Update of /cvsroot/audacity/audacity-src/src/blockfile
In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv5547/blockfile
Modified Files:
LegacyAliasBlockFile.cpp LegacyBlockFile.cpp
PCMAliasBlockFile.cpp SilentBlockFile.cpp SimpleBlockFile.cpp
Log Message:
Port security vulnerability fixes, per NGS report, from custom UmixIt version.
Index: LegacyBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/LegacyBlockFile.cpp,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- LegacyBlockFile.cpp 4 Nov 2006 19:55:29 -0000 1.18
+++ LegacyBlockFile.cpp 25 Jan 2007 03:01:11 -0000 1.19
@@ -281,24 +281,45 @@
wxFileName fileName;
sampleCount summaryLen = 0;
bool noRMS = false;
+ long nValue;
while(*attrs)
{
- const wxChar *attr = *attrs++;
- const wxChar *value = *attrs++;
+ const wxChar *attr = *attrs++;
+ const wxChar *value = *attrs++;
- if( !wxStrcmp(attr, wxT("name")) )
- fileName.Assign(projDir, value);
- if( !wxStrcmp(attr, wxT("len")) )
- len = wxAtoi(value);
- if( !wxStrcmp(attr, wxT("norms")) )
- noRMS = wxAtoi(value)?true:false;
- if( !wxStrcmp(attr, wxT("format")) )
- format = (sampleFormat)wxAtoi(value);
- if( !wxStrcmp(attr, wxT("summarylen")) )
- summaryLen = wxAtoi(value);
+ if (!value)
+ break;
+
+ const wxString strValue = value;
+ if( !wxStrcmp(attr, wxT("name")) )
+ {
+ if (!XMLValueChecker::IsGoodFileName(strValue, projDir))
+ return NULL;
+ fileName.Assign(projDir, strValue);
+ }
+ else if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ { // integer parameters
+ if( !wxStrcmp(attr, wxT("len")) )
+ len = nValue;
+ if( !wxStrcmp(attr, wxT("norms")) )
+ noRMS = (nValue != 0);
+ if( !wxStrcmp(attr, wxT("format")) )
+ {
+ if (!XMLValueChecker::IsValidSampleFormat(nValue))
+ return NULL;
+ format = (sampleFormat)nValue;
+ }
+ if( !wxStrcmp(attr, wxT("summarylen")) )
+ summaryLen = nValue;
+ }
}
+ if (!XMLValueChecker::IsGoodFileName(fileName.GetFullName(),
+ fileName.GetPath(wxPATH_GET_VOLUME))
||
+ (len <= 0) || (summaryLen <= 0))
+ return NULL;
+
return new LegacyBlockFile(fileName, format, summaryLen, len, noRMS);
}
Index: LegacyAliasBlockFile.cpp
===================================================================
RCS file:
/cvsroot/audacity/audacity-src/src/blockfile/LegacyAliasBlockFile.cpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- LegacyAliasBlockFile.cpp 23 Sep 2006 02:25:48 -0000 1.8
+++ LegacyAliasBlockFile.cpp 25 Jan 2007 03:01:11 -0000 1.9
@@ -86,28 +86,56 @@
int aliasStart=0, aliasLen=0, aliasChannel=0;
int summaryLen=0;
bool noRMS = false;
+ long nValue;
while(*attrs)
{
- const wxChar *attr = *attrs++;
- const wxChar *value = *attrs++;
+ const wxChar *attr = *attrs++;
+ const wxChar *value = *attrs++;
- if( !wxStricmp(attr, wxT("name")) )
- summaryFileName.Assign(projDir, value, wxT(""));
- if( !wxStricmp(attr, wxT("aliaspath")) )
- aliasFileName.Assign(value);
- if( !wxStricmp(attr, wxT("aliasstart")) )
- aliasStart = wxAtoi(value);
- if( !wxStricmp(attr, wxT("aliaslen")) )
- aliasLen = wxAtoi(value);
- if( !wxStricmp(attr, wxT("aliaschannel")) )
- aliasChannel = wxAtoi(value);
- if( !wxStricmp(attr, wxT("summarylen")) )
- summaryLen = wxAtoi(value);
- if( !wxStricmp(attr, wxT("norms")) )
- noRMS = wxAtoi(value)?true:false;
+ if (!value)
+ break;
+
+ const wxString strValue = value;
+ if( !wxStricmp(attr, wxT("name")) )
+ {
+ if (!XMLValueChecker::IsGoodFileName(strValue, projDir))
+ return NULL;
+ summaryFileName.Assign(projDir, strValue, wxT(""));
+ }
+ else if ( !wxStricmp(attr, wxT("aliaspath")) )
+ {
+ if (XMLValueChecker::IsGoodPathName(strValue))
+ aliasFileName.Assign(strValue);
+ else if (XMLValueChecker::IsGoodFileName(strValue, projDir))
+ // Allow fallback of looking for the file name, located in the
data directory.
