diff options
Diffstat (limited to 'user/taglib/CVE-2017-12678.patch')
-rw-r--r-- | user/taglib/CVE-2017-12678.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/user/taglib/CVE-2017-12678.patch b/user/taglib/CVE-2017-12678.patch new file mode 100644 index 000000000..71081c6d6 --- /dev/null +++ b/user/taglib/CVE-2017-12678.patch @@ -0,0 +1,31 @@ +From cb9f07d9dcd791b63e622da43f7b232adaec0a9a Mon Sep 17 00:00:00 2001 +From: "Stephen F. Booth" <me@sbooth.org> +Date: Sat, 30 Sep 2017 10:15:41 -0500 +Subject: [PATCH] Don't assume TDRC is an instance of TextIdentificationFrame + (#831) + +If TDRC is encrypted, FrameFactory::createFrame() returns UnknownFrame +which causes problems in rebuildAggregateFrames() when it is assumed +that TDRC is a TextIdentificationFrame +--- + taglib/mpeg/id3v2/id3v2framefactory.cpp | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/taglib/mpeg/id3v2/id3v2framefactory.cpp b/taglib/mpeg/id3v2/id3v2framefactory.cpp +index 759a9b7be..9347ab869 100644 +--- a/taglib/mpeg/id3v2/id3v2framefactory.cpp ++++ b/taglib/mpeg/id3v2/id3v2framefactory.cpp +@@ -334,10 +334,11 @@ void FrameFactory::rebuildAggregateFrames(ID3v2::Tag *tag) const + tag->frameList("TDAT").size() == 1) + { + TextIdentificationFrame *tdrc = +- static_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front()); ++ dynamic_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front()); + UnknownFrame *tdat = static_cast<UnknownFrame *>(tag->frameList("TDAT").front()); + +- if(tdrc->fieldList().size() == 1 && ++ if(tdrc && ++ tdrc->fieldList().size() == 1 && + tdrc->fieldList().front().size() == 4 && + tdat->data().size() >= 5) + { |