[pkg-mad-maintainers] [Fwd: Re: Regarding debian bug #405801.]

Andreas Henriksson andreas at fatal.se
Sat Jan 13 18:45:36 CET 2007 

reassign 405801 libid3tag0
tags 405801 + patch
thanks

libid3tag doesn't gracefully handle unexpected values in the
files id3 encoding. Below is one such occation when id3_parse_uint
apparently returns 50 (which I have no idea how it can be stored in an
enum which doesn't contain a definition for 50).
The "id3_parse_string" function doesn't have a default case in it's
switch to catch this but (by accident?) happens to return NULL for this
case. No error checking seems to be done in this particular caller to
see if id3_parse_string returns NULL.



Breakpoint 1, id3_parse_string (ptr=0x7fff9f1ca748, length=3, encoding=50,
    full=0) at parse.c:151
151       id3_ucs4_t *ucs4 = 0;
(gdb)
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x00002ba50c26e201 in id3_ucs4_length (ucs4=0x0) at ucs4.c:46
46        while (*ptr)




(gdb) bt
#0  0x00002b0327337201 in id3_ucs4_length (ucs4=0x0) at ucs4.c:46
#1  0x00002b032733c07e in id3_compat_fixup (tag=0x57d400) at compat.gperf:240
#2  0x00002b032733f5a5 in v2_parse (ptr=0x57da8d "") at tag.c:612
#3  0x00002b032733f6f1 in id3_tag_parse (data=0x57d6c0 "ID3\003", length=2008)
    at tag.c:665
#4  0x000000000042f399 in getId3Tag (stream=0x57d480, offset=0, whence=0)
    at /tmp/rc/mpd-0.12.1/./src/tag.c:255
#5  0x000000000042f3d3 in findId3TagFromBeginning (stream=0x57d480)
    at /tmp/rc/mpd-0.12.1/./src/tag.c:271
#6  0x000000000042f5c1 in id3Dup (
    file=0x544940 "/var/lib/mpd/music/09-ТаÑ\200Ñ\202ак, ТÐ\235Ð\234Ð\232 _ Ð\235о паÑ\201аÑ\200ан!.mp3") at /tmp/rc/mpd-0.12.1/./src/tag.c:342
#7  0x0000000000410a94 in mp3_tagDup (
    file=0x544940 "/var/lib/mpd/music/09-ТаÑ\200Ñ\202ак, ТÐ\235Ð\234Ð\232 _ Ð\235о паÑ\201аÑ\200ан!.mp3")
    at /tmp/rc/mpd-0.12.1/./src/inputPlugins/mp3_plugin.c:1060
#8  0x000000000042de18 in newSong (
    url=0x57d1a0 "09-Ã\220¢Ã\220°Ã\221Â\200Ã\221Â\202Ã\220°Ã\220º, Ã\220¢Ã\220Â\235Ã\220Â\234Ã\220Â\232 _ Ã\220Â\235Ã\220¾ Ã\220¿Ã\220°Ã\221Â\201Ã\220°Ã\221Â\200Ã\220°Ã\220½!.mp3", type=1, parentDir=0x57c010)
    at /tmp/rc/mpd-0.12.1/./src/song.c:76
#9  0x000000000042df67 in addSongToList (list=0x57c080,
    url=0x57d1a0 "09-Ã\220¢Ã\220°Ã\221Â\200Ã\221Â\202Ã\220°Ã\220º, Ã\220¢Ã\
---Type <return> to continue, or q <return> to quit---




The attached patch should fix the problem.

Please verify for correctness! (The problem might be deeper, are we
looking at the wrong byte in the file for the encoding? Am I just
papering over a symptom of another bug?)



-- 
Regards,
Andreas Henriksson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libid3tag-id3enc.diff
Type: text/x-patch
Size: 1469 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-mad-maintainers/attachments/20070113/8b4a1cb2/libid3tag-id3enc.bin

More information about the pkg-mad-maintainers mailing list