+ aliasFileName.Assign(projDir, strValue);
+ else
+ return NULL;
+ }
+ else if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ { // integer parameters
+ if( !wxStricmp(attr, wxT("aliasstart")) )
+ aliasStart = nValue;
+ if( !wxStricmp(attr, wxT("aliaslen")) )
+ aliasLen = nValue;
+ if( !wxStricmp(attr, wxT("aliaschannel")) )
+ aliasChannel = nValue;
+ if( !wxStricmp(attr, wxT("summarylen")) )
+ summaryLen = nValue;
+ if( !wxStricmp(attr, wxT("norms")) )
+ noRMS = (nValue != 0);
+ }
}
+ if (!XMLValueChecker::IsGoodFileName(summaryFileName.GetFullName(),
+
summaryFileName.GetPath(wxPATH_GET_VOLUME)) ||
+ !XMLValueChecker::IsGoodFileName(aliasFileName.GetFullName(),
+
aliasFileName.GetPath(wxPATH_GET_VOLUME)) ||
+ (aliasStart < 0) || (aliasLen <= 0) ||
+ !XMLValueChecker::IsValidChannel(aliasChannel) || (summaryLen <= 0))
+ return NULL;
+
return new LegacyAliasBlockFile(summaryFileName, aliasFileName,
aliasStart, aliasLen, aliasChannel,
summaryLen, noRMS);
Index: SilentBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/SilentBlockFile.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- SilentBlockFile.cpp 4 Nov 2006 19:55:29 -0000 1.6
+++ SilentBlockFile.cpp 25 Jan 2007 03:01:11 -0000 1.7
@@ -46,6 +46,7 @@
/// static
BlockFile *SilentBlockFile::BuildFromXML(DirManager &dm, const wxChar **attrs)
{
+ long nValue;
sampleCount len = 0;
while(*attrs)
@@ -53,10 +54,18 @@
const wxChar *attr = *attrs++;
const wxChar *value = *attrs++;
- if( !wxStrcmp(attr, wxT("len")) )
- len = wxAtoi(value);
+ if (!value)
+ break;
+
+ const wxString strValue = value;
+ if( !wxStrcmp(attr, wxT("len")) &&
+ XMLValueChecker::IsGoodInt(strValue) && strValue.ToLong(&nValue))
+ len = nValue;
}
+ if (len <= 0)
+ return NULL;
+
return new SilentBlockFile(len);
}
Index: SimpleBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/SimpleBlockFile.cpp,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- SimpleBlockFile.cpp 6 Nov 2006 10:21:05 -0000 1.22
+++ SimpleBlockFile.cpp 25 Jan 2007 03:01:11 -0000 1.23
@@ -474,24 +474,48 @@
wxFileName fileName;
float min=0, max=0, rms=0;
sampleCount len = 0;
+ double dblValue;
+ long nValue;
while(*attrs)
{
- const wxChar *attr = *attrs++;
- const wxChar *value = *attrs++;
+ const wxChar *attr = *attrs++;
+ const wxChar *value = *attrs++;
- if( !wxStrcmp(attr, wxT("filename")) )
- dm.AssignFile(fileName,value,FALSE);
- if( !wxStrcmp(attr, wxT("len")) )
- len = wxAtoi(value);
- if( !wxStrcmp(attr, wxT("min")) )
- min = Internat::CompatibleToDouble(value);
- if( !wxStrcmp(attr, wxT("max")) )
- max = Internat::CompatibleToDouble(value);
- if( !wxStrcmp(attr, wxT("rms")) )
- rms = Internat::CompatibleToDouble(value);
+ if (!value)
+ break;
+
+ const wxString strValue = value;
+ if( !wxStrcmp(attr, wxT("filename")) )
+ {
+ // Can't use XMLValueChecker::IsGoodFileName here, but do part of its
test.
