mirror/taglib
1
0
Fork 0
mirror of https://github.com/taglib/taglib.git synced 2025-05-27 21:20:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add another sanity check -- don't let invalid frames try to allocate anything

Browse Source 
larger than the tag size.

BUG:140515


git-svn-id: svn://anonsvn.kde.org/home/kde/trunk/kdesupport/taglib@633123 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
This commit is contained in:
Scott Wheeler 2007-02-13 09:26:31 +00:00
parent 3218095aca
commit 4382e84e9e
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
taglib/mpeg/id3v2/id3v2framefactory.cpp
View File

@ -73,7 +73,10 @@ Frame *FrameFactory::createFrame(const ByteVector &data, uint version) const
// A quick sanity check -- make sure that the frameID is 4 uppercase Latin1
// characters. Also make sure that there is data in the frame.
if(!frameID.size() == (version < 3 ? 3 : 4) || header->frameSize() <= 0) {
if(!frameID.size() == (version < 3 ? 3 : 4) ||
header->frameSize() <= 0 ||
header->frameSize() > data.size())
{
delete header;
return 0;
}