search

breakfastquay / rubberband

Official mirror of Rubber Band Library, an audio time-stretching and pitch-shifting library.
http://breakfastquay.com/rubberband/
GNU General Public License v2.0
580 stars 93 forks source link

speex... crashing - quite easy to fix #40

Closed sseyod closed 3 years ago

sseyod commented 3 years ago

Hi Chris,

I've found that the speex code is very prone to crashing, due to hidden signed/unsigned conversions. macOS/iOS/tvOS, using Clang.

For example:

for (j = old_length - 2 + st->magic_samples[i]; j >= 0; j--) {

If old_length is 0, this leads to j becoming a seriously out of range value (because old_length is unsigned...)

Needs protecting with e.g. something like:

if (old_length > 2) {
  for (j = old_length - 2 + st->magic_samples[i]; j >= 0; j--) {

HTH

Pete

sseyod commented 3 years ago

Hi Chris,

Your suggestion of switching to libsamplerate has (naturally!) fixed this problem.

Thank you very much!

Closing this issue.

Pete