Rockbox.org home
release
dev builds
extras
themes manual
wiki
device status forums
mailing lists
IRC bugs
patches
dev guide



Rockbox mail archive

Subject: Re: Tracknum

Re: Tracknum

From: Magnus Holmgren <lear_at_algonet.se>
Date: Sun, 18 Aug 2002 20:27:45 +0200

Magnus Holmgren wrote:
>
> Den 16 Aug 2002 skrev Daniel Stenberg:
>
> > > An easy fix (that seems to work) is to remove the size check in id3.c at
> > > line 605, that is, the "entry->id3v2len <= sizeof( entry->id3v2buf )" part.
> > > The ID3V2 loader will only read up to the size of the buffer anyway.
> >
> > The buffer it stores the data in is only sizeof(entry->id3v2buf) bytes large,
> > if you remove the check it means it'll do a buffer overflow. Won't it?
>
> The ID3V2 code will not read more than fits in the buffer (check the
> read statement). Thus, there should be no buffer overflow. But there
> might be problems during parse... (I do have problems with a few
> files, but I don't know why yet; will take a look at it later
> today.)

Typical. Each and every recognized tag contains this code snippet:

  if(headerlen > (size - readsize))
      headerlen = (size - readsize);

However, unknown tags do not get this treatment. Hence, if there is tag
data - with an unsupported frame at the end of the buffer - there will
be problems due to a wraparound (in the while loop). Easy to fix; added
the above snippet to the "unknown tag" case (might be a good idea to
make the while loop a bit more robust though).

-- 
Magnus Holmgren
Received on 2002-08-18

Page template was last modified "Sat Sep 18 20:21:06 2021" The Rockbox Crew -- Privacy Policy