Changed behavior of ByteVector::toNumber() when overrun

author Tsuda Kageyu <tsuda.kageyu@gmail.com>

Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)

committer Tsuda Kageyu <tsuda.kageyu@gmail.com>

Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)
author Tsuda Kageyu <tsuda.kageyu@gmail.com>
Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)
committer Tsuda Kageyu <tsuda.kageyu@gmail.com>
Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)
diff --git a/taglib/toolkit/tbytevector.cpp b/taglib/toolkit/tbytevector.cpp

index b3c8897fc2c407705f1f46e28671964d44ec2633..84d3f0042c9fa63dde6bb6d2d985c28fe6a5cb52 100644 (file)
--- a/taglib/toolkit/tbytevector.cpp
+++ b/taglib/toolkit/tbytevector.cpp
@@ -299,10 +299,8 @@ ulonglong byteSwap<ulonglong>(ulonglong x)
  template <class T>
  T toNumber(const ByteVector &v, size_t offset, bool mostSignificantByteFirst)
  {
-  if(offset + sizeof(T) > v.size()) {
-    debug("toNumber<T>() -- offset is out of range. Returning 0.");
-    return 0;
-  }
+  if(offset + sizeof(T) > v.size()) 
+    return toNumber<T>(v, offset, v.size() - offset, mostSignificantByteFirst);
  
    // Uses memcpy instead of reinterpret_cast to avoid an alignment exception.
    T tmp;
@@ -322,11 +320,13 @@ T toNumber(const ByteVector &v, size_t offset, bool mostSignificantByteFirst)
  template <class T>
  T toNumber(const ByteVector &v, size_t offset, size_t length, bool mostSignificantByteFirst)
  {
-  if(offset + length > v.size()) {
-    debug("toNumber<T>() -- offset and/or length is out of range. Returning 0.");
+  if(offset >= v.size()) {
+    debug("toNumber<T>() -- No data to convert. Returning 0.");
      return 0;
    }
  
+  length = std::min(length, v.size() - offset);
+
    T sum = 0;
    for(size_t i = 0; i < length; i++) {
      const size_t shift = (mostSignificantByteFirst ? length - 1 - i : i) * 8;
author	Tsuda Kageyu <tsuda.kageyu@gmail.com>
	Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)
committer	Tsuda Kageyu <tsuda.kageyu@gmail.com>
	Mon, 20 May 2013 20:36:01 +0000 (05:36 +0900)