From a32a2727091df4a9df36d4546a9b178a2e453c68 Mon Sep 17 00:00:00 2001 From: Robin Gareus Date: Fri, 11 Nov 2016 16:19:59 +0100 Subject: VST buffer paranoia --- libs/ardour/buffer_set.cc | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'libs/ardour/buffer_set.cc') diff --git a/libs/ardour/buffer_set.cc b/libs/ardour/buffer_set.cc index 92f5272b3b..66564f3202 100644 --- a/libs/ardour/buffer_set.cc +++ b/libs/ardour/buffer_set.cc @@ -349,6 +349,7 @@ VstEvents* BufferSet::get_vst_midi (size_t b) { MidiBuffer& m = get_midi (b); + assert (b <= _vst_buffers.size()); VSTBuffer* vst = _vst_buffers[b]; vst->clear (); @@ -362,13 +363,24 @@ BufferSet::get_vst_midi (size_t b) BufferSet::VSTBuffer::VSTBuffer (size_t c) : _capacity (c) + , _events (0) + , _midi_events (0) { - _events = static_cast (malloc (sizeof (VstEvents) + _capacity * sizeof (VstEvent *))); - _midi_events = static_cast (malloc (sizeof (VstMidiEvent) * _capacity)); + if (_capacity > 0) { + /* from `man malloc`: "If size is 0, then malloc() returns either NULL, or a + * unique pointer value that can later be successfully passed to free()." + * + * The latter will cause trouble here. + */ + _events = static_cast (malloc (sizeof (VstEvents) + _capacity * sizeof (VstEvent *))); + _midi_events = static_cast (malloc (sizeof (VstMidiEvent) * _capacity)); + } if (_events == 0 || _midi_events == 0) { free (_events); free (_midi_events); + _events = 0; + _midi_events = 0; throw failed_constructor (); } @@ -399,6 +411,9 @@ BufferSet::VSTBuffer::push_back (Evoral::MIDIEvent const & ev) } int const n = _events->numEvents; assert (n < (int) _capacity); + if (n >= _capacity) { + return; + } _events->events[n] = reinterpret_cast (_midi_events + n); VstMidiEvent* v = reinterpret_cast (_events->events[n]); -- cgit v1.2.3