etc/furnace
0
0
Fork 0
mirror of https://github.com/tildearrow/furnace.git synced 2024-11-25 22:15:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

S3M/IT/XM import: hardening

Browse source
This commit is contained in:
tildearrow 2024-07-01 05:44:28 -05:00
parent 6b2c010afa
commit 6449bc9af2
3 changed files with 32 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/engine/fileOps/it.cpp
View file

@ -547,7 +547,7 @@ bool DivEngine::loadIT(unsigned char* file, size_t len) {
reader.read(magic,4); reader.read(magic,4);
if (memcmp(magic,"IMPS",4)!=0) { if (memcmp(magic,"IMPS",4)!=0) {
logE("invalid sample header!"); logW("invalid sample header!");
lastError="invalid sample header"; lastError="invalid sample header";
delete s; delete s;
delete[] file; delete[] file;
@ -575,7 +575,16 @@ bool DivEngine::loadIT(unsigned char* file, size_t len) {
s->depth=DIV_SAMPLE_DEPTH_8BIT; s->depth=DIV_SAMPLE_DEPTH_8BIT;
} }
s->init((unsigned int)reader.readI()); unsigned int sampleLen=reader.readI();
if (sampleLen>16777216) {
logE("abnormal sample size! %x",reader.tell());
lastError="bad sample size";
delete[] file;
return false;
}
s->init(sampleLen);
s->loopStart=reader.readI(); s->loopStart=reader.readI();
s->loopEnd=reader.readI(); s->loopEnd=reader.readI();
s->centerRate=reader.readI()/2; s->centerRate=reader.readI()/2;

7
src/engine/fileOps/s3m.cpp
View file

@ -414,7 +414,12 @@ bool DivEngine::loadS3M(unsigned char* file, size_t len) {
unsigned int length=reader.readI(); unsigned int length=reader.readI();
logV("length: %x",length); if (length>16777216) {
logE("abnormal sample size! %x",reader.tell());
lastError="bad sample size";
delete[] file;
return false;
}
DivSample* s=new DivSample; DivSample* s=new DivSample;

22
src/engine/fileOps/xm.cpp
View file

@ -204,6 +204,20 @@ bool DivEngine::loadXM(unsigned char* file, size_t len) {
double bpm=(unsigned short)reader.readS(); double bpm=(unsigned short)reader.readS();
ds.subsong[0]->hz=(double)bpm/2.5; ds.subsong[0]->hz=(double)bpm/2.5;
if (ordersLen>256) {
logE("invalid order count!");
lastError="invalid order count";
delete[] file;
return false;
}
if (patCount>256) {
logE("too many patterns!");
lastError="too many patterns";
delete[] file;
return false;
}
if (ds.insLen<0 || ds.insLen>256) { if (ds.insLen<0 || ds.insLen>256) {
logE("invalid instrument count!"); logE("invalid instrument count!");
lastError="invalid instrument count"; lastError="invalid instrument count";
@ -435,8 +449,6 @@ bool DivEngine::loadXM(unsigned char* file, size_t len) {
headerSeek=reader.tell(); headerSeek=reader.tell();
headerSeek+=reader.readI(); headerSeek+=reader.readI();
logV("the freaking thing ends at %x",headerSeek);
ins->name=reader.readStringLatin1(22); ins->name=reader.readStringLatin1(22);
ins->type=DIV_INS_ES5506; ins->type=DIV_INS_ES5506;
ins->amiga.useNoteMap=true; ins->amiga.useNoteMap=true;
@ -493,11 +505,7 @@ bool DivEngine::loadXM(unsigned char* file, size_t len) {
unsigned short volFade=reader.readS(); unsigned short volFade=reader.readS();
reader.readS(); // reserved reader.readS(); // reserved
logV("%d",vibType); logV("vibrato: %d %d %d %d",vibType,vibSweep,vibDepth,vibRate);
logV("%d",vibSweep);
logV("%d",vibDepth);
logV("%d",vibRate);
logV("volFade: %d",volFade);
// convert envelopes // convert envelopes
readEnvelope(ins,0,volType,volEnvLen,volLoopStart,volLoopEnd,volSusPoint,volEnv); readEnvelope(ins,0,volType,volEnvLen,volLoopStart,volLoopEnd,volSusPoint,volEnv);