ref: 7f2e62296514bacfb0ea7d5abf42dc8ccee1aedd
parent: f05b8af71e41c37d868986b5147879fc5a437dbe
author: Sigrid Solveig Haflínudóttir <ftrvxmtrx@gmail.com>
date: Wed Mar 30 16:28:03 EDT 2022
libtags: id3v2: make sure extra id3 tag does not cause infinite loop
--- a/sys/src/cmd/audio/libtags/id3v2.c
+++ b/sys/src/cmd/audio/libtags/id3v2.c
@@ -366,6 +366,7 @@
{int sz, exsz, framesz;
int ver, unsync, offset;
+ int oldpos, newpos;
uchar d[10], *b;
if(ctx->read(ctx, d, sizeof(d)) != sizeof(d))
@@ -378,6 +379,7 @@
return 0;
}
+ oldpos = 0;
header:
ver = d[3];
unsync = d[5] & (1<<7);
@@ -449,11 +451,13 @@
if(ctx->read(ctx, ctx->buf, sz) != sz)
break;
for(b = (uchar*)ctx->buf; (b = memchr(b, 'I', sz - 1 - ((char*)b - ctx->buf))) != nil; b++){- ctx->seek(ctx, (char*)b - ctx->buf + offset + exsz, 0);
+ newpos = ctx->seek(ctx, (char*)b - ctx->buf + offset + exsz, 0);
if(ctx->read(ctx, d, sizeof(d)) != sizeof(d))
return 0;
- if(isid3(d))
+ if(isid3(d) && newpos != oldpos){+ oldpos = newpos;
goto header;
+ }
}
for(b = (uchar*)ctx->buf; (b = memchr(b, 0xff, sz-3)) != nil; b++){ if((b[1] & 0xe0) == 0xe0){