Update of /cvsroot/xine/xine-lib/src/combined
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv31092/src/combined
Modified Files:
decoder_wavpack.c demux_wavpack.c
Log Message:
Use a bitmask, and ensure that the values reported by wavpack for
bits_per_sample and channels (that have sane limits) are inside the boundaries,
this way we don't end up eating memory in the case of a malformed wavpack file.
While we're at it, also try to compact the size of the wavpack structures.
Index: decoder_wavpack.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/combined/decoder_wavpack.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- decoder_wavpack.c 25 Feb 2007 17:34:48 -0000 1.8
+++ decoder_wavpack.c 25 Feb 2007 17:52:16 -0000 1.9
@@ -40,11 +40,11 @@
xine_stream_t *stream;
- int output_open;
-
int sample_rate;
- int bits_per_sample;
- int channels;
+ uint16_t bits_per_sample:6;
+ uint16_t channels:4;
+
+ uint16_t output_open:1;
uint8_t *buf;
size_t buf_size;
@@ -123,7 +123,7 @@
static int32_t xine_buffer_write_bytes(__unused void *const id,
__unused void *const data,
__unused const int32_t bcount) {
- lprintf("xine_buffer_write_bytes: acces is read-only.\n");
+ lprintf("xine_buffer_write_bytes: access is read-only.\n");
return 0;
}
@@ -155,7 +155,9 @@
int mode = AO_CAP_MODE_MONO;
this->sample_rate = buf->decoder_info[1];
+ _x_assert(buf->decoder_info[2] <= 32);
this->bits_per_sample = buf->decoder_info[2];
+ _x_assert(buf->decoder_info[3] <= 8);
this->channels = buf->decoder_info[3];
mode = _x_ao_channels2mode(this->channels);
@@ -170,7 +172,7 @@
this->stream,
this->bits_per_sample,
this->sample_rate,
- mode);
+ mode) ? 1 : 0;
}
this->buf_pos = 0;
} else if (this->output_open) {
Index: demux_wavpack.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/combined/demux_wavpack.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- demux_wavpack.c 25 Feb 2007 17:34:48 -0000 1.8
+++ demux_wavpack.c 25 Feb 2007 17:52:16 -0000 1.9
@@ -46,8 +46,8 @@
uint32_t current_sample;
uint32_t samples;
uint32_t samplerate;
- uint32_t bits_per_sample;
- uint32_t channels;
+ uint16_t bits_per_sample:6;
+ uint16_t channels:4;
} demux_wv_t;
typedef struct {
@@ -118,6 +118,7 @@
WavpackContext *ctx = NULL;
char error[256]; /* Current version of wavpack (4.31) does not write more
than this */
wvheader_t header;
+ uint32_t tmp;
/* Right now we don't support non-seekable streams */
if (! INPUT_IS_SEEKABLE(this->input) ) {
@@ -147,10 +148,14 @@
lprintf("number of samples: %u\n", this->samples);
this->samplerate = WavpackGetSampleRate(ctx);
lprintf("samplerate: %u Hz\n", this->samplerate);
- this->bits_per_sample = WavpackGetBitsPerSample(ctx);
- lprintf("bits_per_sample: %u\n", this->bits_per_sample);
- this->channels = WavpackGetNumChannels(ctx);
- lprintf("channels: %u\n", this->channels);
+
+ tmp = WavpackGetBitsPerSample(ctx); _x_assert(tmp <= 32);
+ lprintf("bits_per_sample: %u\n", tmp);
+ this->bits_per_sample = tmp;
+
+ tmp = WavpackGetNumChannels(ctx); _x_assert(tmp <= 8);
+ lprintf("channels: %u\n", tmp);
+ this->channels = tmp;
_x_stream_info_set(this->stream, XINE_STREAM_INFO_HAS_AUDIO, 1);
_x_stream_info_set(this->stream, XINE_STREAM_INFO_AUDIO_FOURCC,
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Xine-cvslog mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xine-cvslog
