diff options
Diffstat (limited to 'indra/llaudio')
| -rw-r--r-- | indra/llaudio/llaudiodecodemgr.cpp | 35 | ||||
| -rw-r--r-- | indra/llaudio/llvorbisencode.cpp | 6 | ||||
| -rw-r--r-- | indra/llaudio/llvorbisencode.h | 11 |
3 files changed, 48 insertions, 4 deletions
diff --git a/indra/llaudio/llaudiodecodemgr.cpp b/indra/llaudio/llaudiodecodemgr.cpp index 099c4eba40..ae959eaa81 100644 --- a/indra/llaudio/llaudiodecodemgr.cpp +++ b/indra/llaudio/llaudiodecodemgr.cpp @@ -43,6 +43,8 @@ #include "llassetstorage.h" #include "llrefcount.h" +#include "llvorbisencode.h" + #include "vorbis/codec.h" #include "vorbis/vorbisfile.h" @@ -218,11 +220,42 @@ BOOL LLVorbisDecodeState::initDecode() return(FALSE); } - size_t size_guess = (size_t)ov_pcm_total(&mVF, -1); + S32 sample_count = ov_pcm_total(&mVF, -1); + size_t size_guess = (size_t)sample_count; vorbis_info* vi = ov_info(&mVF, -1); size_guess *= vi->channels; size_guess *= 2; size_guess += 2048; + + bool abort_decode = false; + + if( vi->channels < 1 || vi->channels > LLVORBIS_CLIP_MAX_CHANNELS ) + { + abort_decode = true; + llwarns << "Bad channel count: " << vi->channels << llendl; + } + + if( (size_t)sample_count > LLVORBIS_CLIP_REJECT_SAMPLES ) + { + abort_decode = true; + llwarns << "Illegal sample count: " << sample_count << llendl; + } + + if( size_guess > LLVORBIS_CLIP_REJECT_SIZE ) + { + abort_decode = true; + llwarns << "Illegal sample size: " << size_guess << llendl; + } + + if( abort_decode ) + { + llwarns << "Canceling initDecode. Bad asset: " << mUUID << llendl; + llwarns << "Bad asset encoded by: " << ov_comment(&mVF,-1)->vendor << llendl; + delete mInFilep; + mInFilep = NULL; + return FALSE; + } + mWAVBuffer.reserve(size_guess); mWAVBuffer.resize(WAV_HEADER_SIZE); diff --git a/indra/llaudio/llvorbisencode.cpp b/indra/llaudio/llvorbisencode.cpp index 8ee082a245..0c1ad8191c 100644 --- a/indra/llaudio/llvorbisencode.cpp +++ b/indra/llaudio/llvorbisencode.cpp @@ -162,13 +162,13 @@ S32 check_for_invalid_wav_formats(const std::string& in_fname, std::string& erro return(LLVORBISENC_PCM_FORMAT_ERR); } - if ((num_channels < 1) || (num_channels > 2)) + if ((num_channels < 1) || (num_channels > LLVORBIS_CLIP_MAX_CHANNELS)) { error_msg = "SoundFileInvalidChannelCount"; return(LLVORBISENC_MULTICHANNEL_ERR); } - if (sample_rate != 44100) + if (sample_rate != LLVORBIS_CLIP_SAMPLE_RATE) { error_msg = "SoundFileInvalidSampleRate"; return(LLVORBISENC_UNSUPPORTED_SAMPLE_RATE); @@ -188,7 +188,7 @@ S32 check_for_invalid_wav_formats(const std::string& in_fname, std::string& erro F32 clip_length = (F32)raw_data_length/(F32)bytes_per_sec; - if (clip_length > 10.0f) + if (clip_length > LLVORBIS_CLIP_MAX_TIME) { error_msg = "SoundFileInvalidTooLong"; return(LLVORBISENC_CLIP_TOO_LONG); diff --git a/indra/llaudio/llvorbisencode.h b/indra/llaudio/llvorbisencode.h index ff5ce3a053..6531c1919e 100644 --- a/indra/llaudio/llvorbisencode.h +++ b/indra/llaudio/llvorbisencode.h @@ -45,6 +45,17 @@ const S32 LLVORBISENC_UNSUPPORTED_SAMPLE_RATE = 8; // unsupported sample ra const S32 LLVORBISENC_UNSUPPORTED_WORD_SIZE = 9; // unsupported word size const S32 LLVORBISENC_CLIP_TOO_LONG = 10; // source file is too long +const F32 LLVORBIS_CLIP_MAX_TIME = 10.0f; +const U8 LLVORBIS_CLIP_MAX_CHANNELS = 2; +const U32 LLVORBIS_CLIP_SAMPLE_RATE = 44100; +const U32 LLVORBIS_CLIP_MAX_SAMPLES_PER_CHANNEL = (U32)(LLVORBIS_CLIP_MAX_TIME * LLVORBIS_CLIP_SAMPLE_RATE); +const U32 LLVORBIS_CLIP_MAX_SAMPLES = LLVORBIS_CLIP_MAX_SAMPLES_PER_CHANNEL * LLVORBIS_CLIP_MAX_CHANNELS; +const size_t LLVORBIS_CLIP_MAX_SAMPLE_DATA = LLVORBIS_CLIP_MAX_SAMPLES * 2; // 2 = 16-bit + +// Treat anything this long as a bad asset. A little fudge factor at the end: +// Make that a lot of fudge factor. We're allowing 30 sec for now - 3x legal upload +const size_t LLVORBIS_CLIP_REJECT_SAMPLES = LLVORBIS_CLIP_MAX_SAMPLES * 3; +const size_t LLVORBIS_CLIP_REJECT_SIZE = LLVORBIS_CLIP_MAX_SAMPLE_DATA * 3; S32 check_for_invalid_wav_formats(const std::string& in_fname, std::string& error_msg); S32 encode_vorbis_file(const std::string& in_fname, const std::string& out_fname); |