[flac-dev] [PATCH] image embedding can result in flac file corruption
Erik de Castro Lopo
mle+la at mega-nerd.com
Sun May 1 11:25:22 UTC 2016
lvqcl wrote:
> Currently it's possible to corrupt FLAC file with flac and metaflac tools.
> If image filesize is just slightly less than 2^24 bytes then the size of
> PICTURE metadata block will be more that this limit.
>
> The first patch (fix1.patch) adds additional check in /share/grabbag/picture.c/read_file()
> and removes rather useless check from FLAC__metadata_object_picture_set_data().
>
> It's enough to fix the command-line tools, but I think that it also makes
> sense to add additional checks into libFLAC library; so fix2.patch adds
> two checks of metadata block length.
Applied. Thanks.
Erik
--
----------------------------------------------------------------------
Erik de Castro Lopo
http://www.mega-nerd.com/
More information about the flac-dev
mailing list