From: Tsuda Kageyu <tsuda.kageyu@gmail.com>
Date: Thu, 1 Jan 2015 10:54:17 +0000 (+0900)
Subject: Fix a segfault when reading faulty Ogg/FLAC files.
X-Git-Tag: v1.10beta~130^2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5ebb2ece80387e60abca5bec0dc65f02391ee5f9;p=taglib

Fix a segfault when reading faulty Ogg/FLAC files.
---

diff --git a/taglib/ogg/flac/oggflacfile.cpp b/taglib/ogg/flac/oggflacfile.cpp
index bdf82459..0c1d61b6 100644
--- a/taglib/ogg/flac/oggflacfile.cpp
+++ b/taglib/ogg/flac/oggflacfile.cpp
@@ -103,7 +103,7 @@ PropertyMap Ogg::FLAC::File::properties() const
 PropertyMap Ogg::FLAC::File::setProperties(const PropertyMap &properties)
 {
   return d->comment->setProperties(properties);
-}  
+}
 
 Properties *Ogg::FLAC::File::audioProperties() const
 {
@@ -233,7 +233,12 @@ void Ogg::FLAC::File::scan()
 
   }
 
-  header = metadataHeader.mid(0,4);
+  header = metadataHeader.mid(0, 4);
+  if(header.size() < 4) {
+    debug("Ogg::FLAC::File::scan() -- Invalid Ogg/FLAC metadata header");
+    return;
+  }
+
   // Header format (from spec):
   // <1> Last-metadata-block flag
   // <7> BLOCK_TYPE
diff --git a/tests/data/segfault.oga b/tests/data/segfault.oga
new file mode 100644
index 00000000..e23c2170
Binary files /dev/null and b/tests/data/segfault.oga differ
diff --git a/tests/test_oggflac.cpp b/tests/test_oggflac.cpp
index 1cdb24b0..975af44e 100644
--- a/tests/test_oggflac.cpp
+++ b/tests/test_oggflac.cpp
@@ -15,6 +15,7 @@ class TestOggFLAC : public CppUnit::TestFixture
 {
   CPPUNIT_TEST_SUITE(TestOggFLAC);
   CPPUNIT_TEST(testFramingBit);
+  CPPUNIT_TEST(testFuzzedFile);
   CPPUNIT_TEST_SUITE_END();
 
 public:
@@ -39,6 +40,12 @@ public:
     delete f;
   }
 
+  void testFuzzedFile()
+  {
+    Ogg::FLAC::File f(TEST_FILE_PATH_C("segfault.oga"));
+    CPPUNIT_ASSERT(!f.isValid());
+  }
+
 };
 
 CPPUNIT_TEST_SUITE_REGISTRATION(TestOggFLAC);