ref: 7f553b165c409eb9c64fd482315e41d95ce849f5
parent: 2499f8d36000abf9c67727b98da93ecbd004cf29
author: Sigrid Solveig Haflínudóttir <sigrid@ftrv.se>
date: Tue Mar 5 20:28:11 EST 2024
id3v2: APIC: null-terminate before calling strlen for safety
--- a/id3v2.c
+++ b/id3v2.c
@@ -164,7 +164,8 @@
f = unsync ? unsyncread : nil;
if(strcmp((char*)d, "APIC") == 0){offset = ctx->seek(ctx, 0, 1);
- if((n = ctx->read(ctx, tag, 256)) == 256){ /* APIC mime and description should fit */+ if((n = ctx->read(ctx, tag, 255)) == 255){ /* APIC mime and description should fit */+ tag[255] = 0;
b = tag + 1; /* mime type */
for(n = 1 + strlen(b) + 2; n < 253; n++){ if(tag[0] == 0 || tag[0] == 3){ /* one zero byte */