I took these tag names from a MusePack sample file I got from a user.
These are not documented in the APE specification:
http://wiki.hydrogenaudio.org/index.php?title=APE_key
People seem to be using undocumented extensions to the specification
anyway, and the best we can do is attempt to support them.
After we've been hit by Large File Support problems several times in
the past week (which only occur on 32 bit platforms, which I don't
have), this is yet another attempt to fix the issue.
The function tag_ape_load() retrieves a 32 bit unsigned integer from
the input file, and passes it to g_malloc(). This is dangerous, and
may be used for a denial of service attack on MPD.
The expression "tagLen - size > 0" may result in an integer underflow
and a buffer overflow, when "size" is larger than "tagLen". "size" is
read from the input file, and must not be trusted. This patch changes
the expression to "tagLen > size", which is a lot safer.
This updates the copyright header to all be the same, which is
pretty much an update of where to mail request for a copy of the GPL
and the years of the MPD project. This also puts all committers under
'The Music Player Project' umbrella. These entries should go
individually in the AUTHORS file, for consistancy.
