Nyaaori/rockbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

id3tags.c check for buffer overrun

Browse source 
Change-Id: I74fde8e234fe85abfabefddcea7f10038167c715
This commit is contained in:
William Wilgus 2021-08-01 22:26:05 -04:00
parent 2346a7aa6d
commit 247731fe8c
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/rbcodec/metadata/id3tags.c
View file

@ -970,6 +970,9 @@ void setid3v2title(int fd, struct mp3entry *entry)
if((tr->tag_length == 4 && !memcmp( header, "COMM", 4)) ||
(tr->tag_length == 3 && !memcmp( header, "COM", 3))) {
int offset;
if (buffersize - bufferpos <= 4)
return; /* Error ?? */
if(bytesread >= 8 && !strncmp(tag+4, "iTun", 4)) {
/* check for iTunes gapless information */
if(bytesread >= 12 && !strncmp(tag+4, "iTunSMPB", 8))