From d405ab264332903f908a5668bb95cf05cc43e8c7 Mon Sep 17 00:00:00 2001
From: Hanspeter Portner <dev@open-music-kontrollers.ch>
Date: Wed, 22 Mar 2017 22:31:18 +0100
Subject: fix memory indexing overflow.

---
 VERSION | 2 +-
 vm_ui.c | 9 ++++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/VERSION b/VERSION
index 89610fa..4cb3d35 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.1.2877
+0.1.2879
diff --git a/vm_ui.c b/vm_ui.c
index c446197..85f37d5 100644
--- a/vm_ui.c
+++ b/vm_ui.c
@@ -31,7 +31,8 @@
 #	undef Bool
 #endif
 
-#define PLOT_MAX 256
+#define PLOT_MAX  256
+#define PLOT_MASK (PLOT_MAX - 1)
 
 typedef struct _atom_ser_t atom_ser_t;
 typedef struct _plot_t plot_t;
@@ -674,7 +675,8 @@ port_event(LV2UI_Handle instance, uint32_t index, uint32_t size,
 							{
 								handle->inp[i].pre = frac;
 
-								const unsigned pre = floorf(intp);
+								unsigned pre = floorf(intp);
+								pre &= PLOT_MASK;
 								const unsigned post = PLOT_MAX - pre;
 
 								memcpy(mem, &handle->inp[i].vals[pre], sizeof(float)*post);
@@ -699,7 +701,8 @@ port_event(LV2UI_Handle instance, uint32_t index, uint32_t size,
 							{
 								handle->outp[i].pre = frac;
 
-								const unsigned pre = floorf(intp);
+								unsigned pre = floorf(intp);
+								pre &= PLOT_MASK;
 								const unsigned post = PLOT_MAX - pre;
 
 								memcpy(mem, &handle->outp[i].vals[pre], sizeof(float)*post);
-- 
cgit v1.2.1