mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-24 18:51:11 +00:00
Code Issues 1 Projects Releases Wiki Activity

id3tag: Correctly validate the year from v1 tags before passing to GstDateTime

Browse source 
By using strtoul(), invalid values will get mapped to MAXULONG and we
would have to check errno. They won't get mapped to 0.

To solve this, use the signed g_ascii_strtoll(). This will map errors to
0 or G_MAXINT64 or G_MININT64, and the valid range for GstDateTime is >
0 and <= 9999 so we can directly check for this here.

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/issues/384
This commit is contained in:
Sebastian Dröge 2019-04-26 09:44:07 +03:00
parent e8450397c0
commit 7095b7c47a
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
gst-libs/gst/tag/gstid3tag.c
View file

@ -262,7 +262,7 @@ gst_tag_extract_id3v1_string (GstTagList * list, const gchar * tag,
GstTagList * GstTagList *
gst_tag_list_new_from_id3v1 (const guint8 * data) gst_tag_list_new_from_id3v1 (const guint8 * data)
{ {
guint year; gint64 year;
gchar *ystr; gchar *ystr;
GstTagList *list; GstTagList *list;
@ -275,9 +275,9 @@ gst_tag_list_new_from_id3v1 (const guint8 * data)
gst_tag_extract_id3v1_string (list, GST_TAG_ARTIST, (gchar *) & data[33], 30); gst_tag_extract_id3v1_string (list, GST_TAG_ARTIST, (gchar *) & data[33], 30);
gst_tag_extract_id3v1_string (list, GST_TAG_ALBUM, (gchar *) & data[63], 30); gst_tag_extract_id3v1_string (list, GST_TAG_ALBUM, (gchar *) & data[63], 30);
ystr = g_strndup ((gchar *) & data[93], 4); ystr = g_strndup ((gchar *) & data[93], 4);
year = strtoul (ystr, NULL, 10); year = g_ascii_strtoll (ystr, NULL, 10);
g_free (ystr); g_free (ystr);
if (year > 0) { if (year > 0 && year <= 9999) {
GstDateTime *dt = gst_date_time_new_y (year); GstDateTime *dt = gst_date_time_new_y (year);
gst_tag_list_add (list, GST_TAG_MERGE_REPLACE, GST_TAG_DATE_TIME, dt, NULL); gst_tag_list_add (list, GST_TAG_MERGE_REPLACE, GST_TAG_DATE_TIME, dt, NULL);