Bug report: VST Host


#1
struct VstSpeakerConfiguration
{
    int32 type;
    int32 numberOfChannels;
    VstIndividualSpeakerInfo speakers[8];
};

If the VST host returns more than 8 channels this crashes…

In particular this is not safe and overwrites the stack on the 9th channel

static void channelSetToVstArrangement (const AudioChannelSet& channels, VstSpeakerConfiguration& result)
{
    result.type = channelSetToVstArrangementType (channels);
    result.numberOfChannels = channels.size();

    for (int i = 0; i < result.numberOfChannels; ++i)
    {
        VstIndividualSpeakerInfo& speaker = result.speakers[i];

        zeromem (&speaker, sizeof (VstIndividualSpeakerInfo));
        speaker.type = getSpeakerType (channels.getTypeOfChannel (i));
    }
}

#2

Thanks for reporting. This is now fixed on develop with commit ed05677.


#3

Bugs that delete the stack are a real pain to track down :slight_smile: