Diff
Modified: branches/safari-611-branch/Source/WebCore/ChangeLog (273247 => 273248)
--- branches/safari-611-branch/Source/WebCore/ChangeLog 2021-02-22 17:54:15 UTC (rev 273247)
+++ branches/safari-611-branch/Source/WebCore/ChangeLog 2021-02-22 17:54:19 UTC (rev 273248)
@@ -1,5 +1,87 @@
2021-02-17 Ruben Turcios <[email protected]>
+ Cherry-pick r272678. rdar://problem/74410058
+
+ WebCore::createBusFromInMemoryAudioFile() may crash under ExtAudioFileRead()
+ https://bugs.webkit.org/show_bug.cgi?id=221642
+ <rdar://72789841>
+
+ Reviewed by Geoffrey Garen.
+
+ The crash seems to indicate we are passing an AudioBufferList to ExtAudioFileRead()
+ that contains a null buffer. It is not obvious how this is happening but I have made
+ the following changes:
+ 1. createAudioBufferList() / destroyAudioListBuffer() implementation is now shared
+ on both macOS and iOS. The implementation now uses fastCalloc and returns null
+ in case of failure to allocate.
+ 2. createAudioBufferList() was renamed to tryCreateAudioBufferList() to make it clear
+ it can return null. All call sites now properly deal with tryCreateAudioBufferList()
+ potentially return null
+ 3. Add a new validateAudioBufferList() function which makes sure that the AudioBufferList
+ we are about to pass to ExtAudioFileRead() does not contain any null buffer. In case
+ of validation failure, we log an error, generate a simulated crash log and early return
+ gracefully instead of crashing later on.
+ 4. Added more assertions to help catch bugs.
+
+ * SourcesCocoa.txt:
+ * WebCore.xcodeproj/project.pbxproj:
+ * platform/audio/cocoa/AudioFileReaderCocoa.cpp: Added.
+ (WebCore::tryCreateAudioBufferList):
+ (WebCore::destroyAudioBufferList):
+ (WebCore::validateAudioBufferList):
+ * platform/audio/cocoa/AudioFileReaderCocoa.h: Added.
+ * platform/audio/ios/AudioFileReaderIOS.cpp:
+ (WebCore::AudioFileReader::createBus):
+ (WebCore::createAudioBufferList): Deleted.
+ (WebCore::destroyAudioBufferList): Deleted.
+ * platform/audio/mac/AudioFileReaderMac.cpp:
+ (WebCore::AudioFileReader::createBus):
+ (WebCore::createAudioBufferList): Deleted.
+ (WebCore::destroyAudioBufferList): Deleted.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@272678 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-02-10 Chris Dumez <[email protected]>
+
+ WebCore::createBusFromInMemoryAudioFile() may crash under ExtAudioFileRead()
+ https://bugs.webkit.org/show_bug.cgi?id=221642
+ <rdar://72789841>
+
+ Reviewed by Geoffrey Garen.
+
+ The crash seems to indicate we are passing an AudioBufferList to ExtAudioFileRead()
+ that contains a null buffer. It is not obvious how this is happening but I have made
+ the following changes:
+ 1. createAudioBufferList() / destroyAudioListBuffer() implementation is now shared
+ on both macOS and iOS. The implementation now uses fastCalloc and returns null
+ in case of failure to allocate.
+ 2. createAudioBufferList() was renamed to tryCreateAudioBufferList() to make it clear
+ it can return null. All call sites now properly deal with tryCreateAudioBufferList()
+ potentially return null
+ 3. Add a new validateAudioBufferList() function which makes sure that the AudioBufferList
+ we are about to pass to ExtAudioFileRead() does not contain any null buffer. In case
+ of validation failure, we log an error, generate a simulated crash log and early return
+ gracefully instead of crashing later on.
+ 4. Added more assertions to help catch bugs.
+
+ * SourcesCocoa.txt:
+ * WebCore.xcodeproj/project.pbxproj:
+ * platform/audio/cocoa/AudioFileReaderCocoa.cpp: Added.
+ (WebCore::tryCreateAudioBufferList):
+ (WebCore::destroyAudioBufferList):
+ (WebCore::validateAudioBufferList):
+ * platform/audio/cocoa/AudioFileReaderCocoa.h: Added.
+ * platform/audio/ios/AudioFileReaderIOS.cpp:
+ (WebCore::AudioFileReader::createBus):
+ (WebCore::createAudioBufferList): Deleted.
+ (WebCore::destroyAudioBufferList): Deleted.
+ * platform/audio/mac/AudioFileReaderMac.cpp:
+ (WebCore::AudioFileReader::createBus):
+ (WebCore::createAudioBufferList): Deleted.
+ (WebCore::destroyAudioBufferList): Deleted.
+
+2021-02-17 Ruben Turcios <[email protected]>
+
Cherry-pick r272504. rdar://problem/74409474
NetworkRTCSocketCocoa extractDataMessages should not read too much data
Modified: branches/safari-611-branch/Source/WebCore/SourcesCocoa.txt (273247 => 273248)
--- branches/safari-611-branch/Source/WebCore/SourcesCocoa.txt 2021-02-22 17:54:15 UTC (rev 273247)
+++ branches/safari-611-branch/Source/WebCore/SourcesCocoa.txt 2021-02-22 17:54:19 UTC (rev 273248)
@@ -208,6 +208,7 @@
page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm
platform/audio/AudioSession.cpp
platform/audio/cocoa/AudioDestinationCocoa.cpp
+platform/audio/cocoa/AudioFileReaderCocoa.cpp
platform/audio/cocoa/AudioOutputUnitAdaptor.cpp
platform/audio/cocoa/AudioSampleBufferList.cpp
platform/audio/cocoa/AudioSampleDataSource.mm
Modified: branches/safari-611-branch/Source/WebCore/WebCore.xcodeproj/project.pbxproj (273247 => 273248)
--- branches/safari-611-branch/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2021-02-22 17:54:15 UTC (rev 273247)
+++ branches/safari-611-branch/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2021-02-22 17:54:19 UTC (rev 273248)
@@ -1252,6 +1252,7 @@
467302021C4EFE7800BCB357 /* IgnoreOpensDuringUnloadCountIncrementer.h in Headers */ = {isa = PBXBuildFile; fileRef = 467302011C4EFE6600BCB357 /* IgnoreOpensDuringUnloadCountIncrementer.h */; };
4682D2001F79783000C863DB /* StoredCredentialsPolicy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4682D1FF1F79782300C863DB /* StoredCredentialsPolicy.h */; settings = {ATTRIBUTES = (Private, ); }; };
468344E01EDDFAAA00B7795B /* DOMRectList.h in Headers */ = {isa = PBXBuildFile; fileRef = 468344DE1EDDFA5F00B7795B /* DOMRectList.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ 46AAAA3D25D3632000BAF42F /* AudioFileReaderCocoa.h in Headers */ = {isa = PBXBuildFile; fileRef = 46AAAA3A25D3631400BAF42F /* AudioFileReaderCocoa.h */; };
46B63F6C1C6E8D19002E914B /* JSEventTargetCustom.h in Headers */ = {isa = PBXBuildFile; fileRef = 46B63F6B1C6E8CDF002E914B /* JSEventTargetCustom.h */; settings = {ATTRIBUTES = (Private, ); }; };
46B650DD2296262700FD8AA4 /* PageIdentifier.h in Headers */ = {isa = PBXBuildFile; fileRef = 46B650DB2296262700FD8AA4 /* PageIdentifier.h */; settings = {ATTRIBUTES = (Private, ); }; };
46B95195207D633400A7D2DD /* AbstractDOMWindow.h in Headers */ = {isa = PBXBuildFile; fileRef = 46B9518A207D632800A7D2DD /* AbstractDOMWindow.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -8170,6 +8171,8 @@
468344DC1EDDFA5F00B7795B /* DOMRectList.idl */ = {isa = PBXFileReference; lastKnownFileType = text; path = DOMRectList.idl; sourceTree = "<group>"; };
468344DD1EDDFA5F00B7795B /* DOMRectList.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = DOMRectList.cpp; sourceTree = "<group>"; };
468344DE1EDDFA5F00B7795B /* DOMRectList.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = DOMRectList.h; sourceTree = "<group>"; };
+ 46AAAA3A25D3631400BAF42F /* AudioFileReaderCocoa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AudioFileReaderCocoa.h; sourceTree = "<group>"; };
+ 46AAAA3C25D3631400BAF42F /* AudioFileReaderCocoa.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AudioFileReaderCocoa.cpp; sourceTree = "<group>"; };
46B63F6B1C6E8CDF002E914B /* JSEventTargetCustom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSEventTargetCustom.h; sourceTree = "<group>"; };
46B650DB2296262700FD8AA4 /* PageIdentifier.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PageIdentifier.h; sourceTree = "<group>"; };
46B9518A207D632800A7D2DD /* AbstractDOMWindow.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AbstractDOMWindow.h; sourceTree = "<group>"; };
@@ -27885,6 +27888,8 @@
children = (
413151842357745E00115E6E /* AudioDestinationCocoa.cpp */,
413151862357745E00115E6E /* AudioDestinationCocoa.h */,
+ 46AAAA3C25D3631400BAF42F /* AudioFileReaderCocoa.cpp */,
+ 46AAAA3A25D3631400BAF42F /* AudioFileReaderCocoa.h */,
1DB66D38253678EA00B671B9 /* AudioOutputUnitAdaptor.cpp */,
1DB66D37253678EA00B671B9 /* AudioOutputUnitAdaptor.h */,
073B87621E43859D0071C0EC /* AudioSampleBufferList.cpp */,
@@ -31173,6 +31178,7 @@
FD31608012B026F700C1A359 /* AudioDSPKernel.h in Headers */,
FD31608212B026F700C1A359 /* AudioDSPKernelProcessor.h in Headers */,
FD31608312B026F700C1A359 /* AudioFileReader.h in Headers */,
+ 46AAAA3D25D3632000BAF42F /* AudioFileReaderCocoa.h in Headers */,
CD5596921475B678001D0BD0 /* AudioFileReaderIOS.h in Headers */,
FD3160BF12B0272A00C1A359 /* AudioFileReaderMac.h in Headers */,
CD2F4A2418D89F700063746D /* AudioHardwareListener.h in Headers */,
Added: branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp (0 => 273248)
--- branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp (rev 0)
+++ branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp 2021-02-22 17:54:19 UTC (rev 273248)
@@ -0,0 +1,83 @@
+/*
+ * Copyright (C) 2010 Google Inc. All rights reserved.
+ * Copyright (C) 2011-2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#if ENABLE(WEB_AUDIO)
+#include "AudioFileReaderCocoa.h"
+
+#include <wtf/FastMalloc.h>
+
+namespace WebCore {
+
+AudioBufferList* tryCreateAudioBufferList(size_t numberOfBuffers)
+{
+ CheckedSize bufferListSize = sizeof(AudioBufferList) - sizeof(AudioBuffer);
+ bufferListSize += numberOfBuffers * sizeof(AudioBuffer);
+ if (bufferListSize.hasOverflowed())
+ return nullptr;
+
+ auto allocated = tryFastCalloc(1, bufferListSize.unsafeGet());
+ AudioBufferList* bufferList;
+ if (!allocated.getValue(bufferList))
+ return nullptr;
+
+ bufferList->mNumberBuffers = numberOfBuffers;
+ return bufferList;
+}
+
+void destroyAudioBufferList(AudioBufferList* bufferList)
+{
+ fastFree(bufferList);
+}
+
+bool validateAudioBufferList(AudioBufferList* bufferList)
+{
+ if (!bufferList)
+ return false;
+
+ Optional<unsigned> expectedDataSize;
+ const AudioBuffer* buffer = bufferList->mBuffers;
+ const AudioBuffer* bufferEnd = buffer + bufferList->mNumberBuffers;
+ for ( ; buffer < bufferEnd; ++buffer) {
+ if (!buffer->mData)
+ return false;
+
+ unsigned dataSize = buffer->mDataByteSize;
+ if (!expectedDataSize)
+ expectedDataSize = dataSize;
+ else if (*expectedDataSize != dataSize)
+ return false;
+ }
+ return true;
+}
+
+}
+
+#endif // ENABLE(WEB_AUDIO)
Added: branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.h (0 => 273248)
--- branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.h (rev 0)
+++ branches/safari-611-branch/Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.h 2021-02-22 17:54:19 UTC (rev 273248)
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2010 Google Inc. All rights reserved.
