shithub: libtags

Download patch

ref: 5e7d1c7c613f0d46b9266a43b941d33ea8d88d32
parent: c7a0c41e289892e039f4da3b37568142964620c0
author: Sigrid Solveig Haflínudóttir <[email protected]>
date: Tue Mar 5 20:29:51 EST 2024

id3v2: deal with invalid text tag sizes

--- a/id3v2.c
+++ b/id3v2.c
@@ -214,7 +214,9 @@
 {
 	char *b, *tag;
 
-	if(ctx->bufsz >= tsz+1){
+	if(tsz < 0)
+		return -1;
+	if(ctx->bufsz > tsz){
 		/* place the data at the end to make best effort at charset conversion */
 		tag = &ctx->buf[ctx->bufsz - tsz - 1];
 		if(ctx->read(ctx, tag, tsz) != tsz)