From 1f711967d6d9123a17bb02ae978fb223fba8c9b2 Mon Sep 17 00:00:00 2001 From: amenkov Date: Wed, 6 Apr 2011 15:12:33 +0400 Subject: [PATCH] 6992523: FindBugs scan - Malicious code vulnerability Warnings in com.sun.media.sound.* Reviewed-by: alexp --- .../classes/com/sun/media/sound/DLSInstrument.java | 5 +++-- src/share/classes/com/sun/media/sound/DLSSample.java | 5 +++-- .../com/sun/media/sound/ModelConnectionBlock.java | 10 +++++----- src/share/classes/com/sun/media/sound/SoftChannel.java | 6 +++--- .../classes/com/sun/media/sound/SoftInstrument.java | 5 +++++ .../com/sun/media/sound/SoftMixingDataLine.java | 2 +- .../classes/com/sun/media/sound/SoftProvider.java | 3 ++- src/share/classes/com/sun/media/sound/SoftTuning.java | 5 ++++- 8 files changed, 26 insertions(+), 15 deletions(-) diff --git a/src/share/classes/com/sun/media/sound/DLSInstrument.java b/src/share/classes/com/sun/media/sound/DLSInstrument.java index a73a4c68f..fe9fde7fe 100644 --- a/src/share/classes/com/sun/media/sound/DLSInstrument.java +++ b/src/share/classes/com/sun/media/sound/DLSInstrument.java @@ -25,6 +25,7 @@ package com.sun.media.sound; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -439,10 +440,10 @@ public class DLSInstrument extends ModelInstrument { } public byte[] getGuid() { - return guid; + return guid == null ? null : Arrays.copyOf(guid, guid.length); } public void setGuid(byte[] guid) { - this.guid = guid; + this.guid = guid == null ? null : Arrays.copyOf(guid, guid.length); } } diff --git a/src/share/classes/com/sun/media/sound/DLSSample.java b/src/share/classes/com/sun/media/sound/DLSSample.java index afddfd0fa..28327e68f 100644 --- a/src/share/classes/com/sun/media/sound/DLSSample.java +++ b/src/share/classes/com/sun/media/sound/DLSSample.java @@ -25,6 +25,7 @@ package com.sun.media.sound; import java.io.InputStream; +import java.util.Arrays; import javax.sound.midi.Soundbank; import javax.sound.midi.SoundbankResource; import javax.sound.sampled.AudioFormat; @@ -113,10 +114,10 @@ public class DLSSample extends SoundbankResource { } public byte[] getGuid() { - return guid; + return guid == null ? null : Arrays.copyOf(guid, guid.length); } public void setGuid(byte[] guid) { - this.guid = guid; + this.guid = guid == null ? null : Arrays.copyOf(guid, guid.length); } } diff --git a/src/share/classes/com/sun/media/sound/ModelConnectionBlock.java b/src/share/classes/com/sun/media/sound/ModelConnectionBlock.java index 2f8702c20..3f21aa0b9 100644 --- a/src/share/classes/com/sun/media/sound/ModelConnectionBlock.java +++ b/src/share/classes/com/sun/media/sound/ModelConnectionBlock.java @@ -24,6 +24,8 @@ */ package com.sun.media.sound; +import java.util.Arrays; + /** * Connection blocks are used to connect source variable * to a destination variable. @@ -117,19 +119,17 @@ public class ModelConnectionBlock { } public ModelSource[] getSources() { - return sources; + return Arrays.copyOf(sources, sources.length); } public void setSources(ModelSource[] source) { - this.sources = source; + this.sources = source == null ? no_sources : Arrays.copyOf(source, source.length); } public void addSource(ModelSource source) { ModelSource[] oldsources = sources; sources = new ModelSource[oldsources.length + 1]; - for (int i = 0; i < oldsources.length; i++) { - sources[i] = oldsources[i]; - } + System.arraycopy(oldsources, 0, sources, 0, oldsources.length); sources[sources.length - 1] = source; } } diff --git a/src/share/classes/com/sun/media/sound/SoftChannel.java b/src/share/classes/com/sun/media/sound/SoftChannel.java index 1fc20b75b..70208f78e 100644 --- a/src/share/classes/com/sun/media/sound/SoftChannel.java +++ b/src/share/classes/com/sun/media/sound/SoftChannel.java @@ -503,7 +503,7 @@ public class SoftChannel implements MidiChannel, ModelDirectedPlayer { firstVoice = true; voiceNo = 0; - int tunedKey = (int)(Math.round(tuning.getTuning()[noteNumber]/100.0)); + int tunedKey = (int)(Math.round(tuning.getTuning(noteNumber)/100.0)); play_noteNumber = noteNumber; play_velocity = velocity; play_delay = delay; @@ -607,7 +607,7 @@ public class SoftChannel implements MidiChannel, ModelDirectedPlayer { firstVoice = true; voiceNo = 0; - int tunedKey = (int)(Math.round(tuning.getTuning()[noteNumber]/100.0)); + int tunedKey = (int)(Math.round(tuning.getTuning(noteNumber)/100.0)); play_noteNumber = noteNumber; play_velocity = lastVelocity[noteNumber]; play_releasetriggered = true; @@ -632,7 +632,7 @@ public class SoftChannel implements MidiChannel, ModelDirectedPlayer { int delay = play_delay; boolean releasetriggered = play_releasetriggered; - SoftPerformer p = current_instrument.getPerformers()[performerIndex]; + SoftPerformer p = current_instrument.getPerformer(performerIndex); if (firstVoice) { firstVoice = false; diff --git a/src/share/classes/com/sun/media/sound/SoftInstrument.java b/src/share/classes/com/sun/media/sound/SoftInstrument.java index 3f26a2be5..78f8926b5 100644 --- a/src/share/classes/com/sun/media/sound/SoftInstrument.java +++ b/src/share/classes/com/sun/media/sound/SoftInstrument.java @@ -76,7 +76,12 @@ public class SoftInstrument extends Instrument { return data; } + /* am: currently getPerformers() is not used (replaced with getPerformer(int)) public SoftPerformer[] getPerformers() { return performers; } + */ + public SoftPerformer getPerformer(int index) { + return performers[index]; + } } diff --git a/src/share/classes/com/sun/media/sound/SoftMixingDataLine.java b/src/share/classes/com/sun/media/sound/SoftMixingDataLine.java index 738c5289b..baaf9e844 100644 --- a/src/share/classes/com/sun/media/sound/SoftMixingDataLine.java +++ b/src/share/classes/com/sun/media/sound/SoftMixingDataLine.java @@ -505,7 +505,7 @@ public abstract class SoftMixingDataLine implements DataLine { } public Control[] getControls() { - return controls; + return Arrays.copyOf(controls, controls.length); } public boolean isControlSupported(Type control) { diff --git a/src/share/classes/com/sun/media/sound/SoftProvider.java b/src/share/classes/com/sun/media/sound/SoftProvider.java index dfa0fb2bf..bf3c45eb7 100644 --- a/src/share/classes/com/sun/media/sound/SoftProvider.java +++ b/src/share/classes/com/sun/media/sound/SoftProvider.java @@ -24,6 +24,7 @@ */ package com.sun.media.sound; +import java.util.Arrays; import javax.sound.midi.MidiDevice; import javax.sound.midi.MidiDevice.Info; import javax.sound.midi.spi.MidiDeviceProvider; @@ -39,7 +40,7 @@ public class SoftProvider extends MidiDeviceProvider { private static Info[] softinfos = {softinfo}; public MidiDevice.Info[] getDeviceInfo() { - return softinfos; + return Arrays.copyOf(softinfos, softinfos.length); } public MidiDevice getDevice(MidiDevice.Info info) { diff --git a/src/share/classes/com/sun/media/sound/SoftTuning.java b/src/share/classes/com/sun/media/sound/SoftTuning.java index 8fbdfa96d..611db14e5 100644 --- a/src/share/classes/com/sun/media/sound/SoftTuning.java +++ b/src/share/classes/com/sun/media/sound/SoftTuning.java @@ -25,6 +25,7 @@ package com.sun.media.sound; import java.io.UnsupportedEncodingException; +import java.util.Arrays; import javax.sound.midi.Patch; @@ -234,8 +235,10 @@ public class SoftTuning { } } + // am: getTuning(int) is more effective. + // currently getTuning() is used only by tests public double[] getTuning() { - return tuning; + return Arrays.copyOf(tuning, tuning.length); } public double getTuning(int noteNumber) { -- GitLab