mp3utils.c: add paranoid checks for MusicMatch tags - enabled for now.
authorOzkan Sezer
Wed, 11 Dec 2019 18:55:02 +0300
changeset 1075915b41920c70
parent 1074 c7c4d55152af
child 1076 c3eace8f616a
mp3utils.c: add paranoid checks for MusicMatch tags - enabled for now.
src/codecs/mp3utils.c
     1.1 --- a/src/codecs/mp3utils.c	Wed Dec 11 17:50:10 2019 +0300
     1.2 +++ b/src/codecs/mp3utils.c	Wed Dec 11 18:55:02 2019 +0300
     1.3 @@ -168,6 +168,7 @@
     1.4      if (SDL_memcmp(data,"LYRICSBEGIN",11) == 0) return SDL_TRUE;
     1.5      return SDL_FALSE;
     1.6  }
     1.7 +#define MMTAG_PARANOID
     1.8  static SDL_INLINE SDL_bool is_musicmatch(const unsigned char *data, long length) {
     1.9    /* From docs/musicmatch.txt in id3lib: https://sourceforge.net/projects/id3lib/
    1.10       Overall tag structure:
    1.11 @@ -193,7 +194,7 @@
    1.12        |      Footer (48 bytes)      |
    1.13        +-----------------------------+
    1.14       */
    1.15 -    if (length < 48) return 0;
    1.16 +    if (length < 48) return SDL_FALSE;
    1.17      /* sig: 19 bytes company name + 13 bytes space */
    1.18      if (SDL_memcmp(data,"Brava Software Inc.             ",32) != 0) {
    1.19          return SDL_FALSE;
    1.20 @@ -203,14 +204,19 @@
    1.21          !SDL_isdigit(data[34]) ||!SDL_isdigit(data[35])) {
    1.22          return SDL_FALSE;
    1.23      }
    1.24 +    #ifdef MMTAG_PARANOID
    1.25      /* [36..47]: 12 bytes trailing space */
    1.26 +    for (length = 36; length < 48; ++length) {
    1.27 +        if (data[length] != ' ') return SDL_FALSE;
    1.28 +    }
    1.29 +    #endif
    1.30      return SDL_TRUE;
    1.31  }
    1.32  static SDL_INLINE long get_musicmatch_len(struct mp3file_t *m) {
    1.33      const Sint32 metasizes[4] = { 7868, 7936, 8004, 8132 };
    1.34      const unsigned char syncstr[10] = {'1','8','2','7','3','6','4','5',0,0};
    1.35 -    unsigned char buf[20];
    1.36 -    Sint32 i, imgext_ofs, version_ofs;
    1.37 +    unsigned char buf[256];
    1.38 +    Sint32 i, j, imgext_ofs, version_ofs;
    1.39      long len;
    1.40  
    1.41      /* calc. the image extension section ofs */
    1.42 @@ -228,23 +234,41 @@
    1.43          len = metasizes[i] + 48 + 20 + 256;
    1.44          if (m->length < len) return -1;
    1.45          MP3_RWseek(m, -len, RW_SEEK_END);
    1.46 -        MP3_RWread(m, buf, 1, 10);
    1.47 +        MP3_RWread(m, buf, 1, 256);
    1.48          /* [0..9]: sync string, [30..255]: 0x20 */
    1.49 +        #ifdef MMTAG_PARANOID
    1.50 +        for (j = 30; j < 256; ++j) {
    1.51 +            if (buf[j] != ' ') break;
    1.52 +        }
    1.53 +        if (j < 256) continue;
    1.54 +        #endif
    1.55          if (SDL_memcmp(buf, syncstr, 10) == 0) {
    1.56              break;
    1.57          }
    1.58      }
    1.59      if (i == 4) return -1; /* no luck. */
    1.60 +    (void) (j = 0);
    1.61 +    #ifdef MMTAG_PARANOID
    1.62 +    /* unused section: (4 bytes of 0x00) */
    1.63 +    MP3_RWseek(m, -(len + 4), RW_SEEK_END);
    1.64 +    MP3_RWread(m, buf, 1, 4);
    1.65 +    if (SDL_memcmp(buf, &j, 4) != 0) return -1;
    1.66 +    #endif
    1.67      len += (version_ofs - imgext_ofs);
    1.68      if (m->length < len) return -1;
    1.69      if (m->length < len + 256) return len;
    1.70      /* try finding the optional header */
    1.71      MP3_RWseek(m, -(len + 256), RW_SEEK_END);
    1.72 -    MP3_RWread(m, buf, 1, 10);
    1.73 +    MP3_RWread(m, buf, 1, 256);
    1.74      /* [0..9]: sync string, [30..255]: 0x20 */
    1.75      if (SDL_memcmp(buf, syncstr, 10) != 0) {
    1.76          return len;
    1.77      }
    1.78 +    #ifdef MMTAG_PARANOID
    1.79 +    for (j = 30; j < 256; ++j) {
    1.80 +        if (buf[j] != ' ') return len;
    1.81 +    }
    1.82 +    #endif
    1.83      return len + 256; /* header is present. */
    1.84  }
    1.85