+ * Copyright (C) 2011-2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(WEB_AUDIO)
+
+namespace WebCore {
+
+WARN_UNUSED_RETURN AudioBufferList* tryCreateAudioBufferList(size_t numberOfBuffers);
+void destroyAudioBufferList(AudioBufferList*);
+bool validateAudioBufferList(AudioBufferList*);
+
+}
+
+#endif // ENABLE(WEB_AUDIO)
Modified: branches/safari-611-branch/Source/WebCore/platform/audio/ios/AudioFileReaderIOS.cpp (273247 => 273248)
--- branches/safari-611-branch/Source/WebCore/platform/audio/ios/AudioFileReaderIOS.cpp 2021-02-22 17:54:15 UTC (rev 273247)
+++ branches/safari-611-branch/Source/WebCore/platform/audio/ios/AudioFileReaderIOS.cpp 2021-02-22 17:54:19 UTC (rev 273248)
@@ -34,6 +34,8 @@
#include "AudioBus.h"
#include "AudioFileReader.h"
+#include "AudioFileReaderCocoa.h"
+#include "Logging.h"
#include <CoreFoundation/CoreFoundation.h>
#include <wtf/CheckedArithmetic.h>
#include <wtf/RetainPtr.h>
@@ -51,22 +53,6 @@
namespace WebCore {
-static WARN_UNUSED_RETURN AudioBufferList* createAudioBufferList(size_t numberOfBuffers)
-{
- CheckedSize bufferListSize = sizeof(AudioBufferList) - sizeof(AudioBuffer);
- bufferListSize += numberOfBuffers * sizeof(AudioBuffer);
-
- AudioBufferList* bufferList = static_cast<AudioBufferList*>(calloc(1, bufferListSize.unsafeGet()));
- if (bufferList)
- bufferList->mNumberBuffers = numberOfBuffers;
- return bufferList;
-}
-
-static inline void destroyAudioBufferList(AudioBufferList* bufferList)
-{
- free(bufferList);
-}
-
AudioFileReader::AudioFileReader(const char* filePath)
: m_data(0)
, m_dataSize(0)
@@ -184,11 +170,14 @@
AudioFloatArray leftChannel;
AudioFloatArray rightChannel;
- AudioBufferList* bufferList = createAudioBufferList(numberOfChannels);
- if (!bufferList)
+ AudioBufferList* bufferList = tryCreateAudioBufferList(numberOfChannels);
+ if (!bufferList) {
+ RELEASE_LOG_FAULT(WebAudio, "tryCreateAudioBufferList(%ld) returned null", numberOfChannels);
return nullptr;
+ }
const size_t bufferSize = numberOfFrames * sizeof(float);
+ RELEASE_ASSERT(bufferList->mNumberBuffers == numberOfChannels);
if (mixToMono && numberOfChannels == 2) {
leftChannel.resize(numberOfFrames);
rightChannel.resize(numberOfFrames);
@@ -201,7 +190,7 @@
bufferList->mBuffers[1].mDataByteSize = bufferSize;
bufferList->mBuffers[1].mData = rightChannel.data();
} else {
- ASSERT(!mixToMono || numberOfChannels == 1);
+ RELEASE_ASSERT(!mixToMono || numberOfChannels == 1);
// For True-stereo (numberOfChannels == 4)
for (size_t i = 0; i < numberOfChannels; ++i) {
@@ -209,9 +198,17 @@
bufferList->mBuffers[i].mNumberChannels = 1;
bufferList->mBuffers[i].mDataByteSize = bufferSize;
bufferList->mBuffers[i].mData = audioBus->channel(i)->mutableData();
+ ASSERT(bufferList->mBuffers[i].mData);
}
}
+ if (!validateAudioBufferList(bufferList)) {
+ RELEASE_LOG_FAULT(WebAudio, "Generated buffer in AudioFileReader::createBus() did not pass validation");
+ ASSERT_NOT_REACHED();
