From 84588c50bd21809a4844ac9cd61851e3e705047d Mon Sep 17 00:00:00 2001 From: David Reid Date: Mon, 2 Dec 2019 19:17:43 -0800 Subject: [PATCH] Bump dr_wav to v0.11.2 Fixes: - https://github.com/mackron/dr_libs/issues/84 - https://github.com/mackron/dr_libs/issues/83 - https://github.com/mackron/dr_libs/issues/82 - https://github.com/mackron/dr_libs/issues/81 - https://github.com/mackron/dr_libs/issues/80 - https://github.com/mackron/dr_libs/issues/79 - https://github.com/mackron/dr_libs/issues/78 - https://github.com/mackron/dr_libs/issues/77 - https://github.com/mackron/dr_libs/issues/76 - https://github.com/mackron/dr_libs/issues/75 --- src/libs/decoders/dr_wav.h | 58 +++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 17 deletions(-) diff --git a/src/libs/decoders/dr_wav.h b/src/libs/decoders/dr_wav.h index 44fc774e..05ad0eaf 100644 --- a/src/libs/decoders/dr_wav.h +++ b/src/libs/decoders/dr_wav.h @@ -1,6 +1,6 @@ /* WAV audio loader and writer. Choice of public domain or MIT-0. See license statements at the end of this file. -dr_wav - v0.11.1 - 2019-10-07 +dr_wav - v0.11.2 - 2019-12-02 David Reid - mackron@gmail.com */ @@ -1076,6 +1076,20 @@ void drwav_free(void* p, const drwav_allocation_callbacks* pAllocationCallbacks) #endif #endif +/* +These limits are used for basic validation when initializing the decoder. If you exceed these limits, first of all: what on Earth are +you doing?! (Let me know, I'd be curious!) Second, you can adjust these by #define-ing them before the dr_wav implementation. +*/ +#ifndef DRWAV_MAX_SAMPLE_RATE +#define DRWAV_MAX_SAMPLE_RATE 384000 +#endif +#ifndef DRWAV_MAX_CHANNELS +#define DRWAV_MAX_CHANNELS 256 +#endif +#ifndef DRWAV_MAX_BITS_PER_SAMPLE +#define DRWAV_MAX_BITS_PER_SAMPLE 64 +#endif + static const drwav_uint8 drwavGUID_W64_RIFF[16] = {0x72,0x69,0x66,0x66, 0x2E,0x91, 0xCF,0x11, 0xA5,0xD6, 0x28,0xDB,0x04,0xC1,0x00,0x00}; /* 66666972-912E-11CF-A5D6-28DB04C10000 */ static const drwav_uint8 drwavGUID_W64_WAVE[16] = {0x77,0x61,0x76,0x65, 0xF3,0xAC, 0xD3,0x11, 0x8C,0xD1, 0x00,0xC0,0x4F,0x8E,0xDB,0x8A}; /* 65766177-ACF3-11D3-8CD1-00C04F8EDB8A */ static const drwav_uint8 drwavGUID_W64_JUNK[16] = {0x6A,0x75,0x6E,0x6B, 0xF3,0xAC, 0xD3,0x11, 0x8C,0xD1, 0x00,0xC0,0x4F,0x8E,0xDB,0x8A}; /* 6B6E756A-ACF3-11D3-8CD1-00C04F8EDB8A */ @@ -1446,8 +1460,10 @@ static void* drwav__realloc_from_callbacks(void* p, size_t szNew, size_t szOld, return NULL; } - DRWAV_COPY_MEMORY(p2, p, szOld); - pAllocationCallbacks->onFree(p, pAllocationCallbacks->pUserData); + if (p != NULL) { + DRWAV_COPY_MEMORY(p2, p, szOld); + pAllocationCallbacks->onFree(p, pAllocationCallbacks->pUserData); + } return p2; } @@ -1862,8 +1878,11 @@ drwav_bool32 drwav_init__internal(drwav* pWav, drwav_chunk_proc onChunk, void* p } /* Basic validation. */ - if (fmt.sampleRate == 0 || fmt.channels == 0 || fmt.bitsPerSample == 0 || fmt.blockAlign == 0) { - return DRWAV_FALSE; /* Invalid