On 11/08/17 00:38, Eric Wong wrote:
@@ -113,7 +113,13 @@ const char *lsx_ms_adpcm_block_expand_i(
const unsigned char *ip;
unsigned ch;
const char *errmsg = NULL;
- MsState_t state[4]; /* One decompressor state for each channel */
+
+ /* One decompressor state for each channel */
+ MsState_t *state;
+ size_t size = sizeof(*state) * chans;
+ const size_t alloca_max = 1024;
+
Hi,
Just make a fixed buffer on the stack instead of using alloca().
+ state = size > alloca_max ? lsx_malloc(size) : alloca(size);
/* Read the four-byte header for each channel */
ip = ibuff;
@@ -158,6 +164,10 @@ const char *lsx_ms_adpcm_block_expand_i(
if (++ch2 == chans) ch2 = 0;
}
}
+
+ if (size > alloca_max)
+ free(state);
+
return errmsg;
}
Is the "chans" argument range-checked anywhere? You should put a limit
how many channels are supported!
--HPS
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
SoX-devel mailing list
SoX-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sox-devel
