shithub: libtags

Info  •  Files  •  Log  •  Branches

wav: do not div by zero; validate sample rate and number of channels

--- a/wav.c

+++ b/wav.c

@@ -18,7 +18,9 @@

 tagwav(Tagctx *ctx)

 {

 	uchar *d;

-	int i, n, info, csz, sz;

+	int i, n, info;

+	u32int csz, x;

+	uvlong sz;

 	d = (uchar*)ctx->buf;

@@ -57,7 +59,10 @@

 			csz -= 16;

 			ctx->channels = le16u(d+2);

 			ctx->samplerate = leuint(d+4);

-			ctx->duration = sz*1000 / leuint(d+8);

+			x = leuint(d+8);

+			if(ctx->channels < 1 || ctx->samplerate < 1 || x < 1)

+				return -1;

+			ctx->duration = sz*1000 / x;

 		}else if(memcmp(d, "LIST", 4) == 0){

 			sz = csz - 4;

 			continue;

@@ -67,7 +72,7 @@

 			csz++;

 			for(n = 0; n < nelem(t); n++){

 				if(memcmp(d, t[n].s, 4) == 0){

-					if(ctx->read(ctx, d, csz) != csz)

+					if(ctx->read(ctx, d, csz) != (int)csz)

 						return -1;

 					d[csz-1] = 0;

 					txtcb(ctx, t[n].type, "", d);