mirror/taglib
1
0
Fork 0
mirror of https://github.com/taglib/taglib.git synced 2026-02-14 04:03:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

Verify the ID3v2 version and revision are not 0xFF (#1301)

Browse Source
This commit is contained in:
Stephen Booth
2026-01-31 01:21:17 -06:00
committed by GitHub
parent 11e3eb05bd
commit 51f431c96a
2 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
taglib/mpeg/id3v2/id3v2header.cpp
View File

@ -201,12 +201,19 @@ void Header::parse(const ByteVector &data)
if(std::any_of(sizeData.cbegin(), sizeData.cend(),
[](unsigned char size) { return size >= 128; })) {
d->tagSize = 0;
debug("TagLib::ID3v2::Header::parse() - One of the size bytes in the id3v2 header was greater than the allowed 128.");
debug("TagLib::ID3v2::Header::parse() - One of the size bytes in the ID3v2 header was greater than the allowed 128.");
return;
}
// The first three bytes, data[0..2], are the File Identifier, "ID3". (structure 3.1 "file identifier")
// 3.1 states: "Version or revision will never be $FF."
if(static_cast<unsigned char>(data[3]) == 0xFF || static_cast<unsigned char>(data[4]) == 0xFF) {
d->tagSize = 0;
debug("TagLib::ID3v2::Header::parse() - The version or revision in the ID3v2 header was 0xFF.");
return;
}
// Read the version number from the fourth and fifth bytes.
d->majorVersion = data[3]; // (structure 3.1 "major version")
d->revisionNumber = data[4]; // (structure 3.1 "revision number")

16
tests/test_id3v2.cpp
View File

@ -139,6 +139,7 @@ class TestID3v2 : public CppUnit::TestFixture
CPPUNIT_TEST(testEmptyFrame);
CPPUNIT_TEST(testDuplicateTags);
CPPUNIT_TEST(testParseTOCFrameWithManyChildren);
CPPUNIT_TEST(testInvalidID3v2Version);
CPPUNIT_TEST_SUITE_END();
public:
@ -1739,6 +1740,21 @@ public:
CPPUNIT_ASSERT(tocFrame->embeddedFrameList().isEmpty());
}
void testInvalidID3v2Version()
{
ID3v2::Header invalidVersionHeader(ByteVector("ID3"
"\xFF\x00"
"\x05"
"\x14\x4F\x00\x32", 10));
CPPUNIT_ASSERT_EQUAL(invalidVersionHeader.tagSize(), 0U);
ID3v2::Header invalidRevisionHeader(ByteVector("ID3"
"\x04\xFF"
"\x05"
"\x14\x4F\x00\x32", 10));
CPPUNIT_ASSERT_EQUAL(invalidRevisionHeader.tagSize(), 0U);
}
};
CPPUNIT_TEST_SUITE_REGISTRATION(TestID3v2);