From cce6ad46c912c4137131c97f67136a3d11881726 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Lalinsk=C3=BD?= <lalinsky@gmail.com>
Date: Tue, 10 Jan 2012 17:18:20 +0100
Subject: [PATCH 1/2] Reverse the version check, similarly to what mp4v2 does

---
 taglib/mp4/mp4properties.cpp | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/taglib/mp4/mp4properties.cpp b/taglib/mp4/mp4properties.cpp
index a62bda99..c1f8d47c 100644
--- a/taglib/mp4/mp4properties.cpp
+++ b/taglib/mp4/mp4properties.cpp
@@ -91,15 +91,24 @@ MP4::Properties::Properties(File *file, MP4::Atoms *atoms, ReadStyle style)
 
   file->seek(mdhd->offset);
   data = file->readBlock(mdhd->length);
-  if(data[8] == 0) {
-    unsigned int unit = data.mid(20, 4).toUInt();
-    unsigned int length = data.mid(24, 4).toUInt();
-    d->length = length / unit;
-  }
-  else {
+  uint version = data[8];
+  if(version == 1) {
+    if (data.size() < 36 + 8) {
+      debug("MP4: Atom 'trak.mdia.mdhd' is smaller than expected");
+      return;
+    }
     long long unit = data.mid(28, 8).toLongLong();
     long long length = data.mid(36, 8).toLongLong();
-    d->length = int(length / unit);
+    d->length = unit ? int(length / unit) : 0;
+  }
+  else {
+    if (data.size() < 24 + 4) {
+      debug("MP4: Atom 'trak.mdia.mdhd' is smaller than expected");
+      return;
+    }
+    unsigned int unit = data.mid(20, 4).toUInt();
+    unsigned int length = data.mid(24, 4).toUInt();
+    d->length = unit ? length / unit : 0;
   }
 
   MP4::Atom *atom = trak->find("mdia", "minf", "stbl", "stsd");

From 059f2243b315f9b8c31d491c8b58b192264c5f98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Lalinsk=C3=BD?= <lalinsky@gmail.com>
Date: Fri, 20 Apr 2012 17:57:13 +0200
Subject: [PATCH 2/2] Prepare 1.7.2 release

---
 CMakeLists.txt | 2 +-
 NEWS           | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 06b876cf..cb4c3382 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -40,7 +40,7 @@ endif (WIN32)
 
 SET(TAGLIB_LIB_MAJOR_VERSION "1")
 SET(TAGLIB_LIB_MINOR_VERSION "7")
-SET(TAGLIB_LIB_PATCH_VERSION "1")
+SET(TAGLIB_LIB_PATCH_VERSION "2")
 
 SET(TAGLIB_LIB_VERSION_STRING "${TAGLIB_LIB_MAJOR_VERSION}.${TAGLIB_LIB_MINOR_VERSION}.${TAGLIB_LIB_PATCH_VERSION}")
 
diff --git a/NEWS b/NEWS
index 55a5b7e3..89ca3d3b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,9 @@
+TagLib 1.7.2 (Apr 20, 2012)
+===========================
+
+ * Fixed division by zero while parsing corrupted MP4 files (CVE-2012-2396).
+ * Fixed compilation on Haiku.
+
 TagLib 1.7.1 (Mar 17, 2012)
 ===========================