Fix a segfault when reading faulty Ogg/FLAC files.

diff --git a/taglib/ogg/flac/oggflacfile.cpp b/taglib/ogg/flac/oggflacfile.cpp
index bdf824595c9ef988df3463c8ff04f248e6d0b87a..0c1d61b65b1d76d83259f055a44dd68924615e81 100644 (file)
--- a/taglib/ogg/flac/oggflacfile.cpp
+++ b/taglib/ogg/flac/oggflacfile.cpp
@@ -103,7 +103,7 @@ PropertyMap Ogg::FLAC::File::properties() const
 PropertyMap Ogg::FLAC::File::setProperties(const PropertyMap &properties)
 {
   return d->comment->setProperties(properties);
-}  
+}
 
 Properties *Ogg::FLAC::File::audioProperties() const
 {
@@ -233,7 +233,12 @@ void Ogg::FLAC::File::scan()
 
   }
 
-  header = metadataHeader.mid(0,4);
+  header = metadataHeader.mid(0, 4);
+  if(header.size() < 4) {
+    debug("Ogg::FLAC::File::scan() -- Invalid Ogg/FLAC metadata header");
+    return;
+  }
+
   // Header format (from spec):
   // <1> Last-metadata-block flag
   // <7> BLOCK_TYPE

diff --git a/tests/data/segfault.oga b/tests/data/segfault.oga
new file mode 100644 (file)
index 0000000..e23c217
Binary files /dev/null and b/tests/data/segfault.oga differ

diff --git a/tests/test_oggflac.cpp b/tests/test_oggflac.cpp
index 1cdb24b035f874ad95f7db6275337dcdc99c5c62..975af44ed5f4c7f2fa2c8edc909c681cc250513c 100644 (file)
--- a/tests/test_oggflac.cpp
+++ b/tests/test_oggflac.cpp
@@ -15,6 +15,7 @@ class TestOggFLAC : public CppUnit::TestFixture
 {
   CPPUNIT_TEST_SUITE(TestOggFLAC);
   CPPUNIT_TEST(testFramingBit);
+  CPPUNIT_TEST(testFuzzedFile);
   CPPUNIT_TEST_SUITE_END();
 
 public:
@@ -39,6 +40,12 @@ public:
     delete f;
   }
 
+  void testFuzzedFile()
+  {
+    Ogg::FLAC::File f(TEST_FILE_PATH_C("segfault.oga"));
+    CPPUNIT_ASSERT(!f.isValid());
+  }
+
 };
 
 CPPUNIT_TEST_SUITE_REGISTRATION(TestOggFLAC);