value pairs
+ long nValue;
while(*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
@@ -120,22 +121,23 @@
if (!value)
break;
- if (!strcmp(attr, "title"))
- mTitle = value;
- else if (!strcmp(attr, "artist"))
- mArtist = value;
- else if (!strcmp(attr, "album"))
- mAlbum = value;
- else if (!strcmp(attr, "track"))
- mTrackNum = atoi(value);
- else if (!strcmp(attr, "year"))
- mYear = value;
- else if (!strcmp(attr, "genre"))
- mGenre = atoi(value);
- else if (!strcmp(attr, "comments"))
- mComments = value;
- else if (!strcmp(attr, "id3v2"))
- mID3V2 = atoi(value);
+ const wxString strValue = value;
+ if (!strcmp(attr, "title") && XMLValueChecker::IsGoodString(strValue))
+ mTitle = strValue;
+ else if (!strcmp(attr, "artist") &&
XMLValueChecker::IsGoodString(strValue))
+ mArtist = strValue;
+ else if (!strcmp(attr, "album") &&
XMLValueChecker::IsGoodString(strValue))
+ mAlbum = strValue;
+ else if (!strcmp(attr, "track") && XMLValueChecker::IsGoodInt(strValue)
&& strValue.ToLong(&nValue))
+ mTrackNum = nValue;
+ else if (!strcmp(attr, "year") &&
XMLValueChecker::IsGoodString(strValue))
+ mYear = strValue;
+ else if (!strcmp(attr, "genre") && XMLValueChecker::IsGoodInt(strValue)
&& strValue.ToLong(&nValue))
+ mGenre = nValue;
+ else if (!strcmp(attr, "comments") &&
XMLValueChecker::IsGoodString(strValue))
+ mComments = strValue;
+ else if (!strcmp(attr, "id3v2") && XMLValueChecker::IsGoodInt(strValue)
&& strValue.ToLong(&nValue))
+ mID3V2 = (nValue != 0);
} // while
return true;
Index: DirManager.h
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/DirManager.h,v
retrieving revision 1.17.2.3
retrieving revision 1.17.2.4
diff -u -d -r1.17.2.3 -r1.17.2.4
--- DirManager.h 25 Jul 2004 18:46:06 -0000 1.17.2.3
+++ DirManager.h 12 Jan 2007 00:27:40 -0000 1.17.2.4
@@ -60,6 +60,7 @@
// but it doesn't already exist, SetProject fails and returns false.
bool SetProject(wxString & projPath, wxString & projName, bool create);
+ wxString GetProjectDataDir();
wxString GetProjectName();
wxLongLong GetFreeDiskSpace();
@@ -96,6 +97,7 @@
void SetLoadingTarget(BlockFile **target) { mLoadingTarget = target; }
void SetLoadingFormat(sampleFormat format) { mLoadingFormat = format; }
void SetLoadingBlockLength(sampleCount len) { mLoadingBlockLen = len; }
+ void SetMaxSamples(sampleCount max) { mMaxSamples = max; }
bool HandleXMLTag(const char *tag, const char **attrs);
XMLTagHandler *HandleXMLChild(const char *tag) { return NULL; }
void WriteXML(int depth, FILE *fp) { }
@@ -134,6 +136,8 @@
sampleFormat mLoadingFormat;
sampleCount mLoadingBlockLen;
+ sampleCount mMaxSamples;
+
static wxString temp;
static int numDirManagers;
Index: Menus.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Menus.cpp,v
retrieving revision 1.151.2.26
retrieving revision 1.151.2.27
diff -u -d -r1.151.2.26 -r1.151.2.27
--- Menus.cpp 21 Oct 2005 22:31:09 -0000 1.151.2.26
+++ Menus.cpp 12 Jan 2007 00:27:41 -0000 1.151.2.27
@@ -2618,6 +2618,7 @@
Import(fileName);
}
+ HandleResize(); // Adjust scrollers for new track sizes.
}
void AudacityProject::OnImportLabels()
@@ -2741,6 +2742,7 @@
return;
AddImportedTracks(fileName, newTracks, numTracks);
+ HandleResize(); // Adjust scrollers for new track sizes.
