diff options
author | Harish Mahendrakar <harish.mahendrakar@ittiam.com> | 2020-04-30 04:24:53 +0530 |
---|---|---|
committer | Ray Essick <essick@google.com> | 2020-04-30 15:55:27 -0700 |
commit | c049c140e3aff87f1c6e557437cc050dd864cc5f (patch) | |
tree | c198dee8ea979f12c85b384e3b5d507c77c0c23f /arm-wt-22k | |
parent | 74bbfa9871e9babe8af666800e87fcbd8e5bce0d (diff) | |
download | sonivox-c049c140e3aff87f1c6e557437cc050dd864cc5f.tar.gz |
Check data consistency in mdls parsing
Added checks to ensure consistency of waveCount, instCount,
regionCount and artCount in two passes of parsing
Bug: 150159669
Bug: 150160279
Bug: 150159906
Bug: 150160041
Test: poc in bug
Change-Id: I6f3098b029b6da56415a588882a5bb908edd3db7
Diffstat (limited to 'arm-wt-22k')
-rw-r--r-- | arm-wt-22k/host_src/eas_types.h | 1 | ||||
-rw-r--r-- | arm-wt-22k/lib_src/eas_mdls.c | 32 |
2 files changed, 33 insertions, 0 deletions
diff --git a/arm-wt-22k/host_src/eas_types.h b/arm-wt-22k/host_src/eas_types.h index df1d1d8..56d0b53 100644 --- a/arm-wt-22k/host_src/eas_types.h +++ b/arm-wt-22k/host_src/eas_types.h @@ -76,6 +76,7 @@ typedef long EAS_RESULT; #define EAS_ERROR_QUEUE_IS_FULL -36 #define EAS_ERROR_QUEUE_IS_EMPTY -37 #define EAS_ERROR_FEATURE_ALREADY_ACTIVE -38 +#define EAS_ERROR_DATA_INCONSISTENCY -39 /* special return codes */ #define EAS_EOF 3 diff --git a/arm-wt-22k/lib_src/eas_mdls.c b/arm-wt-22k/lib_src/eas_mdls.c index 4c33da0..876ce9b 100644 --- a/arm-wt-22k/lib_src/eas_mdls.c +++ b/arm-wt-22k/lib_src/eas_mdls.c @@ -852,6 +852,15 @@ static EAS_RESULT Parse_ptbl (SDLS_SYNTHESIZER_DATA *pDLSData, EAS_I32 pos, EAS_ if ((result = EAS_HWGetDWord(pDLSData->hwInstData, pDLSData->fileHandle, &pDLSData->waveCount, EAS_FALSE)) != EAS_SUCCESS) return result; + /* if second pass, ensure waveCount matches with the value parsed in first pass */ + if (pDLSData->pDLS) + { + if (pDLSData->waveCount != pDLSData->pDLS->numDLSSamples) + { + return EAS_ERROR_DATA_INCONSISTENCY; + } + } + #if 0 /* just need the wave count on the first pass */ if (!pDLSData->pDLS) @@ -1412,6 +1421,15 @@ static EAS_RESULT Parse_lins (SDLS_SYNTHESIZER_DATA *pDLSData, EAS_I32 pos, EAS_ if (temp != CHUNK_INS) continue; + /* if second pass, ensure instCount is less than numDLSPrograms */ + if (pDLSData->pDLS) + { + if (pDLSData->instCount >= pDLSData->pDLS->numDLSPrograms) + { + return EAS_ERROR_DATA_INCONSISTENCY; + } + } + if ((result = Parse_ins(pDLSData, chunkPos + 12, size)) != EAS_SUCCESS) return result; } @@ -1647,6 +1665,14 @@ static EAS_RESULT Parse_lrgn (SDLS_SYNTHESIZER_DATA *pDLSData, EAS_I32 pos, EAS_ { /* dpp: EAS_ReportEx(_EAS_SEVERITY_WARNING, "DLS region count exceeded cRegions value in insh, extra region ignored\n"); */ } return EAS_SUCCESS; } + /* if second pass, ensure regionCount is less than numDLSRegions */ + if (pDLSData->pDLS) + { + if (pDLSData->regionCount >= pDLSData->pDLS->numDLSRegions) + { + return EAS_ERROR_DATA_INCONSISTENCY; + } + } if ((result = Parse_rgn(pDLSData, chunkPos + 12, size, artIndex)) != EAS_SUCCESS) return result; regionCount++; @@ -1794,6 +1820,12 @@ static EAS_RESULT Parse_rgn (SDLS_SYNTHESIZER_DATA *pDLSData, EAS_I32 pos, EAS_I /* if local data was found convert it */ if (art.values[PARAM_MODIFIED] == EAS_TRUE) { + /* ensure artCount is less than numDLSArticulations */ + if (pDLSData->artCount >= pDLSData->pDLS->numDLSArticulations) + { + return EAS_ERROR_DATA_INCONSISTENCY; + } + Convert_art(pDLSData, &art, (EAS_U16) pDLSData->artCount); artIndex = (EAS_U16) pDLSData->artCount; } |