Merge pull request #15 from Holzhaus/length-checks

Add some length checks
Holzhaus · Feb 18, 2022 · 2711f48 · 2711f48
2 parents 1464384 + 6b0676f
commit 2711f48
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/src/anlz.rs b/src/anlz.rs
@@ -1095,6 +1095,15 @@ impl Content {
 
     fn parse_waveform_detail<'a>(input: &'a [u8], header: &Header) -> IResult<&'a [u8], Self> {
         let (input, len_entry_bytes) = nom::number::complete::be_u32(input)?;
+        // All waveform detail entries should be 1 byte long. If we see other values here,
+        // some reverse-engineering is needed.
+        if len_entry_bytes != 2 {
+            return Err(Err::Error(nom::error::Error::from_error_kind(
+                input,
+                ErrorKind::LengthValue,
+            )));
+        }
+
         let (input, len_entries) = nom::number::complete::be_u32(input)?;
         let (input, unknown) = nom::number::complete::be_u32(input)?;
         let (input, content_data_slice) = nom::bytes::complete::take(header.content_size())(input)?;
@@ -1120,6 +1129,15 @@ impl Content {
         _header: &Header,
     ) -> IResult<&'a [u8], Self> {
         let (input, len_entry_bytes) = nom::number::complete::be_u32(input)?;
+        // All waveform color preview entries should be 6 bytes long. If we see other values here,
+        // some reverse-engineering is needed.
+        if len_entry_bytes != 2 {
+            return Err(Err::Error(nom::error::Error::from_error_kind(
+                input,
+                ErrorKind::LengthValue,
+            )));
+        }
+
         let (input, len_entries) = nom::number::complete::be_u32(input)?;
         let entry_count = usize::try_from(len_entries)
             .map_err(|_| nom_input_error_with_kind(input, ErrorKind::TooLarge))?;
@@ -1144,6 +1162,15 @@ impl Content {
         _header: &Header,
     ) -> IResult<&'a [u8], Self> {
         let (input, len_entry_bytes) = nom::number::complete::be_u32(input)?;
+        // All waveform color detail entries should be 2 bytes long. If we see other values here,
+        // some reverse-engineering is needed.
+        if len_entry_bytes != 2 {
+            return Err(Err::Error(nom::error::Error::from_error_kind(
+                input,
+                ErrorKind::LengthValue,
+            )));
+        }
+
         let (input, len_entries) = nom::number::complete::be_u32(input)?;
         let entry_count = usize::try_from(len_entries)
             .map_err(|_| nom_input_error_with_kind(input, ErrorKind::TooLarge))?;
@@ -1165,6 +1192,15 @@ impl Content {
 
     fn parse_song_structure<'a>(input: &'a [u8], _header: &Header) -> IResult<&'a [u8], Self> {
         let (input, len_entry_bytes) = nom::number::complete::be_u32(input)?;
+        // All phrase entries should be 24 bytes long. If we see other values here, some
+        // reverse-engineering is needed.
+        if len_entry_bytes != 24 {
+            return Err(Err::Error(nom::error::Error::from_error_kind(
+                input,
+                ErrorKind::LengthValue,
+            )));
+        }
+
         let (input, len_entries) = nom::number::complete::be_u16(input)?;
         let entry_count = usize::try_from(len_entries)
             .map_err(|_| nom_input_error_with_kind(input, ErrorKind::TooLarge))?;