Added sanity checks against illegal input audio stream parameters e.g. wildly excessive samplerate

source/SoundStretch/WavFile.cpp

@@ -222,8 +222,17 @@ void WavInFile::init()
     if (hdrsOk != 0) 
     {
         // Something didn't match in the wav file headers 
-        string msg = "Input file is corrupt or not a WAV file";
+        ST_THROW_RT_ERROR("Input file is corrupt or not a WAV file");
-        ST_THROW_RT_ERROR(msg.c_str());
+    }
+
+    // sanity check for format parameters
+    if ((header.format.channel_number < 1)  || (header.format.channel_number > 9) ||
+        (header.format.sample_rate < 4000)  || (header.format.sample_rate > 192000) ||
+        (header.format.byte_per_sample < 1) || (header.format.byte_per_sample > 320) ||
+        (header.format.bits_per_sample < 8) || (header.format.bits_per_sample > 32))
+    {
+        // Something didn't match in the wav file headers 
+        ST_THROW_RT_ERROR("Error: Illegal wav file header format parameters.");
     }
 
     /* Ignore 'fixed' field value as 32bit signed linear data can have other value than 1.
@@ -544,12 +553,12 @@ int WavInFile::readHeaderBlock()
         if (fread(&(header.format.fixed), nLen, 1, fptr) != 1) return -1;
 
         // swap byte order if necessary
-        _swap16(header.format.fixed);            // short int fixed;
+        _swap16((short &)header.format.fixed);            // short int fixed;
-        _swap16(header.format.channel_number);   // short int channel_number;
+        _swap16((short &)header.format.channel_number);   // short int channel_number;
         _swap32((int &)header.format.sample_rate);        // int sample_rate;
         _swap32((int &)header.format.byte_rate);          // int byte_rate;
-        _swap16(header.format.byte_per_sample);  // short int byte_per_sample;
+        _swap16((short &)header.format.byte_per_sample);  // short int byte_per_sample;
-        _swap16(header.format.bits_per_sample);  // short int bits_per_sample;
+        _swap16((short &)header.format.bits_per_sample);  // short int bits_per_sample;
 
         // if format_len is larger than expected, skip the extra data
         if (nDump > 0)

source/SoundStretch/WavFile.h

@@ -58,7 +58,7 @@ typedef unsigned int uint;
 typedef struct 
 {
     char riff_char[4];
-    int  package_len;
+    uint package_len;
     char wave[4];
 } WavRiff;
 
@@ -66,20 +66,20 @@ typedef struct
 typedef struct 
 {
     char  fmt[4];
-    int   format_len;
+    unsigned int   format_len;
-    short fixed;
+    unsigned short fixed;
-    short channel_number;
+    unsigned short channel_number;
-    int   sample_rate;
+    unsigned int   sample_rate;
-    int   byte_rate;
+    unsigned int   byte_rate;
-    short byte_per_sample;
+    unsigned short byte_per_sample;
-    short bits_per_sample;
+    unsigned short bits_per_sample;
 } WavFormat;
 
 /// WAV audio file 'fact' section header
 typedef struct 
 {
     char fact_field[4];
-    int   fact_len;
+    uint fact_len;
     uint fact_sample_len;
 } WavFact;
 

source/SoundTouch/SoundTouch.cpp

@@ -286,9 +286,9 @@ void SoundTouch::calcEffectiveRateAndTempo()
 // Sets sample rate.
 void SoundTouch::setSampleRate(uint srate)
 {
-    bSrateSet = true;
     // set sample rate, leave other tempo changer parameters as they are.
     pTDStretch->setParameters((int)srate);
+    bSrateSet = true;
 }
 
 

source/SoundTouch/TDStretch.cpp

@@ -134,7 +134,12 @@ void TDStretch::setParameters(int aSampleRate, int aSequenceMS,
                               int aSeekWindowMS, int aOverlapMS)
 {
     // accept only positive parameter values - if zero or negative, use old values instead
-    if (aSampleRate > 0)   this->sampleRate = aSampleRate;
+    if (aSampleRate > 0)
+    {
+        if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");
+        this->sampleRate = aSampleRate;
+    }
+
     if (aOverlapMS > 0) this->overlapMs = aOverlapMS;
 
     if (aSequenceMS > 0)