flac/encode.c: Limit padding size
authorErik de Castro Lopo <erikd@mega-nerd.com>
Fri, 8 Jan 2016 23:35:23 +0000 (10:35 +1100)
committerErik de Castro Lopo <erikd@mega-nerd.com>
Fri, 8 Jan 2016 23:38:48 +0000 (10:38 +1100)
This prevents a too large padding value overflowing the block length.

Patch-from: lvqcl <lvqcl.mail@gmail.com>
Closes: https://sourceforge.net/p/flac/bugs/284/

src/flac/encode.c

index 030409c..afa0e86 100644 (file)
@@ -2012,6 +2012,7 @@ FLAC__bool EncoderSession_init_encoder(EncoderSession *e, encode_options_t optio
                                p = e->total_samples_to_encode / sample_rate < 20*60? FLAC_ENCODE__DEFAULT_PADDING : FLAC_ENCODE__DEFAULT_PADDING*8;
                        if(p > 0)
                                p += (e->replay_gain ? GRABBAG__REPLAYGAIN_MAX_TAG_SPACE_REQUIRED : 0);
+                       p = min(p, (int)((1u << FLAC__STREAM_METADATA_LENGTH_LEN) - 1));
                        if(options.padding != 0) {
                                if(p > 0 && flac_decoder_data->num_metadata_blocks < sizeof(flac_decoder_data->metadata_blocks)/sizeof(flac_decoder_data->metadata_blocks[0])) {
                                        flac_decoder_data->metadata_blocks[flac_decoder_data->num_metadata_blocks] = FLAC__metadata_object_new(FLAC__METADATA_TYPE_PADDING);
@@ -2069,6 +2070,7 @@ FLAC__bool EncoderSession_init_encoder(EncoderSession *e, encode_options_t optio
                        padding.is_last = false; /* the encoder will set this for us */
                        padding.type = FLAC__METADATA_TYPE_PADDING;
                        padding.length = (unsigned)(options.padding>0? options.padding : (e->total_samples_to_encode / sample_rate < 20*60? FLAC_ENCODE__DEFAULT_PADDING : FLAC_ENCODE__DEFAULT_PADDING*8)) + (e->replay_gain ? GRABBAG__REPLAYGAIN_MAX_TAG_SPACE_REQUIRED : 0);
+                       padding.length = min(padding.length, (1u << FLAC__STREAM_METADATA_LENGTH_LEN) - 1);
                        static_metadata_append(&static_metadata, &padding, /*needs_delete=*/false);
                }
                metadata = static_metadata.metadata;