+ destroyAudioBufferList(bufferList);
+ return nullptr;
+ }
+
// Read from the file (or in-memory version)
UInt32 framesToRead = numberOfFrames;
if (ExtAudioFileRead(m_extAudioFileRef, &framesToRead, bufferList) != noErr) {
Modified: branches/safari-611-branch/Source/WebCore/platform/audio/mac/AudioFileReaderMac.cpp (273247 => 273248)
--- branches/safari-611-branch/Source/WebCore/platform/audio/mac/AudioFileReaderMac.cpp 2021-02-22 17:54:15 UTC (rev 273247)
+++ branches/safari-611-branch/Source/WebCore/platform/audio/mac/AudioFileReaderMac.cpp 2021-02-22 17:54:19 UTC (rev 273248)
@@ -36,29 +36,14 @@
#include "AudioBus.h"
#include "AudioFileReader.h"
+#include "AudioFileReaderCocoa.h"
#include "FloatConversion.h"
+#include "Logging.h"
#include <CoreFoundation/CoreFoundation.h>
#include <wtf/RetainPtr.h>
namespace WebCore {
-static AudioBufferList* createAudioBufferList(size_t numberOfBuffers)
-{
- size_t bufferListSize = sizeof(AudioBufferList) - sizeof(AudioBuffer);
- bufferListSize += numberOfBuffers * sizeof(AudioBuffer);
-
- AudioBufferList* bufferList = static_cast<AudioBufferList*>(calloc(1, bufferListSize));
- if (bufferList)
- bufferList->mNumberBuffers = numberOfBuffers;
-
- return bufferList;
-}
-
-static void destroyAudioBufferList(AudioBufferList* bufferList)
-{
- free(bufferList);
-}
-
AudioFileReader::AudioFileReader(const char* filePath)
: m_data(nullptr)
, m_dataSize(0)
@@ -190,8 +175,13 @@
float* bufferR = 0;
// Setup AudioBufferList in preparation for reading
- AudioBufferList* bufferList = createAudioBufferList(numberOfChannels);
+ AudioBufferList* bufferList = tryCreateAudioBufferList(numberOfChannels);
+ if (!bufferList) {
+ RELEASE_LOG_FAULT(WebAudio, "tryCreateAudioBufferList(%ld) returned null", numberOfChannels);
+ return nullptr;
+ }
+ RELEASE_ASSERT(bufferList->mNumberBuffers == numberOfChannels);
if (mixToMono && numberOfChannels == 2) {
bufL.resize(numberOfFrames);
bufR.resize(numberOfFrames);
@@ -206,7 +196,7 @@
bufferList->mBuffers[1].mDataByteSize = numberOfFrames * sizeof(float);
bufferList->mBuffers[1].mData = bufferR;
} else {
- ASSERT(!mixToMono || numberOfChannels == 1);
+ RELEASE_ASSERT(!mixToMono || numberOfChannels == 1);
// for True-stereo (numberOfChannels == 4)
for (size_t i = 0; i < numberOfChannels; ++i) {
@@ -213,9 +203,17 @@
bufferList->mBuffers[i].mNumberChannels = 1;
bufferList->mBuffers[i].mDataByteSize = numberOfFrames * sizeof(float);
bufferList->mBuffers[i].mData = audioBus->channel(i)->mutableData();
+ ASSERT(bufferList->mBuffers[i].mData);
}
}
+ if (!validateAudioBufferList(bufferList)) {
+ RELEASE_LOG_FAULT(WebAudio, "Generated buffer in AudioFileReader::createBus() did not pass validation");
+ ASSERT_NOT_REACHED();
+ destroyAudioBufferList(bufferList);
+ return nullptr;
+ }
+
// Read from the file (or in-memory version)
UInt32 framesToRead = numberOfFrames;
result = ExtAudioFileRead(m_extAudioFileRef, &framesToRead, bufferList);