mirror/taglib
1
0
Fork 0
mirror of https://github.com/taglib/taglib.git synced 2025-05-27 21:20:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix an infinite loop when parsing an INFO tag.

Browse Source
This commit is contained in:
Tsuda Kageyu 2014-12-23 15:44:17 +09:00
parent 79b7c14129
commit 3170d47ec3
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
taglib/riff/wav/infotag.cpp
View File

@ -258,9 +258,15 @@ void RIFF::Info::Tag::parse(const ByteVector &data)
uint p = 4;
while(p < data.size()) {
const uint size = data.toUInt(p + 4, false);
d->fieldListMap[data.mid(p, 4)] = TagPrivate::stringHandler->parse(data.mid(p + 8, size));
if(size > data.size() - p - 8)
break;
const ByteVector id = data.mid(p, 4);
if(isValidChunkID(id)) {
const String text = TagPrivate::stringHandler->parse(data.mid(p + 8, size));
d->fieldListMap[id] = text;
}
p += ((size + 1) & ~1) + 8;
}
}