# HG changeset patch # User Matti Hamalainen # Date 1578212256 -7200 # Node ID 1f1e7934ae61120f4305407f4ef63d9320565f99 # Parent a8605886579dc5e9dd1ba1a9735959e96f6c2105 Few improvements to validity checking of STIL file parsing. diff -r a8605886579d -r 1f1e7934ae61 sidlib.c --- a/sidlib.c Sun Jan 05 10:14:43 2020 +0200 +++ b/sidlib.c Sun Jan 05 10:17:36 2020 +0200 @@ -759,7 +759,7 @@ char *tmpStr = NULL, *fieldName = NULL; size_t strPos; SIDLibSTILNode *entry = NULL; - unsigned int subtune; + int subtune; if (fh == NULL || dbh == NULL) return THERR_NULLPTR; @@ -882,6 +882,8 @@ goto out; th_llist_append_node((th_llist_t **) &dbh->nodes, (th_llist_t *) entry); + + // Default subtune is 0, for "main tune" information subtune = 0; sidlib_stildb_set_parsemode(&ctx, PM_IDLE); @@ -892,7 +894,7 @@ else { ret = th_io_error(fh, THERR_INVALID_DATA, - "Entry filename too long on line #%d", + "Entry filename too long on line #%d.", fh->line); goto out; } @@ -905,10 +907,10 @@ { BOOL neg = FALSE; - // Subtune indicator + // Subtune indicator end tmpStr[strPos] = 0; - if (!th_get_int(tmpStr, &subtune, &neg) || neg) + if (!th_get_int(tmpStr, (unsigned int *) &subtune, &neg) || neg) { ret = th_io_error(fh, THERR_INVALID_DATA, "Entry '%s' subtune indicator not a valid integer on line #%d: '%s'", @@ -916,6 +918,15 @@ goto out; } + if (subtune == 0 || subtune > 128) + { + th_io_error(fh, THERR_INVALID_DATA, + "Entry '%s' subtune number %d is invalid on line #%d.", + entry->filename, subtune, fh->line); + + subtune = -1; + } + sidlib_stildb_set_parsemode(&ctx, PM_IDLE); } else @@ -999,7 +1010,7 @@ // Field done tmpStr[strPos] = 0; - if (field >= 0) + if (field >= 0 && subtune >= 0) { char *data;