From b0f9a1454af5af826255e988d1ca8fe78df2c136 Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Wed, 30 Sep 2009 15:22:47 +0200 Subject: [PATCH] decoder/faad: skip assertion failure on large ID3 tags When the ID3 tag in an AAC file is larger than the current buffer, the function decoder_buffer_consume() aborts. By using the new function decoder_buffer_skip() instead, we can safely skip the ID3 tag. --- NEWS | 1 + src/decoder/faad_plugin.c | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index b6b23942f..ecb576dde 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,7 @@ ver 0.15.4 (2009/??/??) * decoders: - vorbis: revert "faster tag scanning with ov_test_callback()" + - faad: skip assertion failure on large ID3 tags * output: - osx: fix the OS X 10.6 build diff --git a/src/decoder/faad_plugin.c b/src/decoder/faad_plugin.c index d0537dd5b..7b2806a4c 100644 --- a/src/decoder/faad_plugin.c +++ b/src/decoder/faad_plugin.c @@ -162,6 +162,7 @@ faad_song_duration(struct decoder_buffer *buffer, struct input_stream *is) size_t tagsize; const unsigned char *data; size_t length; + bool success; fileread = is->size >= 0 ? is->size : 0; @@ -179,8 +180,11 @@ faad_song_duration(struct decoder_buffer *buffer, struct input_stream *is) tagsize += 10; - decoder_buffer_consume(buffer, tagsize); - decoder_buffer_fill(buffer); + success = decoder_buffer_skip(buffer, tagsize) && + decoder_buffer_fill(buffer); + if (!success) + return -1; + data = decoder_buffer_read(buffer, &length); if (data == NULL) return -1;