X-Git-Url: https://git.draconx.ca/gitweb/upkg.git/blobdiff_plain/83da6eb597c000ec0d28ae380adabd9c7de3f893..HEAD:/src/engine/music.gob

diff --git a/src/engine/music.gob b/src/engine/music.gob
index 3d1abdb..e0d13b6 100644
--- a/src/engine/music.gob
+++ b/src/engine/music.gob
@@ -1,23 +1,27 @@
 %alltop{
 /*
- *  upkg: tool for manipulating Unreal Tournament packages.
- *  Copyright Â© 2009-2011 Nick Bowler
+ * upkg: tool for manipulating Unreal Tournament packages.
+ * Copyright Â© 2009-2012, 2022 Nick Bowler
  *
- *  This program is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
  *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
  *
- *  You should have received a copy of the GNU General Public License
- *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 %}
 
+%ctop{
+#include <config.h>
+%}
+
 %{
 #include <stdio.h>
 #include <string.h>
@@ -108,7 +112,6 @@ class Engine:Music from U:Object (dynamic)
 	override (U:Object) int deserialize(U:Object *uo)
 	{
 		struct upkg_file *f = uo->pkg_file;
-		Self *self = SELF(uo);
 		size_t rc, pos = 0, buflen;
 		unsigned char buf[32];
 		long size;
@@ -122,7 +125,7 @@ class Engine:Music from U:Object (dynamic)
 			return -1;
 		pos += 1;
 
-		if (uo->pkg->version > 61) {
+		if (f->pkg->version > 61) {
 			/* Unknown field #2 */
 			if (buflen - pos < 4)
 				return -1;
@@ -130,7 +133,7 @@ class Engine:Music from U:Object (dynamic)
 		}
 
 		rc = upkg_decode_index(&size, buf+pos, buflen-pos);
-		if (rc == 0 || size < 0)
+		if (rc == 0 || size < 0 || size > f->len - pos)
 			return -1;
 		pos += rc;