Languages

[MusicXML import] crashes MS 2.1 871c8ce

• Dec 13, 2017 - 07:24

Reported version

2.2

Type

Functional

Severity

S2 - Critical

Status

closed

Project

Tags

See https://musescore.org/en/node/267534.

Cause seems to be a corruption in the note start time calculation, debugging shows weird timestamps such as 298029592/-50151680.

Reply

Comments

• Dec 13, 2017 - 10:59

Tags

• Dec 14, 2017 - 06:30

Importing this file leads to subtracting Fraction 25200/100800 from 126000/100800 , which causes a numeric overflow, leading to incorrect timing calculations due to the large denominators being multiplied in an int.

At least for me (OS X, Clang) int is 32 bit.

• Dec 14, 2017 - 21:32

I guess we are multiplying 100800 by 100800 in this particular case, and it shouldn't really be necessary...

• Dec 16, 2017 - 09:02

Correct, see pull request 3355.
Note that the Fraction implementation is still vulnerable to overflows (in lcm() and most of the operator*() functions.

• Dec 16, 2017 - 09:02

Status (old)	active	⇒	patch (ready to commit)
Status	active	⇒	PR created

• Dec 16, 2017 - 10:17

Just checked the fix behaviour on 2.2-dev: it indeed fixes the crash and allows the file to be imported.

• Dec 17, 2017 - 18:25

Status (old)	patch (ready to commit)	⇒	fixed
Status	PR created	⇒	fixed

Fixed in branch master, commit f439497144

fix #267569 numeric overflow causes MusicXML import crash

• Dec 17, 2017 - 18:25

Fixed in branch master, commit be8fbcdd38

Merge pull request #3355 from lvinken/267569-reduce-mxml-fractions

fix #267569 numeric overflow causes MusicXML import crash

• Dec 17, 2017 - 18:26

Fixed in branch 2.2, commit 57fce2413a

fix #267569 numeric overflow causes MusicXML import crash

• Jan 1, 2018 - 09:00

Status (old)	fixed	⇒	closed
Status	fixed	⇒	closed

Automatically closed -- issue fixed for 2 weeks with no activity.