mirror/taglib
1
0
Fork 0
mirror of https://github.com/taglib/taglib.git synced 2026-02-14 20:23:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #476 from TsudaKageyu/fuzzed-ape

Browse Source 
Some fixes for fuzzed APE files.
This commit is contained in:
Lukáš Lalinský
2014-12-29 09:47:10 +01:00
parent 59ae61de6e 16ac2cd240
commit be33389884
5 changed files with 27 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
taglib/ape/apeproperties.cpp
View File

@ -221,12 +221,20 @@ void APE::Properties::analyzeOld()
blocksPerFrame = 73728;
else
blocksPerFrame = 9216;
d->channels = header.toShort(4, false);
d->sampleRate = header.toUInt(6, false);
const uint finalFrameBlocks = header.toUInt(22, false);
const uint totalBlocks
= totalFrames > 0 ? (totalFrames - 1) * blocksPerFrame + finalFrameBlocks : 0;
d->length = totalBlocks / d->sampleRate;
d->bitrate = d->length > 0 ? ((d->streamLength * 8L) / d->length) / 1000 : 0;
uint totalBlocks = 0;
if(totalFrames > 0)
totalBlocks = (totalFrames - 1) * blocksPerFrame + finalFrameBlocks;
if(d->sampleRate > 0)
d->length = totalBlocks / d->sampleRate;
if(d->length > 0)
d->bitrate = ((d->streamLength * 8L) / d->length) / 1000;
}

7
taglib/ape/apetag.cpp
View File

@ -368,10 +368,13 @@ ByteVector APE::Tag::render() const
void APE::Tag::parse(const ByteVector &data)
{
uint pos = 0;
// 11 bytes is the minimum size for an APE item
if(data.size() < 11)
return;
uint pos = 0;
for(uint i = 0; i < d->footer.itemCount() && pos <= data.size() - 11; i++) {
APE::Item item;
item.parse(data.mid(pos));