Conversation
- Added NULL check for memory allocation in instantiate(). - Clamped 'bits' parameter to [2, 30] to prevent UB in bit shifts. - Clamped 'overflow', 'gain_in', and 'dry_wet' parameters to safe ranges. - Used int64_t for intermediate calculations in handle_sample() to avoid signed integer overflow. - Replaced abs() with safer comparison logic to avoid UB on INT_MIN. - Added division by zero protection. - Removed binary artifact quasar.o. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
- Added NULL check for malloc in instantiate(). - Clamped bits, gain_in, overflow, and dry_wet parameters in run(). - Fixed undefined behavior in handle_sample() by using double precision, clamping before casting to int64_t, and avoiding division by zero. - Fixed CI failure on ARM by removing x86-specific flags (-msse, -mfpmath=sse) from plugin-torture build in Dockerfile. - Removed binary artifact quasar.o. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
- Added NULL check for malloc in instantiate(). - Clamped bits, gain_in, overflow, and dry_wet parameters in run(). - Fixed undefined behavior in handle_sample() by using double precision, clamping before casting to int64_t, and avoiding division by zero. - Fixed ARM CI failure by patching plugin-torture: removed x86-specific flags and SSE intrinsics (xmmintrin.h) from build. - Removed binary artifact quasar.o. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
- Added NULL check for malloc in instantiate(). - Clamped bits, gain_in, overflow, and dry_wet parameters in run(). - Fixed undefined behavior in handle_sample() by using double precision, clamping before casting to int64_t, and avoiding division by zero. - Fixed ARM CI failure by patching plugin-torture robustly: removed x86-specific flags and commented out SSE code/header using pattern matching. - Removed binary artifact quasar.o. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
1 participant
This PR addresses several security and stability issues identified in the Quasar LV2 plugin:
mallocsucceeded in theinstantiatefunction.bitsparameter to prevent shifts larger than or equal to the width of the type.int64_tfor intermediate distortion calculations to prevent signed integer overflow.abs()on potentiallyINT_MINvalues.overflow,gain_in, anddry_wetto prevent division by zero and other arithmetic errors.PR created automatically by Jules for task 3498080087499297034 started by @kassoulet