Open 594chendata opened 1 year ago
I have the same problem.
@594chendata Did you fork the repo with your fix?
I find MidiEvent::loadMidiEvent(), int length = MidiFile::variableLengthvalue(content); if (tempByte >= 0x01 && tempByte <= 0x07) { ... wchar_t str[128] = L""; for (int i = 0; i < length; i++) { (content) >> tempByte; wchar_t temp[2] = { btowc(tempByte) }; wcsncat(str, temp, 1); } textEvent->setText(QString::fromWCharArray(str)); ok = true; in a midi file, the 0xff event 01-07 format,the len field may >128,this cause array str exceeds the upper boundary and the application crashes. I modified as the following, and it works well. wchar_t str = new wchar_t[length+1]; memset(str, 0, sizeof(wchar_t)(length+1)); for (int i = 0; i < length; i++) { (content) >> tempByte; wchar_t temp[2] = { btowc(tempByte) }; wcsncat(str, temp, 1); } textEvent->setText(QString::fromWCharArray(str)); ok = true; delete[] str;
I fixed the problem and it works well.
You can make modifications according to the above codes。
I didn’t submit the modification.
发件人: @. @. 代表 Icebob 发送时间: 2024年6月2日 星期日 0:36 收件人: markusschwenk/midieditor @.> 抄送: 594chendata @.>; Mention @.***> 主题: Re: [markusschwenk/midieditor] some midi file with long text events will cause app cracked (Issue #110)
I have the same problem.
@594chendata https://github.com/594chendata Did you fork the repo with your fix?
— Reply to this email directly, view it on GitHub https://github.com/markusschwenk/midieditor/issues/110#issuecomment-2143507915 , or unsubscribe https://github.com/notifications/unsubscribe-auth/A7NMFI22DTADHFSPGEOPLKDZFH2A3AVCNFSM6AAAAAAXK6ZRO2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBTGUYDOOJRGU . You are receiving this because you were mentioned.Message ID: @.***>
I find MidiEvent::loadMidiEvent(), int length = MidiFile::variableLengthvalue(content); if (tempByte >= 0x01 && tempByte <= 0x07) { ... wchar_t str[128] = L""; for (int i = 0; i < length; i++) { (content) >> tempByte; wchar_t temp[2] = { btowc(tempByte) }; wcsncat(str, temp, 1); } textEvent->setText(QString::fromWCharArray(str)); ok = true; in a midi file, the 0xff event 01-07 format,the len field may >128,this cause array str exceeds the upper boundary and the application crashes. I modified as the following, and it works well. wchar_t str = new wchar_t[length+1]; memset(str, 0, sizeof(wchar_t)(length+1)); for (int i = 0; i < length; i++) { (content) >> tempByte; wchar_t temp[2] = { btowc(tempByte) }; wcsncat(str, temp, 1); } textEvent->setText(QString::fromWCharArray(str)); ok = true; delete[] str;