Bug report: VST Host

struct VstSpeakerConfiguration
{
    int32 type;
    int32 numberOfChannels;
    VstIndividualSpeakerInfo speakers[8];
};

If the VST host returns more than 8 channels this crashes…

In particular this is not safe and overwrites the stack on the 9th channel

static void channelSetToVstArrangement (const AudioChannelSet& channels, VstSpeakerConfiguration& result)
{
    result.type = channelSetToVstArrangementType (channels);
    result.numberOfChannels = channels.size();

    for (int i = 0; i < result.numberOfChannels; ++i)
    {
        VstIndividualSpeakerInfo& speaker = result.speakers[i];

        zeromem (&speaker, sizeof (VstIndividualSpeakerInfo));
        speaker.type = getSpeakerType (channels.getTypeOfChannel (i));
    }
}
1 Like

Thanks for reporting. This is now fixed on develop with commit ed05677.

1 Like

Bugs that delete the stack are a real pain to track down :slight_smile: