Sophie: libsndfile-1.0.25-9.4.mga5 src

libsndfile-1.0.25-9.4.mga5.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

From 41da64d9270b2fa10c93ce74dea014fe8f0bd303 Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo <erikd@mega-nerd.com>
Date: Sat, 5 Nov 2011 09:49:14 +1100
Subject: [PATCH] src/id3.c : Fix a stack overflow when parsing a file with
 multiple ID3 headers.

---
 src/id3.c |   11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

--- a/src/id3.c
+++ b/src/id3.c
@@ -40,11 +40,16 @@ id3_skip (SF_PRIVATE * psf)
 		offset = (offset << 7) | (buf [8] & 0x7f) ;
 		offset = (offset << 7) | (buf [9] & 0x7f) ;
 
-		psf_binheader_readf (psf, "j", make_size_t (offset)) ;
-
 		psf_log_printf (psf, "ID3 length : %d\n--------------------\n", offset) ;
 
-		psf->fileoffset = 10 + offset ;
+		/* Never want to jump backwards in a file. */
+		if (offset < 0)
+			return 0 ;
+
+		/* Calculate new file offset and position ourselves there. */
+		psf->fileoffset += offset + 10 ;
+		psf_binheader_readf (psf, "p", psf->fileoffset) ;
+
 		return 1 ;
 		} ;