From 00f1cb924b3b376bc7fb0625063085cc9f86c37c Mon Sep 17 00:00:00 2001 From: Idan Horowitz Date: Tue, 16 Mar 2021 19:05:59 +0200 Subject: [PATCH] LibAudio: decrease WavLoader's size limit to a more reasonable size A 4 GiB wav (current size limit) is very unreasonable, and larger than oss-fuzz's 2.5 GiB per-process memory limit. --- Userland/Libraries/LibAudio/WavLoader.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Userland/Libraries/LibAudio/WavLoader.cpp b/Userland/Libraries/LibAudio/WavLoader.cpp index 3250e0e2b4..e5e736d430 100644 --- a/Userland/Libraries/LibAudio/WavLoader.cpp +++ b/Userland/Libraries/LibAudio/WavLoader.cpp @@ -34,6 +34,8 @@ namespace Audio { +static constexpr size_t maximum_wav_size = 1 * GiB; // FIXME: is there a more appropriate size limit? + WavLoaderPlugin::WavLoaderPlugin(const StringView& path) : m_file(Core::File::construct(path)) { @@ -243,7 +245,7 @@ bool WavLoaderPlugin::parse_header() CHECK_OK("Found no data chunk"); VERIFY(found_data); - ok = ok && data_sz < INT32_MAX; + ok = ok && data_sz < maximum_wav_size; CHECK_OK("Data was too large"); int bytes_per_sample = (m_bits_per_sample / 8) * m_num_channels;