From 23dce21647b6b7f3f9ddcb9ad267decf2c7388f0 Mon Sep 17 00:00:00 2001
From: Max Kellermann <max@duempel.org>
Date: Thu, 21 Aug 2014 12:37:20 +0200
Subject: decoer/dsf: fix endless loop on malformed file

When the data chunk size is not a multiple of the frame size, the last
partial frame lead to an endless loop.  We fix this by checking
chunk_sze>=frame instead of chunk_sze>0.  This way, the partial frame
is simply skipped.
---
 src/decoder/DsfDecoderPlugin.cxx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/decoder')

diff --git a/src/decoder/DsfDecoderPlugin.cxx b/src/decoder/DsfDecoderPlugin.cxx
index ad5483c32..9fbfe9cda 100644
--- a/src/decoder/DsfDecoderPlugin.cxx
+++ b/src/decoder/DsfDecoderPlugin.cxx
@@ -238,7 +238,7 @@ dsf_decode_chunk(Decoder &decoder, InputStream &is,
 	const unsigned buffer_samples = buffer_frames * frame_size;
 	const size_t buffer_size = buffer_samples * sample_size;
 
-	while (chunk_size > 0) {
+	while (chunk_size >= frame_size) {
 		/* see how much aligned data from the remaining chunk
 		   fits into the local buffer */
 		size_t now_size = buffer_size;
-- 
cgit v1.2.3