shithub: mp3dec

Download patch

ref: f618f1d98ceef22c163ad210167f2a02c5916e17
parent: 977514a6dfc4960d819a103f43b358e58ac6c28f
author: lieff <[email protected]>
date: Fri Oct 25 08:18:38 EDT 2019

check id3v2size exceeds input buffer size

--- a/minimp3_ex.h
+++ b/minimp3_ex.h
@@ -73,6 +73,8 @@
     {
         size_t id3v2size = (((buf[6] & 0x7f) << 21) | ((buf[7] & 0x7f) << 14) |
             ((buf[8] & 0x7f) << 7) | (buf[9] & 0x7f)) + 10;
+        if (id3v2size >= buf_size)
+            id3v2size = buf_size;
         buf      += id3v2size;
         buf_size -= id3v2size;
     }