formats/cassimg.cpp: Fixed bad image crash in tap format (MT8952)

src/lib/formats/a26_cas.cpp

@@ -120,7 +120,7 @@ static int a26_cas_do_work( int16_t **buffer, const uint8_t *bytes ) {
 	return size;
 }
 
-static int a26_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int a26_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int16_t   *p = buffer;
 
 	return a26_cas_do_work( &p, (const uint8_t *)bytes );

src/lib/formats/ace_tap.cpp

@@ -135,7 +135,7 @@ static int ace_handle_tap(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int ace_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int ace_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return ace_handle_tap( buffer, bytes );
 }

src/lib/formats/apf_apt.cpp

@@ -152,12 +152,12 @@ static int apf_cpf_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int apf_apt_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int apf_apt_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return apf_apt_handle_cassette(buffer, bytes);
 }
 
-static int apf_cpf_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int apf_cpf_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return apf_cpf_handle_cassette(buffer, bytes);
 }

src/lib/formats/camplynx_cas.cpp

@@ -179,7 +179,7 @@ static int camplynx_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int camplynx_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int camplynx_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return camplynx_handle_cassette(buffer, bytes);
 }

src/lib/formats/cassimg.cpp

@@ -859,7 +859,7 @@ cassette_image::error cassette_image::legacy_construct(const LegacyWaveFiller *l
 	/* if there has to be a header */
 	if (args.header_samples > 0)
 	{
-		length = args.fill_wave(&samples[pos], sample_count - pos, CODE_HEADER);
+		length = args.fill_wave(&samples[pos], sample_count - pos, CODE_HEADER, -1);
 		if (length < 0)
 		{
 			err = error::INVALID_IMAGE;
@@ -877,20 +877,11 @@ cassette_image::error cassette_image::legacy_construct(const LegacyWaveFiller *l
 	}
 	while ((pos < sample_count) && (offset < size))
 	{
-		image_read(chunk.get(), offset, args.chunk_size);
-		offset += args.chunk_size;
-
-		/*
-		This approach is problematic because we don't have control on incomming image size when processing the data
-		(at least in tap implementation).
-		The method sending the size of output (calculated in 'chunk_sample_calc' above) which uses same data as a input  but
-		without knowing how much data available in the image. Having wrong header with size bigger than image couses illegal
-		access beyond image data.
-		Desired state is:
-			length = args.fill_wave(&samples[pos], args.chunk_size, chunk.get());
-			aslo the fix for tap is commented out in 'tap_cas_fill_wave'
-		*/
-		length = args.fill_wave(&samples[pos], sample_count - pos, chunk.get());
+		const int slice = std::min<int>(args.chunk_size, size - offset);
+		image_read(chunk.get(), offset, slice);
+		offset += slice;
+
+		length = args.fill_wave(&samples[pos], sample_count - pos, chunk.get(), slice);
 		if (length < 0)
 		{
 			err = error::INVALID_IMAGE;
@@ -905,7 +896,7 @@ cassette_image::error cassette_image::legacy_construct(const LegacyWaveFiller *l
 	/* if there has to be a trailer */
 	if (args.trailer_samples > 0)
 	{
-		length = args.fill_wave(&samples[pos], sample_count - pos, CODE_TRAILER);
+		length = args.fill_wave(&samples[pos], sample_count - pos, CODE_TRAILER, -1);
 		if (length < 0)
 		{
 			err = error::INVALID_IMAGE;

src/lib/formats/cassimg.h

@@ -120,7 +120,7 @@ class cassette_image
 	/* code to adapt existing legacy fill_wave functions */
 	struct LegacyWaveFiller
 	{
-		int (*fill_wave)(int16_t *, int, const uint8_t *) = nullptr;
+		int (*fill_wave)(int16_t *, int, const uint8_t *, int) = nullptr;
 		int chunk_size = 0;
 		int chunk_samples = 0;
 		int (*chunk_sample_calc)(const uint8_t *bytes, int length) = nullptr;

src/lib/formats/cbm_tap.cpp

@@ -330,7 +330,7 @@ static int cbm_tap_to_wav_size( const uint8_t *tapdata, int taplen )
 	return size;
 }
 
-static int cbm_tap_fill_wave( int16_t *buffer, int length, const uint8_t *bytes )
+static int cbm_tap_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int )
 {
 	int16_t *p = buffer;
 

src/lib/formats/cgen_cas.cpp

@@ -108,7 +108,7 @@ static int cgenie_handle_cas(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int cgenie_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int cgenie_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return cgenie_handle_cas(buffer, bytes);
 }

src/lib/formats/fc100_cas.cpp

@@ -104,7 +104,7 @@ static int fc100_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int fc100_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int fc100_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return fc100_handle_cassette(buffer, bytes);
 }

src/lib/formats/fm7_cas.cpp

@@ -72,7 +72,7 @@ static int fm7_cas_to_wav_size (const uint8_t *casdata, int caslen)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int fm7_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int fm7_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return fm7_handle_t77(buffer,bytes);
 }

src/lib/formats/fmsx_cas.cpp

@@ -49,7 +49,7 @@ static int fmsx_cas_to_wav_size (const uint8_t *casdata, int caslen)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int fmsx_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int fmsx_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	int cas_pos, bit, state = 1, samples_pos, size, n, i, p;
 

src/lib/formats/gtp_cas.cpp

@@ -127,7 +127,7 @@ static int gtp_cas_to_wav_size( const uint8_t *casdata, int caslen ) {
 	return size;
 }
 
-static int gtp_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int gtp_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i,size,n;
 	size = 0;
 	n = 0;

src/lib/formats/h8_cas.cpp

@@ -102,7 +102,7 @@ static int h8_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int h8_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int h8_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return h8_handle_cassette(buffer, bytes);
 }

src/lib/formats/hect_tap.cpp

@@ -203,7 +203,7 @@ static int hector_handle_forth_tap(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int hector_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int hector_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return hector_handle_tap( buffer, bytes );
 }
@@ -222,7 +222,7 @@ static int hector_tap_forth_to_wav_size(const uint8_t *casdata, int caslen)
 /*******************************************************************
    Generate samples for the tape image FORTH
 ********************************************************************/
-static int hector_tap_forth_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int hector_tap_forth_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return hector_handle_forth_tap( buffer, bytes ); //forth removed here !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 }

src/lib/formats/kc_cas.cpp

@@ -232,7 +232,7 @@ static int kc_handle_sss(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int kc_kcc_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int kc_kcc_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return kc_handle_kcc(buffer, bytes);
 }
@@ -284,7 +284,7 @@ static const cassette_image::Format kc_kcc_format =
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int kc_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int kc_tap_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return kc_handle_tap(buffer, bytes);
 }
@@ -336,7 +336,7 @@ static const cassette_image::Format kc_tap_format =
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int kc_sss_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int kc_sss_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return kc_handle_sss(buffer, bytes);
 }

src/lib/formats/kim1_cas.cpp

@@ -145,7 +145,7 @@ static int kim1_handle_kim(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int kim1_kim_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int kim1_kim_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return kim1_handle_kim( buffer, bytes );
 }

src/lib/formats/lviv_lvt.cpp

@@ -71,7 +71,7 @@ static int lviv_cassette_calculate_size_in_samples(const uint8_t *bytes, int len
 
 /*************************************************************************************/
 
-static int lviv_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int lviv_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	int16_t * p = buffer;
 

src/lib/formats/mbee_cas.cpp

@@ -209,7 +209,7 @@ static int mbee_handle_tap(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int mbee_tap_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int mbee_tap_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return mbee_handle_tap(buffer, bytes);
 }

src/lib/formats/mz_cas.cpp

@@ -69,7 +69,7 @@ static int fill_wave_b(int16_t *buffer, int offs, int byte)
 	return count;
 }
 
-static int fill_wave(int16_t *buffer, int length, const uint8_t *code)
+static int fill_wave(int16_t *buffer, int length, const uint8_t *code, int)
 {
 	static int16_t *beg;
 	static uint16_t csum = 0;

src/lib/formats/orao_cas.cpp

@@ -62,7 +62,7 @@ static int orao_cas_to_wav_size( const uint8_t *casdata, int caslen ) {
 	return size;
 }
 