}
void AudacityProject::OnEditID3()
Index: DirManager.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/DirManager.cpp,v
retrieving revision 1.35.2.5
retrieving revision 1.35.2.6
diff -u -d -r1.35.2.5 -r1.35.2.6
--- DirManager.cpp 25 Jul 2004 18:46:06 -0000 1.35.2.5
+++ DirManager.cpp 12 Jan 2007 00:27:40 -0000 1.35.2.6
@@ -66,6 +66,7 @@
projName = "";
mLoadingTarget = NULL;
+ mMaxSamples = -1;
hashTableSize = defaultHashTableSize;
blockFileHash = new wxHashTable(wxKEY_STRING, hashTableSize);
@@ -250,6 +251,11 @@
return true;
}
+wxString DirManager::GetProjectDataDir()
+{
+ return projFull;
+}
+
wxString DirManager::GetProjectName()
{
return projName;
@@ -355,17 +361,18 @@
if( mLoadingTarget == NULL )
return false;
+ BlockFile* pBlockFile = NULL;
+
if( !wxStricmp(tag, "silentblockfile") ) {
// Silent blocks don't actually have a file associated, so
// we don't need to worry about the hash table at all
*mLoadingTarget = SilentBlockFile::BuildFromXML(projFull, attrs);
return true;
}
-
else if ( !wxStricmp(tag, "simpleblockfile") )
- *mLoadingTarget = SimpleBlockFile::BuildFromXML(projFull, attrs);
+ pBlockFile = SimpleBlockFile::BuildFromXML(projFull, attrs);
else if( !wxStricmp(tag, "pcmaliasblockfile") )
- *mLoadingTarget = PCMAliasBlockFile::BuildFromXML(projFull, attrs);
+ pBlockFile = PCMAliasBlockFile::BuildFromXML(projFull, attrs);
else if( !wxStricmp(tag, "blockfile") ||
!wxStricmp(tag, "legacyblockfile") ) {
// Support Audacity version 1.1.1 project files
@@ -384,15 +391,26 @@
}
if (alias)
- *mLoadingTarget = LegacyAliasBlockFile::BuildFromXML(projFull, attrs);
+ pBlockFile = LegacyAliasBlockFile::BuildFromXML(projFull, attrs);
else
- *mLoadingTarget = LegacyBlockFile::BuildFromXML(projFull, attrs,
+ pBlockFile = LegacyBlockFile::BuildFromXML(projFull, attrs,
mLoadingBlockLen,
mLoadingFormat);
}
else
return false;
+ if ((pBlockFile == NULL) ||
+ // Check the length here so we don't have to do it in each
BuildFromXML method.
+ ((mMaxSamples > -1) && // is initialized
+ (pBlockFile->GetLength() > mMaxSamples)))
+ {
+ delete pBlockFile;
+ return false;
+ }
+ else
+ *mLoadingTarget = pBlockFile;
+
//
// If the block we loaded is already in the hash table, then the
// object we just loaded is a duplicate, so we delete it and
Index: Sequence.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Sequence.cpp,v
retrieving revision 1.21.4.5
retrieving revision 1.21.4.6
diff -u -d -r1.21.4.5 -r1.21.4.6
--- Sequence.cpp 14 Nov 2004 12:01:27 -0000 1.21.4.5
+++ Sequence.cpp 12 Jan 2007 00:27:42 -0000 1.21.4.6
@@ -16,6 +16,7 @@
#include <wx/dynarray.h>
#include <wx/intl.h>
#include <wx/ffile.h>
+#include <wx/log.h>
#include "Sequence.h"
@@ -338,6 +339,8 @@
SeqBlock *largerBlock = new SeqBlock();
largerBlock->start = mBlock->Item(b)->start;
int largerBlockLen = mBlock->Item(b)->f->GetLength() + addedLen;
+ if (largerBlockLen > mMaxSamples)
+ largerBlockLen = mMaxSamples; // Prevent overruns, per NGS report for
UmixIt.
largerBlock->f =
mDirManager->NewSimpleBlockFile(buffer, largerBlockLen,
mSampleFormat);
@@ -516,11 +519,11 @@
sTrack->mNumSamples = pos;
- Paste(s0, sTrack);
+ bool bResult = Paste(s0, sTrack);
delete sTrack;
- return ConsistencyCheck("InsertSilence");
+ return bResult && ConsistencyCheck("InsertSilence");
}
bool Sequence::AppendAlias(wxString fullPath,
@@ -593,6 +596,8 @@
bool Sequence::HandleXMLTag(const char *tag, const char **attrs)
{
+ long nValue;
+
if (!strcmp(tag, "waveblock")) {
SeqBlock *wb = new SeqBlock();
wb->f = 0;
@@ -607,12 +612,20 @@
if (!value)
break;
+ // All these attributes have non-negative integer values, so just
test & convert here.
+ const wxString strValue = value;
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) || (nValue < 0))
+ {
+ mErrorOpening = true;
+ return false;
+ }
+
if (!strcmp(attr, "start"))
- wb->start = atoi(value);
+ wb->start = nValue;
// Handle length tag from legacy project file
if (!strcmp(attr, "len"))
- mDirManager->SetLoadingBlockLength(atoi(value));
+ mDirManager->SetLoadingBlockLength(nValue);
} // while
@@ -630,14 +643,49 @@
if (!value)
break;
+ // All these attributes have non-negative integer values, so just
test & convert here.
+ const wxString strValue = value;
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) || (nValue < 0))
+ {
+ mErrorOpening = true;
+ return false;
+ }
+
if (!strcmp(attr, "maxsamples"))
- mMaxSamples = atoi(value);
+ {
+ // Dominic, 12/10/2006:
+ // Let's check that maxsamples is >= 1024
and <= 64 * 1024 * 1024
+ // - that's a pretty wide range of reasonable
values.
+ if ((nValue < 1024) || (nValue > 64 * 1024 * 1024))
+ {
+ mErrorOpening = true;
+ return false;
+ }
+ mMaxSamples = nValue;
+ mDirManager->SetMaxSamples(mMaxSamples);
+ }
else if (!strcmp(attr, "sampleformat"))
- mSampleFormat = (sampleFormat)atoi(value);
+ {
+ if (!XMLValueChecker::IsValidSampleFormat(nValue))
+ {
+ mErrorOpening = true;
+ return false;
+ }
+ mSampleFormat = (sampleFormat)nValue;
+ }
else if (!strcmp(attr, "numsamples"))
- mNumSamples = atoi(value);
+ mNumSamples = nValue;
} // while
+ //// Both mMaxSamples and mSampleFormat should have been set.
+ //// Check that mMaxSamples is right for mSampleFormat, using the
calculations from the constructor.
+ //if ((mMinSamples != sMaxDiskBlockSize / SAMPLE_SIZE(mSampleFormat) /
2) ||
+ // (mMaxSamples != mMinSamples * 2))
+ //{
+ // mErrorOpening = true;
+ // return false;
+ //}
+
return true;
}
@@ -661,6 +709,8 @@
else
len = mNumSamples - mBlock->Item(b)->start;
+ if (len > mMaxSamples) // This could be why the blockfile failed.
+ len = mMaxSamples;
mBlock->Item(b)->f = new SilentBlockFile(len);
mErrorOpening = true;
}
@@ -671,12 +721,14 @@
for (b = 0; b < mBlock->Count(); b++) {
if (mBlock->Item(b)->start != numSamples) {
mBlock->Item(b)->start = numSamples;
+ wxLogWarning(wxT("Gap detected in project file\n"));
mErrorOpening = true;
}
numSamples += mBlock->Item(b)->f->GetLength();
}
if (mNumSamples != numSamples) {
mNumSamples = numSamples;
+ wxLogWarning(wxT("Gap detected in project file\n"));
mErrorOpening = true;
}
}
@@ -776,7 +828,7 @@
if (result != len) {
// TODO err
- printf(_("Expected to read %d samples, got %d samples.\n"),
+ wxPrintf(_("Expected to read %d samples, got %d samples.\n"),
len, result);
if (result < 0)
result = 0;
@@ -1415,10 +1467,14 @@
int pos = 0;
unsigned int numBlocks = mBlock->Count();
bool error = false;
+ int len;
for (i = 0; i < numBlocks; i++) {
if (pos != mBlock->Item(i)->start)
error = true;
+ len = mBlock->Item(i)->f->GetLength();
+ if (len > mMaxSamples) // Check for overrun, per NGS report for UmixIt.
+ error = true;
pos += mBlock->Item(i)->f->GetLength();
}
if (pos != mNumSamples)
Index: Project.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/Project.cpp,v
retrieving revision 1.178.2.17
retrieving revision 1.178.2.18
diff -u -d -r1.178.2.17 -r1.178.2.18
--- Project.cpp 23 Mar 2006 16:40:59 -0000 1.178.2.17
+++ Project.cpp 12 Jan 2007 00:27:41 -0000 1.178.2.18
@@ -157,6 +157,7 @@
{
for (int i = 0; i < filenames.GetCount(); i++)
mProject->Import(filenames[i]);
+ mProject->HandleResize(); // Adjust scrollers for new track sizes.
return true;
}
@@ -1912,6 +1913,7 @@
int requiredTags = 0;
wxString fileVersion = "";
wxString audacityVersion = "";
+ double dblValue;
// loop through attrs, which is a null-terminated list of
// attribute-value pairs
@@ -1922,21 +1924,26 @@
if (!value)
break;
+ const wxString strValue = value;
+ if (!XMLValueChecker::IsGoodString(strValue))
+ return false;
+
if (!strcmp(attr, "version")) {
- fileVersion = value;
+ fileVersion = strValue;
requiredTags++;
}
if (!strcmp(attr, "audacityversion")) {
- audacityVersion = value;
+ audacityVersion = strValue;
requiredTags++;
}
if (!strcmp(attr, "projname")) {
- wxString projName = value;
+ wxString projName = strValue;
wxString projPath = wxPathOnly(mFileName);
- if (!mDirManager->SetProject(projPath, projName, false)) {
+ if (!XMLValueChecker::IsGoodSubdirName(projName, projPath) ||
+ !mDirManager->SetProject(projPath, projName, false)) {
wxMessageBox(wxString::Format(_("Couldn't find the project data
folder: \"%s\""),
(const char *)projName),
@@ -1949,25 +1956,29 @@
requiredTags++;
}
- if (!strcmp(attr, "sel0"))
- Internat::CompatibleToDouble(wxString(value), &mViewInfo.sel0);
+ if (!strcmp(attr, "sel0") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ mViewInfo.sel0 = dblValue;
- if (!strcmp(attr, "sel1"))
- Internat::CompatibleToDouble(wxString(value), &mViewInfo.sel1);
+ if (!strcmp(attr, "sel1") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ mViewInfo.sel1 = dblValue;
- long longVpos;
if (!strcmp(attr, "vpos"))
- wxString(value).ToLong(&longVpos);
- mViewInfo.vpos = longVpos;
+ {
+ long longVpos;
+ if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&longVpos) && (longVpos >= 0))
+ mViewInfo.vpos = longVpos;
+ }
- if (!strcmp(attr, "h"))
- Internat::CompatibleToDouble(wxString(value), &mViewInfo.h);
+ if (!strcmp(attr, "h") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ mViewInfo.h = dblValue;
- if (!strcmp(attr, "zoom"))
- Internat::CompatibleToDouble(wxString(value), &mViewInfo.zoom);
+ if (!strcmp(attr, "zoom") && Internat::CompatibleToDouble(strValue,
&dblValue))
+ mViewInfo.zoom = dblValue;
- if (!strcmp(attr, "rate")) {
- Internat::CompatibleToDouble(wxString(value), &mRate);
+ if (!strcmp(attr, "rate") && Internat::CompatibleToDouble(strValue,
&dblValue) &&
+ (dblValue >= 100.0) && (dblValue <= 100000.0)) // same bounds as
ImportRawDialog::OnOK
+ {
+ mRate = dblValue;
mStatus->SetRate(mRate);
}
} // while
@@ -2292,7 +2303,8 @@
SetTitle(GetName());
}
- HandleResize();
+ // Moved this call to higher levels to prevent horrible flicker redrawing
everything on each file.