+ if (!XMLValueChecker::IsGoodFileString(strValue))
+ return NULL;
+
+ #ifdef _WIN32
+ if (strValue.Length() + 1 + dm.GetProjectDataDir().Length() >
MAX_PATH)
+ return NULL;
+ #endif
+
+ dm.AssignFile(fileName,value,FALSE);
+ }
+ else if( !wxStrcmp(attr, wxT("len")) &&
XMLValueChecker::IsGoodInt(strValue) && strValue.ToLong(&nValue))
+ len = nValue;
+ else if( !wxStrcmp(attr, wxT("min")) &&
+ XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue))
+ min = dblValue;
+ else if( !wxStrcmp(attr, wxT("max")) &&
+ XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue))
+ max = dblValue;
+ else if( !wxStrcmp(attr, wxT("rms")) &&
+ XMLValueChecker::IsGoodString(strValue) &&
Internat::CompatibleToDouble(strValue, &dblValue))
+ rms = dblValue;
}
+ if (!XMLValueChecker::IsGoodFileName(fileName.GetFullName(),
fileName.GetPath(wxPATH_GET_VOLUME)) ||
+ (len <= 0) || (rms < 0.0))
+ return NULL;
+
return new SimpleBlockFile(fileName, len, min, max, rms);
}
Index: PCMAliasBlockFile.cpp
===================================================================
RCS file: /cvsroot/audacity/audacity-src/src/blockfile/PCMAliasBlockFile.cpp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- PCMAliasBlockFile.cpp 23 Sep 2006 02:25:48 -0000 1.11
+++ PCMAliasBlockFile.cpp 25 Jan 2007 03:01:11 -0000 1.12
@@ -146,30 +146,61 @@
wxFileName aliasFileName;
int aliasStart=0, aliasLen=0, aliasChannel=0;
float min=0, max=0, rms=0;
+ long nValue;
while(*attrs)
{
- const wxChar *attr = *attrs++;
- const wxChar *value = *attrs++;
+ const wxChar *attr = *attrs++;
+ const wxChar *value = *attrs++;
+ if (!value)
+ break;
- if( !wxStricmp(attr, wxT("summaryfile")) )
- dm.AssignFile(summaryFileName,value,FALSE);
- if( !wxStricmp(attr, wxT("aliasfile")) )
- aliasFileName.Assign(value);
- if( !wxStricmp(attr, wxT("aliasstart")) )
- aliasStart = wxAtoi(value);
- if( !wxStricmp(attr, wxT("aliaslen")) )
- aliasLen = wxAtoi(value);
- if( !wxStricmp(attr, wxT("aliaschannel")) )
- aliasChannel = wxAtoi(value);
- if( !wxStricmp(attr, wxT("min")) )
- min = wxAtoi(value);
- if( !wxStricmp(attr, wxT("max")) )
- max = wxAtoi(value);
- if( !wxStricmp(attr, wxT("rms")) )
- rms = wxAtoi(value);
+ const wxString strValue = value;
+ if( !wxStricmp(attr, wxT("summaryfile")) )
+ {
+ // Can't use XMLValueChecker::IsGoodFileName here, but do part of its
test.
+ if (!XMLValueChecker::IsGoodFileString(strValue))
+ return NULL;
+
+ #ifdef _WIN32
+ if (strValue.Length() + 1 + dm.GetProjectDataDir().Length() >
MAX_PATH)
+ return NULL;
+ #endif
+
+ dm.AssignFile(summaryFileName,value,FALSE);
+ }
+ else if( !wxStricmp(attr, wxT("aliasfile")) )
+ {
+ if (XMLValueChecker::IsGoodPathName(strValue))
+ aliasFileName.Assign(strValue);
+ else if (XMLValueChecker::IsGoodFileName(strValue,
dm.GetProjectDataDir()))
+ // Allow fallback of looking for the file name, located in the
data directory.
+ aliasFileName.Assign(dm.GetProjectDataDir(), strValue);
+ else
+ return NULL;
+ }
+ else if (XMLValueChecker::IsGoodInt(strValue) &&
strValue.ToLong(&nValue))
+ { // integer parameters
+ if( !wxStricmp(attr, wxT("aliasstart")) )
+ aliasStart = nValue;
+ else if( !wxStricmp(attr, wxT("aliaslen")) )
+ aliasLen = nValue;
+ else if( !wxStricmp(attr, wxT("aliaschannel")) )
+ aliasChannel = nValue;
+ else if( !wxStricmp(attr, wxT("min")) )
+ min = nValue;
+ else if( !wxStricmp(attr, wxT("max")) )
+ max = nValue;
+ else if( !wxStricmp(attr, wxT("rms")) )
+ rms = nValue;
+ }
}
+ if (!XMLValueChecker::IsGoodFileName(summaryFileName.GetFullName(),
summaryFileName.GetPath(wxPATH_GET_VOLUME)) ||
+ !XMLValueChecker::IsGoodFileName(aliasFileName.GetFullName(),
aliasFileName.GetPath(wxPATH_GET_VOLUME)) ||
+ (aliasLen <= 0) || (aliasLen < 0.0) ||
!XMLValueChecker::IsValidChannel(aliasChannel) || (rms < 0.0))
+ return NULL;
+
return new PCMAliasBlockFile(summaryFileName, aliasFileName,
aliasStart, aliasLen, aliasChannel,
min, max, rms);
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Audacity-cvs mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/audacity-cvs
