aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Brittenson <bson@rockgarden.net>2014-12-22 22:26:55 -0800
committerMax Kellermann <max@duempel.org>2014-12-23 09:49:33 +0100
commit35db88affe5d158c1bfda46e4cd0f8c69db4426d (patch)
treeb32a17a9100bc49f03d94f7c1bee3a422d998d84
parente38faca455995f1ae7df54780ffeed53c8037346 (diff)
downloadmpd-35db88affe5d158c1bfda46e4cd0f8c69db4426d.tar.gz
mpd-35db88affe5d158c1bfda46e4cd0f8c69db4426d.tar.xz
mpd-35db88affe5d158c1bfda46e4cd0f8c69db4426d.zip
DSF ID3 tags hitting 4k size limit
Here's a change to dynamically allocate the DSD ID3 tag buffer. Pretty much anything with cover art is going to exceed the existing, static 4k limit... Here's a change to dynamically allocate the buffer and sanity check it at some upper limit. I rather arbitrarily pulled 256k out of thin air just to keep a corrupt file from causing it to trying to allocate a buffer larger than available memory.
-rw-r--r--NEWS2
-rw-r--r--src/decoder/plugins/DsdLib.cxx18
2 files changed, 14 insertions, 6 deletions
diff --git a/NEWS b/NEWS
index d33d600d0..54e04ab9a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,4 +1,6 @@
ver 0.19.8 (not yet released)
+* decoder
+ - dsdiff, dsf: allow ID3 tags larger than 4 kB
ver 0.19.7 (2014/12/17)
* input
diff --git a/src/decoder/plugins/DsdLib.cxx b/src/decoder/plugins/DsdLib.cxx
index 8892ed387..0436b9c3f 100644
--- a/src/decoder/plugins/DsdLib.cxx
+++ b/src/decoder/plugins/DsdLib.cxx
@@ -29,6 +29,7 @@
#include "input/InputStream.hxx"
#include "tag/TagId3.hxx"
#include "util/Error.hxx"
+#include "util/Alloc.hxx"
#include <string.h>
@@ -123,22 +124,27 @@ dsdlib_tag_id3(InputStream &is,
const id3_length_t count = size - offset;
- /* Check and limit id3 tag size to prevent a stack overflow */
- id3_byte_t dsdid3[4096];
- if (count == 0 || count > sizeof(dsdid3))
+ if (count < 10 || count > 256*1024)
return;
- if (!decoder_read_full(nullptr, is, dsdid3, count))
+ id3_byte_t *const id3_buf = static_cast<id3_byte_t*>(xalloc(count));
+
+ if (!decoder_read_full(nullptr, is, id3_buf, count)) {
+ free(id3_buf);
return;
+ }
- struct id3_tag *id3_tag = id3_tag_parse(dsdid3, count);
- if (id3_tag == nullptr)
+ struct id3_tag *id3_tag = id3_tag_parse(id3_buf, count);
+ if (id3_tag == nullptr) {
+ free(id3_buf);
return;
+ }
scan_id3_tag(id3_tag, handler, handler_ctx);
id3_tag_delete(id3_tag);
+ free(id3_buf);
return;
}
#endif