From 8a778e0c0e39eea5aefb358ff6bcd5381907ed3e Mon Sep 17 00:00:00 2001 From: Tom M Date: Sun, 14 Mar 2021 17:20:09 +0100 Subject: [PATCH 1/2] Add warning if soundfont bigger 2GB (#811) Advice the user to use fluidsynth 2.2.0 or later when loading soundfonts > 2GB --- src/sfloader/fluid_sffile.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/sfloader/fluid_sffile.c b/src/sfloader/fluid_sffile.c index 0e7ffe26..001a0a0a 100644 --- a/src/sfloader/fluid_sffile.c +++ b/src/sfloader/fluid_sffile.c @@ -2406,6 +2406,14 @@ static int fluid_sffile_read_wav(SFData *sf, unsigned int start, unsigned int en if(sf->fcbs->fread(loaded_data, num_samples * sizeof(short), sf->sffd) == FLUID_FAILED) { +#if FLUID_VERSION_CHECK(FLUIDSYNTH_VERSION_MAJOR, FLUIDSYNTH_VERSION_MINOR, FLUIDSYNTH_VERSION_MICRO) < FLUID_VERSION_CHECK(2,2,0) + if((int)(num_samples * sizeof(short)) < 0) + { + FLUID_LOG(FLUID_INFO, + "This SoundFont seems to be bigger than 2GB, which is not supported in this version of fluidsynth. " + "You need to use at least fluidsynth 2.2.0"); + } +#endif FLUID_LOG(FLUID_ERR, "Failed to read sample data"); goto error_exit; } From 005719628aef0bd48dc7b2f860c7e4ca16b81044 Mon Sep 17 00:00:00 2001 From: Tom M Date: Mon, 15 Mar 2021 20:12:51 +0100 Subject: [PATCH 2/2] Invalid generators were not removed from zone list (#810) fluid_list_remove() should receive the beginning of a list, so it can adjust the predecessor of the element to be removed. Otherwise the element would remain in the list, which in this case led to a use-after-free afterwards. --- src/sfloader/fluid_sffile.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/sfloader/fluid_sffile.c b/src/sfloader/fluid_sffile.c index 001a0a0a..47ab98d9 100644 --- a/src/sfloader/fluid_sffile.c +++ b/src/sfloader/fluid_sffile.c @@ -1355,7 +1355,7 @@ static int load_pmod(SFData *sf, int size) * ------------------------------------------------------------------- */ static int load_pgen(SFData *sf, int size) { - fluid_list_t *p, *p2, *p3, *dup, **hz = NULL; + fluid_list_t *p, *p2, *p3, *dup, **hz = NULL, *start_of_zone_list; SFZone *z; SFGen *g; SFGenAmount genval; @@ -1369,7 +1369,7 @@ static int load_pgen(SFData *sf, int size) /* traverse through all presets */ gzone = FALSE; discarded = FALSE; - p2 = ((SFPreset *)(p->data))->zone; + start_of_zone_list = p2 = ((SFPreset *)(p->data))->zone; if(p2) { @@ -1516,11 +1516,13 @@ static int load_pgen(SFData *sf, int size) } else { + p2 = fluid_list_next(p2); /* advance to next zone before deleting the current list element */ /* previous global zone exists, discard */ FLUID_LOG(FLUID_WARN, "Preset '%s': Discarding invalid global zone", ((SFPreset *)(p->data))->name); - *hz = fluid_list_remove(*hz, p2->data); - delete_zone((SFZone *)fluid_list_get(p2)); + fluid_list_remove(start_of_zone_list, z); + delete_zone(z); + continue; } } @@ -1864,7 +1866,7 @@ static int load_imod(SFData *sf, int size) /* load instrument generators (see load_pgen for loading rules) */ static int load_igen(SFData *sf, int size) { - fluid_list_t *p, *p2, *p3, *dup, **hz = NULL; + fluid_list_t *p, *p2, *p3, *dup, **hz = NULL, *start_of_zone_list; SFZone *z; SFGen *g; SFGenAmount genval; @@ -1878,7 +1880,7 @@ static int load_igen(SFData *sf, int size) /* traverse through all instruments */ gzone = FALSE; discarded = FALSE; - p2 = ((SFInst *)(p->data))->zone; + start_of_zone_list = p2 = ((SFInst *)(p->data))->zone; if(p2) { @@ -2024,11 +2026,13 @@ static int load_igen(SFData *sf, int size) } else { + p2 = fluid_list_next(p2); /* advance to next zone before deleting the current list element */ /* previous global zone exists, discard */ FLUID_LOG(FLUID_WARN, "Instrument '%s': Discarding invalid global zone", ((SFInst *)(p->data))->name); - *hz = fluid_list_remove(*hz, p2->data); - delete_zone((SFZone *)fluid_list_get(p2)); + fluid_list_remove(start_of_zone_list, z); + delete_zone(z); + continue; } }