diff options
author | Max Kellermann <max@duempel.org> | 2014-12-23 20:43:15 +0100 |
---|---|---|
committer | Max Kellermann <max@duempel.org> | 2014-12-23 20:43:15 +0100 |
commit | ea96919b800af8b4d87e73d775b71fa126dc7fd9 (patch) | |
tree | c2cf1e14da49ebbfbde47d0ec4f5ea61f12bf312 /src/decoder/plugins | |
parent | 5835afb849f929661d9a5c1f746f4765d567b8ad (diff) | |
parent | 43da4c0ecaf23ebb7b282bdfe3b5c6bfc3ab6c41 (diff) | |
download | mpd-ea96919b800af8b4d87e73d775b71fa126dc7fd9.tar.gz mpd-ea96919b800af8b4d87e73d775b71fa126dc7fd9.tar.xz mpd-ea96919b800af8b4d87e73d775b71fa126dc7fd9.zip |
Merge branch 'v0.19.x'
Diffstat (limited to 'src/decoder/plugins')
-rw-r--r-- | src/decoder/plugins/DsdLib.cxx | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/src/decoder/plugins/DsdLib.cxx b/src/decoder/plugins/DsdLib.cxx index 13f6bc846..9da08f3eb 100644 --- a/src/decoder/plugins/DsdLib.cxx +++ b/src/decoder/plugins/DsdLib.cxx @@ -29,8 +29,10 @@ #include "input/InputStream.hxx" #include "tag/TagId3.hxx" #include "util/Error.hxx" +#include "util/Alloc.hxx" #include <string.h> +#include <stdlib.h> #ifdef ENABLE_ID3TAG #include <id3tag.h> @@ -123,22 +125,27 @@ dsdlib_tag_id3(InputStream &is, const id3_length_t count = size - offset; - /* Check and limit id3 tag size to prevent a stack overflow */ - id3_byte_t dsdid3[4096]; - if (count == 0 || count > sizeof(dsdid3)) + if (count < 10 || count > 256*1024) return; - if (!decoder_read_full(nullptr, is, dsdid3, count)) + id3_byte_t *const id3_buf = static_cast<id3_byte_t*>(xalloc(count)); + + if (!decoder_read_full(nullptr, is, id3_buf, count)) { + free(id3_buf); return; + } - struct id3_tag *id3_tag = id3_tag_parse(dsdid3, count); - if (id3_tag == nullptr) + struct id3_tag *id3_tag = id3_tag_parse(id3_buf, count); + if (id3_tag == nullptr) { + free(id3_buf); return; + } scan_id3_tag(id3_tag, handler, handler_ctx); id3_tag_delete(id3_tag); + free(id3_buf); return; } #endif |