summaryrefslogtreecommitdiff
path: root/apps
diff options
context:
space:
mode:
authorMagnus Holmgren <magnushol@gmail.com>2011-09-14 17:30:45 +0000
committerMagnus Holmgren <magnushol@gmail.com>2011-09-14 17:30:45 +0000
commite995d015700bc0d0bcbbe4d5cb3651cc4f4d0efb (patch)
tree5c699d4a37ab8ed1d00fbc87acf51db9b0c7c386 /apps
parentc222f38c03734b7849799b08f2daf5bd85ace303 (diff)
downloadrockbox-e995d015700bc0d0bcbbe4d5cb3651cc4f4d0efb.tar.gz
rockbox-e995d015700bc0d0bcbbe4d5cb3651cc4f4d0efb.zip
Fix FS#12266, by skipping empty frames when reading ID3v2 tags. Also add some length checks to be safe.
git-svn-id: svn://svn.rockbox.org/rockbox/trunk@30550 a1c6a512-1295-4272-9138-f99709370657
Diffstat (limited to 'apps')
-rw-r--r--apps/metadata/id3tags.c20
1 files changed, 12 insertions, 8 deletions
diff --git a/apps/metadata/id3tags.c b/apps/metadata/id3tags.c
index c1d9cb2020..39365028fc 100644
--- a/apps/metadata/id3tags.c
+++ b/apps/metadata/id3tags.c
@@ -579,7 +579,7 @@ static int unicode_munge(char* string, char* utf8buf, int *len) {
579 if(str[1] == 0) 579 if(str[1] == 0)
580 le = true; 580 le = true;
581 581
582 do { 582 while ((i < *len) && (str[0] || str[1])) {
583 if(le) 583 if(le)
584 utf8 = utf16LEdecode(str, utf8, 1); 584 utf8 = utf16LEdecode(str, utf8, 1);
585 else 585 else
@@ -587,7 +587,7 @@ static int unicode_munge(char* string, char* utf8buf, int *len) {
587 587
588 str+=2; 588 str+=2;
589 i += 2; 589 i += 2;
590 } while((str[0] || str[1]) && (i < *len)); 590 }
591 591
592 *utf8++ = 0; /* Terminate the string */ 592 *utf8++ = 0; /* Terminate the string */
593 templen += (strlen(&utf8buf[templen]) + 1); 593 templen += (strlen(&utf8buf[templen]) + 1);
@@ -962,10 +962,10 @@ void setid3v2title(int fd, struct mp3entry *entry)
962 if((tr->tag_length == 4 && !memcmp( header, "COMM", 4)) || 962 if((tr->tag_length == 4 && !memcmp( header, "COMM", 4)) ||
963 (tr->tag_length == 3 && !memcmp( header, "COM", 3))) { 963 (tr->tag_length == 3 && !memcmp( header, "COM", 3))) {
964 int offset; 964 int offset;
965 if(!strncmp(tag+4, "iTun", 4)) { 965 if(bytesread >= 8 && !strncmp(tag+4, "iTun", 4)) {
966#if CONFIG_CODEC == SWCODEC 966#if CONFIG_CODEC == SWCODEC
967 /* check for iTunes gapless information */ 967 /* check for iTunes gapless information */
968 if(!strncmp(tag+4, "iTunSMPB", 8)) 968 if(bytesread >= 12 && !strncmp(tag+4, "iTunSMPB", 8))
969 itunes_gapless = true; 969 itunes_gapless = true;
970 else 970 else
971#endif 971#endif
@@ -1000,6 +1000,10 @@ void setid3v2title(int fd, struct mp3entry *entry)
1000 bytesread--; 1000 bytesread--;
1001 } 1001 }
1002 1002
1003 if(bytesread == 0)
1004 /* Skip empty frames */
1005 break;
1006
1003 tag[bytesread] = 0; 1007 tag[bytesread] = 0;
1004 bufferpos += bytesread + 1; 1008 bufferpos += bytesread + 1;
1005 1009
@@ -1040,10 +1044,6 @@ void setid3v2title(int fd, struct mp3entry *entry)
1040#endif 1044#endif
1041 if( tr->ppFunc ) 1045 if( tr->ppFunc )
1042 bufferpos = tr->ppFunc(entry, tag, bufferpos); 1046 bufferpos = tr->ppFunc(entry, tag, bufferpos);
1043
1044 /* Seek to the next frame */
1045 if(framelen < totframelen)
1046 lseek(fd, totframelen - framelen, SEEK_CUR);
1047 break; 1047 break;
1048 } 1048 }
1049 } 1049 }
@@ -1059,6 +1059,10 @@ void setid3v2title(int fd, struct mp3entry *entry)
1059 if( lseek(fd, totframelen, SEEK_CUR) == -1 ) 1059 if( lseek(fd, totframelen, SEEK_CUR) == -1 )
1060 return; 1060 return;
1061 } 1061 }
1062 } else {
1063 /* Seek to the next frame */
1064 if(framelen < totframelen)
1065 lseek(fd, totframelen - framelen, SEEK_CUR);
1062 } 1066 }
1063 } 1067 }
1064} 1068}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-28 23:22:48 +0000