diff options
author | Martijn van Beurden <mvanb1@gmail.com> | 2023-05-11 09:02:04 +0200 |
---|---|---|
committer | Martijn van Beurden <mvanb1@gmail.com> | 2023-05-11 17:20:30 +0200 |
commit | 7ed6f4ff583261cf473d5ab01b5d3eab4789e1c7 (patch) | |
tree | 50a8fa9ddde5401576716dd68a3843e64040f8aa | |
parent | c65ef58924938e2375c427d0cfca6931d278f95c (diff) | |
download | flac-7ed6f4ff583261cf473d5ab01b5d3eab4789e1c7.tar.gz |
Throw error on too large foreign metadata directly
Previously, too large chunks of foreign metadata (> 16MiB) were
signalled by libFLAC, throwing an error upon adding the metadata,
so flac gave a rather vague error back to the user. This commit
adds detection to the foreign metadata handling, so the user gets
a much clearer error.
Credit: Oss-Fuzz
Issue: N/A
-rw-r--r-- | src/flac/foreign_metadata.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/flac/foreign_metadata.c b/src/flac/foreign_metadata.c index 63f982cc..1a638bc9 100644 --- a/src/flac/foreign_metadata.c +++ b/src/flac/foreign_metadata.c @@ -99,7 +99,12 @@ static FLAC__bool compare_data_(FILE *fin, FILE *fout, size_t size, const char * static FLAC__bool append_block_(foreign_metadata_t *fm, FLAC__off_t offset, FLAC__uint32 size, const char **error) { - foreign_block_t *fb = safe_realloc_nofree_muladd2_(fm->blocks, sizeof(foreign_block_t), /*times (*/fm->num_blocks, /*+*/1/*)*/); + foreign_block_t *fb; + if(size >= (1u << FLAC__STREAM_METADATA_LENGTH_LEN)) { + if(error) *error = "found foreign metadata chunk is too large (max is 16MiB per chunk)"; + return false; + } + fb = safe_realloc_nofree_muladd2_(fm->blocks, sizeof(foreign_block_t), /*times (*/fm->num_blocks, /*+*/1/*)*/); if(fb) { fb[fm->num_blocks].offset = offset; fb[fm->num_blocks].size = size; |