zdoom/fluidsynth
0
0
Fork 0
mirror of https://github.com/ZDoom/fluidsynth.git synced 2024-11-27 06:22:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix a NULL dereference

Browse source 
Access to field 'zone' results in a dereference of a null pointer (loaded from variable 'prev_preset'), if `size` is negative. Problem is: Parameter `size` is `chunk.size` and should be unsigned.
This commit is contained in:
derselbst 2020-09-11 21:45:03 +02:00 committed by Tom M
parent ec74ed905b
commit c4cd8bfc24
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/sfloader/fluid_sffile.c
View file

@ -300,7 +300,7 @@ static int load_body(SFData *sf);
static int process_info(SFData *sf, int size); static int process_info(SFData *sf, int size);
static int process_sdta(SFData *sf, unsigned int size); static int process_sdta(SFData *sf, unsigned int size);
static int process_pdta(SFData *sf, int size); static int process_pdta(SFData *sf, int size);
static int load_phdr(SFData *sf, int size); static int load_phdr(SFData *sf, unsigned int size);
static int load_pbag(SFData *sf, int size); static int load_pbag(SFData *sf, int size);
static int load_pmod(SFData *sf, int size); static int load_pmod(SFData *sf, int size);
static int load_pgen(SFData *sf, int size); static int load_pgen(SFData *sf, int size);
@ -1047,9 +1047,10 @@ static int process_pdta(SFData *sf, int size)
} }
/* preset header loader */ /* preset header loader */
static int load_phdr(SFData *sf, int size) static int load_phdr(SFData *sf, unsigned int size)
{ {
int i, i2; unsigned int i;
int i2;
SFPreset *preset, *prev_preset = NULL; SFPreset *preset, *prev_preset = NULL;
unsigned short pbag_idx, prev_pbag_idx = 0; unsigned short pbag_idx, prev_pbag_idx = 0;