From a92cca33ad0cba35ab3f6d628ed660438b70c347 Mon Sep 17 00:00:00 2001 From: klemek Date: Sat, 16 May 2026 17:51:40 +0200 Subject: [PATCH] fix: state_parse_config clamp lengths to ARRAY_SIZE --- src/state.c | 78 +++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 23 deletions(-) diff --git a/src/state.c b/src/state.c index 55a7a68..f363d54 100644 --- a/src/state.c +++ b/src/state.c @@ -270,10 +270,14 @@ static void save_to_index_file(const Context *context, StateConfig state_config, void state_parse_config(StateConfig *state_config, const ConfigFile *config) { unsigned int offset; unsigned int count; + unsigned int length; char name[STR_LEN]; - state_config->select_page_codes.length = - config_file_get_int(config, "SELECT_PAGE_COUNT", 0); + length = config_file_get_int(config, "SELECT_PAGE_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->select_page_codes.length = length; for (unsigned int i = 0; i < state_config->select_page_codes.length; i++) { snprintf(name, STR_LEN, "SELECT_PAGE_%d", i + 1); @@ -281,8 +285,11 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { config_file_get_int(config, name, UNSET_MIDI_CODE); } - state_config->select_item_codes.length = - config_file_get_int(config, "SELECT_ITEM_COUNT", 0); + length = config_file_get_int(config, "SELECT_ITEM_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->select_item_codes.length = length; for (unsigned int i = 0; i < state_config->select_item_codes.length; i++) { snprintf(name, STR_LEN, "SELECT_ITEM_%d", i + 1); @@ -293,8 +300,11 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { state_config->state_max = state_config->select_page_codes.length * state_config->select_item_codes.length; - state_config->select_frag_codes.length = - config_file_get_int(config, "FRAG_COUNT", 1); + length = config_file_get_int(config, "FRAG_COUNT", 1); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->select_frag_codes.length = length; for (unsigned int i = 0; i < state_config->select_frag_codes.length; i++) { snprintf(name, STR_LEN, "SELECT_FRAG_%d", i + 1); @@ -302,11 +312,14 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { config_file_get_int(config, name, UNSET_MIDI_CODE); } + length = config_file_get_int(config, "GROUP_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } state_config->group_active_counts.length = state_config->group_counts.length = state_config->group_active_offsets.length = state_config->group_offsets.length = - state_config->values_offsets.length = - config_file_get_int(config, "GROUP_COUNT", 0); + state_config->values_offsets.length = length; count = 0; for (unsigned int i = 0; i < state_config->group_active_counts.length; i++) { @@ -343,27 +356,40 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { state_config->value_count = offset; + length = count * 3; + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } state_config->codes.length = count * 3; for (unsigned int i = 0; i < state_config->group_counts.length; i++) { offset = state_config->group_offsets.values[i]; for (unsigned int j = 0; j < state_config->group_counts.values[i]; j++) { - snprintf(name, STR_LEN, "GROUP_%d_%d_X", i + 1, j + 1); - state_config->codes.values[(offset + j) * 3] = - config_file_get_int(config, name, UNSET_MIDI_CODE); + if ((offset + j) * 3 < ARRAY_SIZE) { + snprintf(name, STR_LEN, "GROUP_%d_%d_X", i + 1, j + 1); + state_config->codes.values[(offset + j) * 3] = + config_file_get_int(config, name, UNSET_MIDI_CODE); + } - snprintf(name, STR_LEN, "GROUP_%d_%d_Y", i + 1, j + 1); - state_config->codes.values[(offset + j) * 3 + 1] = - config_file_get_int(config, name, UNSET_MIDI_CODE); + if ((offset + j) * 3 + 1 < ARRAY_SIZE) { + snprintf(name, STR_LEN, "GROUP_%d_%d_Y", i + 1, j + 1); + state_config->codes.values[(offset + j) * 3 + 1] = + config_file_get_int(config, name, UNSET_MIDI_CODE); + } - snprintf(name, STR_LEN, "GROUP_%d_%d_Z", i + 1, j + 1); - state_config->codes.values[(offset + j) * 3 + 2] = - config_file_get_int(config, name, UNSET_MIDI_CODE); + if ((offset + j) * 3 + 2 < ARRAY_SIZE) { + snprintf(name, STR_LEN, "GROUP_%d_%d_Z", i + 1, j + 1); + state_config->codes.values[(offset + j) * 3 + 2] = + config_file_get_int(config, name, UNSET_MIDI_CODE); + } } } - state_config->fader_codes.length = - config_file_get_int(config, "FADER_COUNT", 0); + length = config_file_get_int(config, "FADER_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->fader_codes.length = length; for (unsigned int i = 0; i < state_config->fader_codes.length; i++) { snprintf(name, STR_LEN, "FADER_%d", i + 1); @@ -394,8 +420,11 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { config_file_get_int(config, "KEY_TEMPO_UP", 1265); if (config_file_has(config, "KEY_LOAD_COUNT")) { - state_config->key_load.length = - config_file_get_int(config, "KEY_LOAD_COUNT", 0); + length = config_file_get_int(config, "KEY_LOAD_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->key_load.length = length; for (unsigned int i = 0; i < state_config->key_load.length; i++) { snprintf(name, STR_LEN, "KEY_LOAD_%d", i + 1); @@ -416,8 +445,11 @@ void state_parse_config(StateConfig *state_config, const ConfigFile *config) { } if (config_file_has(config, "KEY_SAVE_COUNT")) { - state_config->key_save.length = - config_file_get_int(config, "KEY_SAVE_COUNT", 0); + length = config_file_get_int(config, "KEY_SAVE_COUNT", 0); + if (length > ARRAY_SIZE) { + length = ARRAY_SIZE; + } + state_config->key_save.length = length; for (unsigned int i = 0; i < state_config->key_save.length; i++) { snprintf(name, STR_LEN, "KEY_SAVE_%d", i + 1);