[pkg-mad-maintainers] [daper@daper.net: libid3tag0: Some mp3 files
can cause a segfault.]
Damian Pietras
daper at daper.net
Fri Jan 6 20:36:33 UTC 2006
I've reported this bug using bugreport in December, but I received no
answer, so I'm mailing it directly to the maintainer's address.
----- Forwarded message from Damian Pietras <daper at daper.net> -----
From: Damian Pietras <daper at daper.net>
To: Ubuntu Bug Tracking System <ubuntu-users at lists.ubuntu.com>
Subject: libid3tag0: Some mp3 files can cause a segfault.
Package: libid3tag0
Version: 0.15.1b-7
Severity: normal
Tags: patch
Patch 12_endless_loop included in Debian win libid3tag sauses a segfault
on some mp3 files. Example file is:
http://users.lin.one.pl/~daper/pub/libid3tag-debian-bug.mp3
(File was cut off to 16KB, but still shhows the bug). Tags are read
properly by libid3tag without any patches and by XMMS.
To see the bug, download the file and use
madplay -v libid3tag-debian-bug.mp3
This patch can be used to fix it:
--- libid3tag-0.15.1b/compat.c 2004-02-17 03:34:39.000000000 +0100
+++ libid3tag-0.15.1b-fixed/compat.c 2005-12-25 12:46:17.000000000 +0100
@@ -443,6 +443,9 @@
encoding = id3_parse_uint(&data, 1);
string = id3_parse_string(&data, end - data, encoding, 0);
+ if (!string)
+ continue;
+
if (id3_ucs4_length(string) < 4) {
free(string);
continue;
-- System Information:
Debian Release: testing/unstable
APT prefers breezy-security
APT policy: (500, 'breezy-security'), (500, 'breezy-backports'), (500, 'breezy')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-rc4
Locale: LANG=en_US.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Versions of packages libid3tag0 depends on:
ii libc6 2.3.5-1ubuntu12 GNU C Library: Shared libraries an
ii zlib1g 1:1.2.3-3ubuntu4 compression library - runtime
libid3tag0 recommends no packages.
-- no debconf information
--- libid3tag-0.15.1b/compat.c 2004-02-17 03:34:39.000000000 +0100
+++ libid3tag-0.15.1b-fixed/compat.c 2005-12-25 12:46:17.000000000 +0100
@@ -443,6 +443,9 @@
encoding = id3_parse_uint(&data, 1);
string = id3_parse_string(&data, end - data, encoding, 0);
+ if (!string)
+ continue;
+
if (id3_ucs4_length(string) < 4) {
free(string);
continue;
----- End forwarded message -----
--
Damian Pietras
More information about the pkg-mad-maintainers
mailing list