Fix for a stack overflow when parsing vbr mp3 files, from Ido Admon on

ports@. Refs:
https://bugs.launchpad.net/ubuntu/+source/id3lib3.8.3/+bug/444466
http://sourceforge.net/tracker/?func=detail&aid=1863981&group_id=979&atid=100979
This commit is contained in:
landry 2010-10-03 06:55:17 +00:00
parent 32c2c1f427
commit 9b60645409
2 changed files with 16 additions and 2 deletions

View File

@ -1,10 +1,10 @@
# $OpenBSD: Makefile,v 1.15 2010/09/05 22:00:13 sthen Exp $
# $OpenBSD: Makefile,v 1.16 2010/10/03 06:55:17 landry Exp $
COMMENT= library for manipulating ID3v1 and ID3v2 tags
VERSION= 3.8
DISTNAME= id3lib-${VERSION}.3
REVISION= 2
REVISION= 3
CATEGORIES= audio
SHARED_LIBS += id3 4.0 # .3.8

View File

@ -0,0 +1,14 @@
$OpenBSD: patch-src_mp3_parse_cpp,v 1.1 2010/10/03 06:55:17 landry Exp $
fix for vbr stack overflow
http://sourceforge.net/tracker/?func=detail&aid=1863981&group_id=979&atid=100979
--- pobj/id3lib-3.8.3/id3lib-3.8.3/src/mp3_parse.cpp.orig Sun Oct 3 01:05:28 2010
+++ pobj/id3lib-3.8.3/id3lib-3.8.3/src/mp3_parse.cpp Sun Oct 3 01:05:44 2010
@@ -465,7 +465,7 @@
// from http://www.xingtech.com/developer/mp3/
const size_t VBR_HEADER_MIN_SIZE = 8; // "xing" + flags are fixed
- const size_t VBR_HEADER_MAX_SIZE = 116; // frames, bytes, toc and scale are optional
+ const size_t VBR_HEADER_MAX_SIZE = 120; // frames, bytes, toc and scale are optional
if (mp3size >= vbr_header_offest + VBR_HEADER_MIN_SIZE)
{