segfault on invalid data
bnnm opened this issue · 3 comments
Sometimes when fed garbage data, Atrac9Decode segfaults (if I just disable the call in vgmstream it doesn't segfault so I don't think it's a problem in that end).
Happens at times when I get offsets wrong while adding new vgmstream formats. I've uploaded a doctored .at9 that crashes on the first frame, by changing the first 0x100 "data" bytes with garbage. vgmstream crashes while VGAudio stops with an "invalid data" error, maybe it does more validations? Not all garbage frames crash it, rare out-of-range case?
Not super important but thought it would be good to mention.
Might as well mention that new releases would benefict from enabled XP compatibity, if possible in your setup (ie. kode54@6b3dbaa)
Turns out I wasn't validating the StereoBand value that's in each frame, which resulted in a null pointer dereference down the line.
I checked to make sure parameters directly read from the bitstream were validated, and that was the only one that wasn't. I also didn't see any other obvious dereferences or possible OOB issues from a quick skim through the code.
Fixed by 761a8dd
You didn't run across any other data that cause crashes after the fix?
Oh, I actually didn't test it, since I figured it would be fine :)
Will do some tests later but I think it's the kind of bug only happens when you least expect it, I'll keep an eye.