FWGS/xash3d-fwgs
2
0
Fork 0
mirror of https://github.com/FWGS/xash3d-fwgs synced 2024-11-10 21:09:07 +01:00
Code Issues 2 Projects Releases Wiki Activity

engine: soundlib: fix buffer overflow with truncated WAV files containing CoolEdit cue mark

Browse Source
This commit is contained in:
Alibek Omarov 2024-08-05 21:53:36 +03:00
parent 4c569e1d5f
commit 2a6862ceb9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
engine/common/soundlib/snd_wav.c
View File

@ -241,14 +241,14 @@ qboolean Sound_LoadWAV( const char *name, const byte *buffer, fs_offset_t filesi
// get cue chunk
FindChunk( name, "cue " );
if( iff_dataPtr )
if( iff_dataPtr && iff_end - iff_dataPtr >= 36 )
{
iff_dataPtr += 32;
sound.loopstart = GetLittleLong();
SetBits( sound.flags, SOUND_LOOPED );
FindNextChunk( name, "LIST" ); // if the next chunk is a LIST chunk, look for a cue length marker
if( iff_dataPtr )
if( iff_dataPtr && iff_end - iff_dataPtr >= 32 )
{
if( IsFourCC( iff_dataPtr + 28, "mark" ))
{