Patch to fix TagLib crash-inducing bug
Umesh Shankar
ushankar at cs.berkeley.edu
Tue May 17 01:43:49 CEST 2005
At the bottom of this message is a patch to TagLib to handle a bug when
it converts old 3-character ID3v2 frame types to 4-character frame
types. Basically, early in the function you had
frameID = header->FrameID();
then
updateFrame(header);
which *changes* the value of header->FrameID().
At this point, frameID holds an old, incorrect value. The result is that
the true frameID is "APIC" or "COMM" or whatever, but the class returned
is UnknownFrame. Naturally this causes a problem with applications that
assume the type of the Frame class from the frame ID. I added a line of
code which re-assigns frameID = header->FrameID() after the update,
which causes the right class to be instantiated.
This was discovered as an amaroK crash by Mark Kretschmann, who also
supplied the test case. (Mark: the comment field seems to contain bogus
data as well.)
I can't vouch for this being a total solution, since I haven't tested
other similar cases, but it seemed to work for me in that amaroK did not
crash.
Umesh
===================================================================
RCS file: /home/kde/kdesupport/taglib/mpeg/id3v2/id3v2framefactory.cpp,v
retrieving revision 1.30
diff -u -3 -p -r1.30 id3v2framefactory.cpp
--- mpeg/id3v2/id3v2framefactory.cpp 20 Oct 2004 23:34:55 -0000 1.30
+++ mpeg/id3v2/id3v2framefactory.cpp 16 May 2005 23:29:13 -0000
@@ -103,6 +103,8 @@ Frame *FrameFactory::createFrame(const B
return 0;
}
+ frameID = header->frameID();
+
// This is where things get necissarily nasty. Here we determine which
// Frame subclass (or if none is found simply an Frame) based
// on the frame ID. Since there are a lot of possibilities, that means
us
More information about the taglib-devel
mailing list