-static int orao_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int orao_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i,j,size,k;
 	uint8_t b;
 	size = 0;

src/lib/formats/oric_tap.cpp

@@ -345,7 +345,7 @@ static int oric_cassette_calculate_size_in_samples(const uint8_t *bytes, int len
 }
 
 /* length is length of sample buffer to fill! */
-static int oric_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int oric_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	unsigned char header[9];
 	int16_t *p = buffer;

src/lib/formats/p6001_cas.cpp

@@ -53,7 +53,7 @@ static int pc6001_cas_to_wav_size (const uint8_t *casdata, int caslen)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int pc6001_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int pc6001_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	return pc6001_handle_cas(buffer,bytes);
 }

src/lib/formats/phc25_cas.cpp

@@ -129,7 +129,7 @@ static int phc25_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int phc25_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int phc25_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return phc25_handle_cassette(buffer, bytes);
 }

src/lib/formats/pmd_cas.cpp

@@ -168,7 +168,7 @@ static int pmd85_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int pmd85_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int pmd85_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return pmd85_handle_cassette(buffer, bytes);
 }

src/lib/formats/primoptp.cpp

@@ -138,7 +138,7 @@ static int primo_cassette_calculate_size_in_samples(const uint8_t *bytes, int le
 	return size_in_samples;
 }
 
-static int primo_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int primo_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	int i = 0, j = 0, k;
 

src/lib/formats/rk_cas.cpp

@@ -77,7 +77,7 @@ static int gam_cas_to_wav_size( const uint8_t *casdata, int caslen ) {
 	return  (RK_HEADER_LEN  * 8 * 2 +  caslen * 8 * 2) * RK_SIZE_20;
 }
 
-static int rk20_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int rk20_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i;
 	int16_t * p = buffer;
 
@@ -93,7 +93,7 @@ static int rk20_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes
 	return p - buffer;
 }
 
-static int rk22_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int rk22_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i;
 	int16_t * p = buffer;
 
@@ -109,7 +109,7 @@ static int rk22_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes
 	return p - buffer;
 }
 
-static int rk60_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int rk60_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i;
 	int16_t * p = buffer;
 
@@ -125,7 +125,7 @@ static int rk60_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes
 	return p - buffer;
 }
 
-static int gam_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes ) {
+static int gam_cas_fill_wave( int16_t *buffer, int length, const uint8_t *bytes, int ) {
 	int i;
 	int16_t * p = buffer;
 

src/lib/formats/sol_cas.cpp

@@ -335,7 +335,7 @@ static int sol20_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int sol20_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int sol20_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return sol20_handle_cassette(buffer, bytes);
 }

src/lib/formats/sorc_cas.cpp

@@ -107,7 +107,7 @@ static int sorcerer_handle_cassette(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int sorcerer_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int sorcerer_cassette_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return sorcerer_handle_cassette(buffer, bytes);
 }

src/lib/formats/spc1000_cas.cpp

@@ -89,12 +89,12 @@ static int spc1000_handle_cas(int16_t *buffer, const uint8_t *bytes)
    Generate samples for the tape image
 ********************************************************************/
 
-static int spc1000_tap_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int spc1000_tap_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return spc1000_handle_tap(buffer, bytes);
 }
 
-static int spc1000_cas_fill_wave(int16_t *buffer, int length, const uint8_t *bytes)
+static int spc1000_cas_fill_wave(int16_t *buffer, int length, const uint8_t *bytes, int)
 {
 	return spc1000_handle_cas(buffer, bytes);
 }

src/lib/formats/svi_cas.cpp

@@ -24,7 +24,7 @@ static int cas_size; // FIXME: global variable prevents multiple instances
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int svi_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int svi_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	int cas_pos, samples_pos, n, i;
 

src/lib/formats/trs_cas.cpp

@@ -174,7 +174,7 @@ static int trs80m3_handle_cas(int16_t *buffer, const uint8_t *casdata)
 /*******************************************************************
    Generate samples for the tape image
 ********************************************************************/
-static int trs80_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes)
+static int trs80_cas_fill_wave(int16_t *buffer, int sample_count, const uint8_t *bytes, int)
 {
 	if (cas_size && (bytes[0] == 0x55))
 		return trs80m3_handle_cas( buffer, bytes );