Skip to site navigation (Press enter)

[webkit-changes] [97217] branches/chromium/874/Source/WebCore/platform/audio

crogers Tue, 11 Oct 2011 19:03:52 -0700

Title: [97217] branches/chromium/874/Source/WebCore/platform/audio

Revision: 97217
Author: [email protected]
Date: 2011-10-11 19:04:12 -0700 (Tue, 11 Oct 2011)

Log Message

Merge 97214 - Heap buffer overflow in Webaudio FFTFrame::doFFT

BUG=99211
Review URL: http://codereview.chromium.org/8231033


Modified Paths

branches/chromium/874/Source/WebCore/platform/audio/HRTFKernel.cpp
branches/chromium/874/Source/WebCore/platform/audio/HRTFPanner.cpp

Diff

Modified: branches/chromium/874/Source/WebCore/platform/audio/HRTFKernel.cpp (97216 => 97217)


--- branches/chromium/874/Source/WebCore/platform/audio/HRTFKernel.cpp	2011-10-12 01:53:18 UTC (rev 97216)
+++ branches/chromium/874/Source/WebCore/platform/audio/HRTFKernel.cpp	2011-10-12 02:04:12 UTC (rev 97217)
@@ -51,7 +51,10 @@
         
     float* impulseP = channel->data();
     
-    ASSERT(channel->length() >= analysisFFTSize);
+    bool isSizeGood = channel->length() >= analysisFFTSize;
+    ASSERT(isSizeGood);
+    if (!isSizeGood)
+        return 0;
     
     // Check for power-of-2.
     ASSERT(1UL << static_cast<unsigned>(log2(analysisFFTSize)) == analysisFFTSize);

Modified: branches/chromium/874/Source/WebCore/platform/audio/HRTFPanner.cpp (97216 => 97217)


--- branches/chromium/874/Source/WebCore/platform/audio/HRTFPanner.cpp	2011-10-12 01:53:18 UTC (rev 97216)
+++ branches/chromium/874/Source/WebCore/platform/audio/HRTFPanner.cpp	2011-10-12 02:04:12 UTC (rev 97217)
@@ -64,9 +64,9 @@
 {
     // The HRTF impulse responses (loaded as audio resources) are 512 sample-frames @44.1KHz.
     // Currently, we truncate the impulse responses to half this size, but an FFT-size of twice impulse response size is needed (for convolution).
-    // So for sample rates around 44.1KHz an FFT size of 512 is good.  We double that size for higher sample rates.
+    // So for sample rates around 44.1KHz an FFT size of 512 is good. We double the FFT-size only for sample rates at least double this.
     ASSERT(sampleRate >= 44100 && sampleRate <= 96000.0);
-    return (sampleRate <= 48000.0) ? 512 : 1024;
+    return (sampleRate < 88200.0) ? 512 : 1024;
 }
 
 void HRTFPanner::reset()

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes