From b7dc1ab8acbfe341a76ab2e3b8e0a8c298abbe39 Mon Sep 17 00:00:00 2001 From: Urs Fleisch Date: Thu, 16 Nov 2023 18:48:00 +0100 Subject: [PATCH] Fail MPEG header check when frame length is zero (#1174) --- taglib/mpeg/mpegheader.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/taglib/mpeg/mpegheader.cpp b/taglib/mpeg/mpegheader.cpp index d87c38df..91944c2c 100644 --- a/taglib/mpeg/mpegheader.cpp +++ b/taglib/mpeg/mpegheader.cpp @@ -336,6 +336,11 @@ void MPEG::Header::parse(File *file, offset_t offset, bool checkLength) // consistent. Otherwise, we assume that either or both of the frames are // broken. + // A frame length of 0 is probably invalid and would pass the test below + // because nextData would be the same as data. + if(d->frameLength == 0) + return; + file->seek(offset + d->frameLength); const ByteVector nextData = file->readBlock(4);