Permalink
Browse files

RIFF: Add check for truncated files, cleanup a little more.

  • Loading branch information...
hrydgard committed Dec 4, 2017
1 parent b3b57f1 commit c4e8c509d607ff2e76b7cf3760f630de7a014c3e
Showing with 21 additions and 16 deletions.
  1. +19 −15 ext/native/file/chunk_file.cpp
  2. +2 −1 ext/native/file/chunk_file.h
@@ -15,6 +15,7 @@ RIFFReader::RIFFReader(const uint8_t *data, int dataSize) {
depth_ = 0;
pos_ = 0;
eof_ = dataSize;
fileSize_ = dataSize;
}
RIFFReader::~RIFFReader() {
@@ -30,36 +31,40 @@ int RIFFReader::ReadInt() {
}
// let's get into the business
bool RIFFReader::Descend(uint32_t id) {
bool RIFFReader::Descend(uint32_t intoId) {
if (depth_ > 30)
return false;
id = flipID(id);
intoId = flipID(intoId);
bool found = false;
// save information to restore after the next Ascend
stack[depth_].parentStartLocation = pos_;
stack[depth_].parentEOF = eof_;
ChunkInfo temp = stack[depth_];
int firstID = 0;
// let's search through children..
while (pos_ < eof_) {
stack[depth_].ID = ReadInt();
if (firstID == 0) firstID = stack[depth_].ID | 1;
stack[depth_].length = ReadInt();
stack[depth_].startLocation = pos_;
int id = ReadInt();
int length = ReadInt();
int startLocation = pos_;
if (pos_ + length > fileSize_) {
ERROR_LOG(SYSTEM, "Block extends outside of RIFF file - failing descend");
pos_ = stack[depth_].parentStartLocation;
return false;
}
if (stack[depth_].ID == id) {
if (id == intoId) {
stack[depth_].ID = intoId;
stack[depth_].length = length;
stack[depth_].startLocation = startLocation;
found = true;
break;
} else {
if (stack[depth_].length > 0) {
pos_ += stack[depth_].length; // try next block
if (length > 0) {
pos_ += length; // try next block
} else {
ERROR_LOG(SYSTEM, "Bad data in RIFF file : block length %d. Not descending.", stack[depth_].length);
stack[depth_] = temp;
ERROR_LOG(SYSTEM, "Bad data in RIFF file : block length %d. Not descending.", length);
pos_ = stack[depth_].parentStartLocation;
return false;
}
@@ -68,7 +73,6 @@ bool RIFFReader::Descend(uint32_t id) {
// if we found nothing, return false so the caller can skip this
if (!found) {
stack[depth_] = temp;
pos_ = stack[depth_].parentStartLocation;
return false;
}
@@ -37,6 +37,7 @@ class RIFFReader {
ChunkInfo stack[32];
uint8_t *data_;
int pos_ = 0;
int eof_ = 0;
int eof_ = 0; // really end of current block
int depth_ = 0;
int fileSize_ = 0;
};

0 comments on commit c4e8c50

Please sign in to comment.