[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Denemo-devel] midi bug
From: |
Richard Shann |
Subject: |
[Denemo-devel] midi bug |
Date: |
Tue, 20 Oct 2009 17:18:41 +0100 |
There is an important bug outstanding:
with instrument name "string ensemble 2" the placing of the meta event
into libsmf leads to a memory corruption on delete of the smf.
The code in exportmidi.c that emits the meta event is this:
/* The midi instrument */
event = midi_meta_text (4,
curstaffstruct->midi_instrument->str);
smf_track_add_event_delta_pulses(track, event, 0);
where midi_meta_text() is given below.
Question: Why? What is special about that string, or what other factor
is involved?
Richard
function definition follows:
static smf_event_t *
midi_meta_text (int metatype, char *string)
{
int len;
smf_event_t *event = smf_event_new();
len = strlen (string);
if(len>255) {
g_warning("Truncating string %s\n", string);
len = 255;
}
gchar *buffer = (gchar*)malloc(len+3);
event->midi_buffer = buffer;
event->midi_buffer_length = len+3;
/* meta event */
*buffer++ = 0xff;
/* meta type */
*buffer++ = metatype;
/* meta size */
*buffer++ = (char)len;
/* meta text */
strncpy(buffer, string, len);
*(buffer+len) = 0;
return event;
}
- [Denemo-devel] midi bug,
Richard Shann <=