[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Denemo-devel] midi bug

From: Richard Shann
Subject: [Denemo-devel] midi bug
Date: Tue, 20 Oct 2009 17:18:41 +0100

There is an important bug outstanding:
        with instrument name "string ensemble 2" the placing of the meta event
into libsmf leads to a memory corruption on delete of the smf.
The code in exportmidi.c that emits the meta event is this:

      /* The midi instrument */
           event = midi_meta_text (4,
       smf_track_add_event_delta_pulses(track, event, 0);

where midi_meta_text() is given below.
Question: Why? What is special about that string, or what other factor
is involved?
function definition follows:

static smf_event_t *
midi_meta_text (int metatype, char *string)
  int len;
  smf_event_t *event = smf_event_new();
  len = strlen (string);
  if(len>255) {
    g_warning("Truncating string %s\n", string);
    len = 255;
  gchar *buffer = (gchar*)malloc(len+3);
  event->midi_buffer = buffer;
  event->midi_buffer_length = len+3;
  /* meta event */
  *buffer++ =  0xff;

  /* meta type */
  *buffer++ =  metatype;

  /* meta size */
  *buffer++ = (char)len;

  /* meta text */
  strncpy(buffer, string, len);
  *(buffer+len) = 0;
  return event; 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]