2022.01.13

2021.12.12
2025-12-08 10:41:02 +00:00 · 2022-01-13 18:08:38 -05:00 · 2021-12-12 15:59:49 -05:00
5 changed files with 52 additions and 11 deletions
--- a/2
+++ b/2
@@ -1,2 +1,2 @@
-2021 December 10 2021
+2021 January 13 2022

--- a/doc/CHANGES
+++ b/doc/CHANGES
@@ -14532,4 +14532,38 @@ K: C
 "C11/B" C4 | C4|


+December 12 2021
+
+abcmidi: changed bar length warning as suggested by James Allwright.
+
+
+January 13 2022
+
+abc2midi: stack overflow bugs reported by Kolja Grassmann
+<koljagrassman@mailbox.org>
+
+static int getword(place,w) in genmidi.c
+check that the syllable[200] array is not overrun
+in the while loop ((syllastus != postword)...) add && (i<199)
+
+static void karaokestarttrack in genmidi.c
+replace strcpy(atitle+2,atext[pitch[j]])
+with strncpy(atitle+2,atext[pitch[j]], 197)
+to prevent overflowing the atitle[200] array
+in three places.
+
+static int inlist(place, passno) in genmidi.c
+To prevent stack overflow in msg[100];
+use snprintf instead of sprintf
+snprintf(msg, 100, "Bad variant list : %s", atext[pitch[place]]);
+
+void event_handle_instruction(s) in store.c
+To prevent overrunning the array buff[MAXLINE]
+used snprintf instead of sprintf
+ snprintf(buff, MAXLINE, "instruction !%s! ignored", s);
+
+void event_info_key(key, value) in store.c
+To prevent overrunning the array errmsg[80]
+used snprintf instead of sprintf
+snprintf(errmsg, 80, "I: key \' %s\' not recognized", key);

--- a/doc/readme.txt
+++ b/doc/readme.txt
@@ -1,7 +1,7 @@
 abcMIDI :   abc <-> MIDI conversion utilities

 midi2abc version 3.48 June 27 2021
-abc2midi version 4.63 December 10 2021
+abc2midi version 4.65 January 13 2022
 abc2abc  version 2.15 May 25 2021
 yaps     version 1.87 May 25 2021
 abcmatch version 1.80 November 25 2021
--- a/genmidi.c
+++ b/genmidi.c
@@ -31,8 +31,11 @@
 /* for Microsoft Visual C++ Ver 6 and higher */
 #ifdef _MSC_VER
 #define ANSILIBS
+#define snprintf _snprintf
+#define strncasecmp strnicmp
 #endif

+
 #include "abc.h"
 #include "parseabc.h"
 #include "queues.h"
@@ -531,7 +534,7 @@ int pass;
        if (bar_denom != 1) {
          sprintf(msg+strlen(msg), "/%d", bar_denom);
        };
-        sprintf(msg+strlen(msg), " units instead of %d", barsize);
+        sprintf(msg+strlen(msg), " time units while the time signature has %d", barsize);
        if (pass == 2) {
          strcat(msg, " in repeat");
        };
@@ -811,17 +814,17 @@ int track;
     if (feature[j] == TITLE) {
        if (track != 2)
           mf_write_meta_event(0L, sequence_name, atext[pitch[j]], strlen (atext[pitch[j]]));
-        strcpy(atitle+2, atext[pitch[j]]);
+        strncpy(atitle+2, atext[pitch[j]], 197); /* [KG] 2022-01-13 stack overflow bug */
        text_data(atitle);
        done--;
     }
     if (feature[j] == COMPOSER) {
-        strcpy(atitle+2, atext[pitch[j]]);
+        strncpy(atitle+2, atext[pitch[j]], 197); /* [KG] 2022-01-13 stack overflow bug */
        text_data(atitle);
        done--;
     }     
     if (feature[j] == COPYRIGHT) {
-        strcpy(atitle+2, atext[pitch[j]]);
+        strcpy(atitle+2, atext[pitch[j]]); /* [KG] 2022-01-13 stack overflow bug */
        text_data(atitle);
        done--;
     }
@@ -966,7 +969,8 @@ int w;
  syllstatus = empty;
  c = *(words[w]+(*place));
  isBig5 = 0;  /* [BI] 2012-10-03 */
-  while ((syllstatus != postword) && (syllstatus != failed)) {
+  while ((syllstatus != postword) && (syllstatus != failed) && (i<199)) {
+  /* [KG] 2022-01-13 stack overflow bug fix */
  syllable[i] = c;
    /* printf("syllstatus = %d c = %c i = %d place = %d row= %d \n",syllstatus,c,i,*place,w); */
 	if (isBig5) { /* [BI] 2012-10-03 */
@@ -1252,7 +1256,8 @@ int passno;
    found = 0;
    while ((found == 0) && (*p != '\0')) {
      if (!isdigit(*p)) {
-        sprintf(msg, "Bad variant list : %s", atext[pitch[place]]);
+        snprintf(msg, 100, "Bad variant list : %s", atext[pitch[place]]);
+/* [KG] 2022-01-13 stack overflow bug */
        event_error(msg);
        found = 1;
      };
--- a/store.c
+++ b/store.c
@@ -186,7 +186,7 @@ int main()

 */

-#define VERSION "4.63 December 10 2021 abc2midi" 
+#define VERSION "4.65 January 13 2022 abc2midi" 

 /* enables reading V: indication in header */
 #define XTEN1 1
@@ -3171,7 +3171,8 @@ char* value;
  else if (is_abcm2ps_option (key)) return;

  else {
-    sprintf(errmsg,"I: key \' %s\' not recognized", key);
+    /* [KG] 2022-01-13 stack overflow */
+    snprintf(errmsg, 80, "I: key \' %s\' not recognized", key);
    if (quiet == -1 && silent == 0) event_error(errmsg); /* [SS] 2018-04-01 */
    }
 }
@@ -4747,7 +4748,8 @@ if (nofnop == 0) {
   };

  if (done == 0 && quiet == -1) {    /* [SS] 2013-11-02 */
-    sprintf(buff, "instruction !%s! ignored", s);
+    snprintf(buff, MAXLINE, "instruction !%s! ignored", s);
+    /* [KG] 2022-01-13 static overflow */
    event_warning(buff);
  };
 }
Author	SHA1	Message	Date
Seymour Shlien	fb5479e801	2022.01.13	2022-01-13 18:08:38 -05:00
Seymour Shlien	402f1ba212	2021.12.12	2021-12-12 15:59:49 -05:00