diff options
Diffstat (limited to 'apps/plugins/mikmod/load_ult.c')
-rw-r--r-- | apps/plugins/mikmod/load_ult.c | 40 |
1 files changed, 24 insertions, 16 deletions
diff --git a/apps/plugins/mikmod/load_ult.c b/apps/plugins/mikmod/load_ult.c index f56c2df06b..1d4e5cf72b 100644 --- a/apps/plugins/mikmod/load_ult.c +++ b/apps/plugins/mikmod/load_ult.c | |||
@@ -6,12 +6,12 @@ | |||
6 | it under the terms of the GNU Library General Public License as | 6 | it under the terms of the GNU Library General Public License as |
7 | published by the Free Software Foundation; either version 2 of | 7 | published by the Free Software Foundation; either version 2 of |
8 | the License, or (at your option) any later version. | 8 | the License, or (at your option) any later version. |
9 | 9 | ||
10 | This program is distributed in the hope that it will be useful, | 10 | This program is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | GNU Library General Public License for more details. | 13 | GNU Library General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Library General Public | 15 | You should have received a copy of the GNU Library General Public |
16 | License along with this library; if not, write to the Free Software | 16 | License along with this library; if not, write to the Free Software |
17 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA | 17 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA |
@@ -20,7 +20,7 @@ | |||
20 | 20 | ||
21 | /*============================================================================== | 21 | /*============================================================================== |
22 | 22 | ||
23 | $Id: load_ult.c,v 1.3 2010/01/12 03:30:32 realtech Exp $ | 23 | $Id$ |
24 | 24 | ||
25 | Ultratracker (ULT) module loader | 25 | Ultratracker (ULT) module loader |
26 | 26 | ||
@@ -80,7 +80,7 @@ typedef struct ULTEVENT { | |||
80 | #define ULTS_REVERSE 16 | 80 | #define ULTS_REVERSE 16 |
81 | 81 | ||
82 | #define ULT_VERSION_LEN 18 | 82 | #define ULT_VERSION_LEN 18 |
83 | static CHAR ULT_Version[ULT_VERSION_LEN]="Ultra Tracker v1.x"; | 83 | static CHAR ULT_Version[ULT_VERSION_LEN+1]="Ultra Tracker v1.x"; |
84 | 84 | ||
85 | static ULTEVENT ev; | 85 | static ULTEVENT ev; |
86 | 86 | ||
@@ -130,8 +130,8 @@ static int ULT_Load(int curious) | |||
130 | SAMPLE *q; | 130 | SAMPLE *q; |
131 | ULTSAMPLE s; | 131 | ULTSAMPLE s; |
132 | ULTHEADER mh; | 132 | ULTHEADER mh; |
133 | UBYTE nos,noc,rbnop; | 133 | UBYTE nos,noc,RBnop; |
134 | (void)curious; | 134 | (void)curious; |
135 | 135 | ||
136 | /* try to read module header */ | 136 | /* try to read module header */ |
137 | _mm_read_string(mh.id,15,modreader); | 137 | _mm_read_string(mh.id,15,modreader); |
@@ -207,29 +207,37 @@ static int ULT_Load(int curious) | |||
207 | if(!AllocPositions(256)) return 0; | 207 | if(!AllocPositions(256)) return 0; |
208 | for(t=0;t<256;t++) | 208 | for(t=0;t<256;t++) |
209 | of.positions[t]=_mm_read_UBYTE(modreader); | 209 | of.positions[t]=_mm_read_UBYTE(modreader); |
210 | for(t=0;t<256;t++) | 210 | |
211 | noc=_mm_read_UBYTE(modreader); | ||
212 | RBnop=_mm_read_UBYTE(modreader); | ||
213 | |||
214 | of.numchn=++noc; | ||
215 | of.numpat=++RBnop; | ||
216 | of.numtrk=of.numchn*of.numpat; | ||
217 | |||
218 | for(t=0;t<256;t++) { | ||
211 | if(of.positions[t]==255) { | 219 | if(of.positions[t]==255) { |
212 | of.positions[t]=LAST_PATTERN; | 220 | of.positions[t]=LAST_PATTERN; |
213 | break; | 221 | break; |
214 | } | 222 | } |
223 | if (of.positions[t]>of.numpat) { /* SANITIY CHECK */ | ||
224 | /* fprintf(stderr,"positions[%d]=%d > numpat=%d\n",t,of.positions[t],of.numpat);*/ | ||
225 | _mm_errno = MMERR_LOADING_HEADER; | ||
226 | return 0; | ||
227 | } | ||
228 | } | ||
215 | of.numpos=t; | 229 | of.numpos=t; |
216 | 230 | ||
217 | noc=_mm_read_UBYTE(modreader); | ||
218 | rbnop=_mm_read_UBYTE(modreader); | ||
219 | |||
220 | of.numchn=++noc; | ||
221 | of.numpat=++rbnop; | ||
222 | of.numtrk=of.numchn*of.numpat; | ||
223 | if(!AllocTracks()) return 0; | 231 | if(!AllocTracks()) return 0; |
224 | if(!AllocPatterns()) return 0; | 232 | if(!AllocPatterns()) return 0; |
225 | for(u=0;u<of.numchn;u++) | 233 | for(u=0;u<of.numchn;u++) |
226 | for(t=0;t<of.numpat;t++) | 234 | for(t=0;t<of.numpat;t++) |
227 | of.patterns[(t*of.numchn)+u]=tracks++; | 235 | of.patterns[(t*of.numchn)+u]=tracks++; |
228 | 236 | ||
229 | // SA37775 | 237 | /* Secunia SA37775 / CVE-2009-3996 */ |
230 | if (of.numchn>=UF_MAXCHAN) | 238 | if (of.numchn>=UF_MAXCHAN) |
231 | of.numchn=UF_MAXCHAN - 1; | 239 | of.numchn=UF_MAXCHAN - 1; |
232 | 240 | ||
233 | /* read pan position table for v1.5 and higher */ | 241 | /* read pan position table for v1.5 and higher */ |
234 | if(mh.id[14]>='3') { | 242 | if(mh.id[14]>='3') { |
235 | for(t=0;t<of.numchn;t++) of.panning[t]=_mm_read_UBYTE(modreader)<<4; | 243 | for(t=0;t<of.numchn;t++) of.panning[t]=_mm_read_UBYTE(modreader)<<4; |
@@ -313,7 +321,7 @@ static int ULT_Load(int curious) | |||
313 | return 1; | 321 | return 1; |
314 | } | 322 | } |
315 | 323 | ||
316 | static CHAR *ULT_LoadTitle(void) | 324 | static CHAR * ULT_LoadTitle(void) |
317 | { | 325 | { |
318 | CHAR s[32]; | 326 | CHAR s[32]; |
319 | 327 | ||