From 83038c0dab0727b76765a8feed5a2c3c23c9915b Mon Sep 17 00:00:00 2001 From: Chris Robinson Date: Sun, 23 Mar 2014 15:22:37 -0700 Subject: Add some integer casts, and a range check --- Alc/helpers.c | 9 +++++++-- Alc/midi/sf2load.c | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Alc/helpers.c b/Alc/helpers.c index a89883ed..59eb359e 100644 --- a/Alc/helpers.c +++ b/Alc/helpers.c @@ -708,12 +708,17 @@ ALboolean vector_reserve(void *ptr, size_t orig_count, size_t base_size, size_t vector_ *vecptr = ptr; void *temp; + /* Limit vector sizes to the greatest power-of-two value that an + * ALsizei can hold. */ + if(obj_count > (INT_MAX>>1)+1) + return AL_FALSE; + /* Use the next power-of-2 size if we don't need to allocate the exact * amount. This is preferred when regularly increasing the vector since * it means fewer reallocations. Though it means it also wastes some * memory. */ if(exact == AL_FALSE) - obj_count = NextPowerOf2(obj_count); + obj_count = NextPowerOf2((ALuint)obj_count); /* Need to be explicit with the caller type's base size, because it * could have extra padding before the start of the array (that is, @@ -722,7 +727,7 @@ ALboolean vector_reserve(void *ptr, size_t orig_count, size_t base_size, size_t if(temp == NULL) return AL_FALSE; *vecptr = temp; - (*vecptr)->Capacity = obj_count; + (*vecptr)->Capacity = (ALsizei)obj_count; } return AL_TRUE; } diff --git a/Alc/midi/sf2load.c b/Alc/midi/sf2load.c index 2adb7366..5b7eee4a 100644 --- a/Alc/midi/sf2load.c +++ b/Alc/midi/sf2load.c @@ -814,7 +814,7 @@ static void fillZone(ALfontsound *sound, ALCcontext *context, const GenModList * src1in != AL_INVALID && src1form != AL_INVALID && src0type != AL_INVALID && trans != AL_INVALID) { - ALsizei idx = mod - VECTOR_ITER_BEGIN(zone->mods); + ALsizei idx = (ALsizei)(mod - VECTOR_ITER_BEGIN(zone->mods)); ALfontsound_setModStagei(sound, context, idx, AL_SOURCE0_INPUT_SOFT, src0in); ALfontsound_setModStagei(sound, context, idx, AL_SOURCE0_TYPE_SOFT, src0type); ALfontsound_setModStagei(sound, context, idx, AL_SOURCE0_FORM_SOFT, src0form); -- cgit v1.2.3