Fix crash from out-of-bounds copy in WaveClipSpectrumCache::GetSpectrogram

4 months ago 4

Resolves: #8851

This fixes a crash bug in WaveClipSpectrumCache::GetSpectrogram. I've cleaned up the arithmetic for calculating the begin and end indices for copying cached spectrogram data. Previously copyBegin + oldX0 could exceed mSpecCache->len after shrinking mSpecCache, and this is where the crash on out of bounds access was coming from.

I've also renamed SpecCache::Grow to SpecCache::Resize to more accurately reflect what this function does, while also moving its invocation to after the crashing memmove to guarantee that we are never indexing out of bounds.

  • I signed CLA
  • The title of the pull request describes an issue it addresses
  • If changes are extensive, then there is a sequence of easily reviewable commits
  • Each commit's message describes its purpose and effects
  • There are no behavior changes unnecessary for the stated purpose of the PR

Recommended:

  • Each commit compiles and runs on my machine without known undesirable changes of behavior
Read Entire Article
  1. Homepage
  2. Technology
  3. Fix crash from out-of-bounds copy in WaveClipSpectrumCache::GetSpectrogram

Related

When Bill Gates Yelled at Me About Climate Change

When Bill Gates Yelled at Me About Climate Change

13 minutes ago 0
Xen exploitation part 1: XSA-105, from nobody to root

Xen exploitation part 1: XSA-105, from nobody to root

14 minutes ago 0
The Zhee Showroom

The Zhee Showroom

15 minutes ago 0
Hostinger Web Hosting