channel count. Probably an invalid WAV file. */ + if ((fmt.sampleRate == 0 || fmt.sampleRate > DRWAV_MAX_SAMPLE_RATE) || + (fmt.channels == 0 || fmt.channels > DRWAV_MAX_CHANNELS) || + (fmt.bitsPerSample == 0 || fmt.bitsPerSample > DRWAV_MAX_BITS_PER_SAMPLE) || + fmt.blockAlign == 0) { + return DRWAV_FALSE; /* Probably an invalid WAV file. */ } @@ -2926,11 +2945,12 @@ drwav_bool32 drwav_seek_to_pcm_frame(drwav* pWav, drwav_uint64 targetFrameIndex) { /* Seeking should be compatible with wave files > 2GB. */ - if (pWav->onWrite != NULL) { - return DRWAV_FALSE; /* No seeking in write mode. */ + if (pWav == NULL || pWav->onSeek == NULL) { + return DRWAV_FALSE; } - if (pWav == NULL || pWav->onSeek == NULL) { + /* No seeking in write mode. */ + if (pWav->onWrite != NULL) { return DRWAV_FALSE; } @@ -3060,10 +3080,10 @@ drwav_uint64 drwav_write_pcm_frames_le(drwav* pWav, drwav_uint64 framesToWrite, while (bytesToWrite > 0) { size_t bytesJustWritten; - drwav_uint64 bytesToWriteThisIteration = bytesToWrite; - if (bytesToWriteThisIteration > DRWAV_SIZE_MAX) { - bytesToWriteThisIteration = DRWAV_SIZE_MAX; - } + drwav_uint64 bytesToWriteThisIteration; + + bytesToWriteThisIteration = bytesToWrite; + DRWAV_ASSERT(bytesToWriteThisIteration <= DRWAV_SIZE_MAX); /* <-- This is checked above. */ bytesJustWritten = drwav_write_raw(pWav, (size_t)bytesToWriteThisIteration, pRunningData); if (bytesJustWritten == 0) { @@ -3106,9 +3126,7 @@ drwav_uint64 drwav_write_pcm_frames_be(drwav* pWav, drwav_uint64 framesToWrite, drwav_uint64 bytesToWriteThisIteration; bytesToWriteThisIteration = bytesToWrite; - if (bytesToWriteThisIteration > DRWAV_SIZE_MAX) { - bytesToWriteThisIteration = DRWAV_SIZE_MAX; - } + DRWAV_ASSERT(bytesToWriteThisIteration <= DRWAV_SIZE_MAX); /* <-- This is checked above. */ /* WAV files are always little-endian. We need to byte swap on big-endian architectures. Since our input buffer is read-only we need @@ -3116,8 +3134,8 @@ drwav_uint64 drwav_write_pcm_frames_be(drwav* pWav, drwav_uint64 framesToWrite, */ sampleCount = sizeof(temp)/bytesPerSample; - if (bytesToWriteThisIteration > sampleCount*bytesPerSample) { - bytesToWriteThisIteration = sampleCount*bytesPerSample; + if (bytesToWriteThisIteration > ((drwav_uint64)sampleCount)*bytesPerSample) { + bytesToWriteThisIteration = ((drwav_uint64)sampleCount)*bytesPerSample; } DRWAV_COPY_MEMORY(temp, pRunningData, (size_t)bytesToWriteThisIteration); @@ -5033,6 +5051,12 @@ void drwav_free(void* p, const drwav_allocation_callbacks* pAllocationCallbacks) /* REVISION HISTORY ================ +v0.11.2 - 2019-12-02 + - Fix a possible crash when using custom memory allocators without a custom realloc() implementation. + - Fix an integer overflow bug. + - Fix a null pointer dereference bug. + - Add limits to sample rate, channels and bits per sample to tighten up some validation. + v0.11.1 - 2019-10-07 - Internal code clean up.