From ffe582236c728867f37d032a85427945e7de59e1 Mon Sep 17 00:00:00 2001 From: tildearrow Date: Sat, 14 May 2022 16:03:21 -0500 Subject: [PATCH] harden .fur file saver --- src/engine/fileOps.cpp | 39 +++++++++++++++++++++++++++++++++------ 1 file changed, 33 insertions(+), 6 deletions(-) diff --git a/src/engine/fileOps.cpp b/src/engine/fileOps.cpp index 99b46319..1da563ae 100644 --- a/src/engine/fileOps.cpp +++ b/src/engine/fileOps.cpp @@ -2535,13 +2535,40 @@ bool DivEngine::load(unsigned char* f, size_t slen) { SafeWriter* DivEngine::saveFur(bool notPrimary) { saveLock.lock(); - int insPtr[256]; - int wavePtr[256]; - int samplePtr[256]; + std::vector insPtr; + std::vector wavePtr; + std::vector samplePtr; std::vector patPtr; size_t ptrSeek; warnings=""; + // fail if values are out of range + if (song.ordersLen>256) { + logE("maximum song length is 256!"); + lastError="maximum song length is 256"; + return NULL; + } + if (song.patLen>256) { + logE("maximum pattern length is 256!"); + lastError="maximum pattern length is 256"; + return NULL; + } + if (song.ins.size()>256) { + logE("maximum number of instruments is 256!"); + lastError="maximum number of instruments is 256"; + return NULL; + } + if (song.wave.size()>256) { + logE("maximum number of wavetables is 256!"); + lastError="maximum number of wavetables is 256"; + return NULL; + } + if (song.sample.size()>256) { + logE("maximum number of samples is 256!"); + lastError="maximum number of samples is 256"; + return NULL; + } + if (!notPrimary) { song.isDMF=false; song.version=DIV_ENGINE_VERSION; @@ -2719,21 +2746,21 @@ SafeWriter* DivEngine::saveFur(bool notPrimary) { /// INSTRUMENT for (int i=0; itell(); + insPtr.push_back(w->tell()); ins->putInsData(w); } /// WAVETABLE for (int i=0; itell(); + wavePtr.push_back(w->tell()); wave->putWaveData(w); } /// SAMPLE for (int i=0; itell(); + samplePtr.push_back(w->tell()); w->write("SMPL",4); w->writeI(0);