Skip to content

dr_wav: Validate ADPCM block header size against data chunk size#299

Open
timblechmann wants to merge 1 commit intomackron:masterfrom
timblechmann:fix/integer-underflow
Open

dr_wav: Validate ADPCM block header size against data chunk size#299
timblechmann wants to merge 1 commit intomackron:masterfrom
timblechmann:fix/integer-underflow

Conversation

@timblechmann
Copy link

@timblechmann timblechmann commented Mar 6, 2026

Add a guard to ensure dataChunkSize is not smaller than the calculated total block header size (blockCount * (6 * fmt.channels)) when parsing ADPCM data. If the header size exceeds the data chunk size, the file is invalid, so metadata is freed and initialization fails early.

This prevents underflow in the PCM frame count calculation and avoids processing malformed or truncated WAV files.

this file would end up with an invalid totalPCMFrameCount:
notification.wav

@timblechmann
dr_wav: Validate ADPCM block header size against data chunk size
c601627 
Add a guard to ensure `dataChunkSize` is not smaller than the calculated
total block header size (`blockCount * (6 * fmt.channels)`) when parsing
ADPCM data. If the header size exceeds the data chunk size, the file is
invalid, so metadata is freed and initialization fails early.

This prevents underflow in the PCM frame count calculation and avoids
processing malformed or truncated WAV files.
@mackron
Copy link
Owner

mackron commented Mar 8, 2026

Thanks. Just acknowledging that I've seen this. Will report back when I get a chance to properly review it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@timblechmann @mackron