+ // HandleResize();
}
void AudacityProject::Import(wxString fileName)
Index: WaveTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/WaveTrack.cpp,v
retrieving revision 1.51.2.2
retrieving revision 1.51.2.3
diff -u -d -r1.51.2.2 -r1.51.2.3
--- WaveTrack.cpp 14 Nov 2004 11:59:03 -0000 1.51.2.2
+++ WaveTrack.cpp 12 Jan 2007 00:27:42 -0000 1.51.2.3
@@ -870,6 +870,8 @@
bool WaveTrack::HandleXMLTag(const char *tag, const char **attrs)
{
if (!strcmp(tag, "wavetrack")) {
+ double dblValue;
+ long nValue;
while(*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
@@ -877,29 +879,43 @@
if (!value)
break;
+ const wxString strValue = value;
if (!strcmp(attr, "rate"))
- Internat::CompatibleToDouble(wxString(value), &mRate);
- else if (!strcmp(attr, "offset")) {
- Internat::CompatibleToDouble(wxString(value), &mOffset);
- mEnvelope->SetOffset(mOffset);
- }
- else if (!strcmp(attr, "gain")) {
- double d;
- Internat::CompatibleToDouble(wxString(value), &d);
- mGain = d;
+ {
+ if (!XMLValueChecker::IsGoodString(strValue) ||
+ !Internat::CompatibleToDouble(strValue, &dblValue) ||
+ (dblValue < 100.0) || (dblValue > 100000.0)) // same bounds
as ImportRawDialog::OnOK
+ return false;
+ mRate = dblValue;
}
- else if (!strcmp(attr, "pan")) {
- double d;
- Internat::CompatibleToDouble(wxString(value), &d);
- if (d >= -1.0 && d <= 1.0)
- mPan = d;
+ else if (!strcmp(attr, "offset") &&
+ XMLValueChecker::IsGoodString(strValue) &&
+ Internat::CompatibleToDouble(strValue, &dblValue))
+ {
+ mOffset = dblValue;
+ mEnvelope->SetOffset(mOffset);
}
- else if (!strcmp(attr, "name"))
- mName = value;
+ else if (!strcmp(attr, "gain") &&
+ XMLValueChecker::IsGoodString(strValue) &&
+ Internat::CompatibleToDouble(strValue, &dblValue))
+ mGain = dblValue;
+ else if (!strcmp(attr, "pan") &&
+ XMLValueChecker::IsGoodString(strValue) &&
+ Internat::CompatibleToDouble(strValue, &dblValue) &&
+ (dblValue >= -1.0) && (dblValue <= 1.0))
+ mPan = dblValue;
+ else if (!strcmp(attr, "name") &&
XMLValueChecker::IsGoodString(strValue))
+ mName = strValue;
else if (!strcmp(attr, "channel"))
- mChannel = atoi(value);
- else if (!strcmp(attr, "linked"))
- mLinked = atoi(value);
+ {
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) ||
+ !XMLValueChecker::IsValidChannel(nValue))
+ return false;
+ mChannel = nValue;
+ }
+ else if (!strcmp(attr, "linked") &&
+ XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ mLinked = (nValue != 0);
} // while
return true;
Index: TimeTrack.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/TimeTrack.cpp,v
retrieving revision 1.8.2.1
retrieving revision 1.8.2.2
diff -u -d -r1.8.2.1 -r1.8.2.2
--- TimeTrack.cpp 21 Apr 2004 23:33:26 -0000 1.8.2.1
+++ TimeTrack.cpp 12 Jan 2007 00:27:42 -0000 1.8.2.2
@@ -96,6 +96,8 @@
bool TimeTrack::HandleXMLTag(const char *tag, const char **attrs)
{
if (!strcmp(tag, "timetrack")) {
+ double dblValue;
+ long nValue;
while(*attrs) {
const char *attr = *attrs++;
const char *value = *attrs++;
@@ -103,13 +105,24 @@
if (!value)
break;
- else if (!strcmp(attr, "offset")) {
- Internat::CompatibleToDouble(wxString(value), &mOffset);
+ const wxString strValue = value;
+ if (!strcmp(attr, "offset"))
+ {
+ if (!XMLValueChecker::IsGoodString(strValue) ||
+ !Internat::CompatibleToDouble(strValue, &dblValue))
+ return false;
+ mOffset = dblValue;
mEnvelope->SetOffset(mOffset);
- }else if (!strcmp(attr, "name"))
- mName = value;
+ }
+ else if (!strcmp(attr, "name") &&
XMLValueChecker::IsGoodString(strValue))
+ mName = strValue;
else if (!strcmp(attr, "channel"))
- mChannel = atoi(value);
+ {
+ if (!XMLValueChecker::IsGoodInt(strValue) ||
!strValue.ToLong(&nValue) ||
+ !XMLValueChecker::IsValidChannel(nValue))
+ return false;
+ mChannel = nValue;
+ }
} // while
return true;
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/audacity-cvs
