[tracker-miners] extract/mp3: Make clearer checks on offsets read from file
- From: Carlos Garnacho <carlosg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [tracker-miners] extract/mp3: Make clearer checks on offsets read from file
- Date: Tue, 22 Aug 2017 16:46:49 +0000 (UTC)
commit be8b2673bf8cafbe1c40c06cad0e6262f9129ae2
Author: Carlos Garnacho <carlosg gnome org>
Date: Sun Aug 13 12:41:22 2017 +0200
extract/mp3: Make clearer checks on offsets read from file
Put these on one side of the operand without added values.
Spotted by Coverity (CID #162187) (Tentative fix)
https://bugzilla.gnome.org/show_bug.cgi?id=786539
src/tracker-extract/tracker-extract-mp3.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
---
diff --git a/src/tracker-extract/tracker-extract-mp3.c b/src/tracker-extract/tracker-extract-mp3.c
index 83bbd1d..e89849c 100644
--- a/src/tracker-extract/tracker-extract-mp3.c
+++ b/src/tracker-extract/tracker-extract-mp3.c
@@ -1852,7 +1852,7 @@ parse_id3v24 (const gchar *data,
* tag size (tsize) does not include the header which is 10
* bytes, so we check that there is some content AFTER the
* headers. */
- if (tsize + header_size > size) {
+ if (tsize > size - header_size) {
g_message ("[v24] Expected MP3 tag size and header size to be within file size boundaries");
return;
}
@@ -1874,7 +1874,7 @@ parse_id3v24 (const gchar *data,
* simply the total tag size excluding the frames and
* the headers, in other words the padding.
*/
- if (tsize + header_size + ext_header_size > size) {
+ if (ext_header_size > size - header_size - tsize) {
g_message ("[v24] Expected MP3 tag size and extended header size to be within file
size boundaries");
return;
}
@@ -1917,7 +1917,7 @@ parse_id3v24 (const gchar *data,
csize = (size_t) extract_uint32_7bit (&data[pos + 4]);
- if (pos + frame_size + csize > size) {
+ if (csize > size - frame_size - pos) {
g_debug ("[v24] Size of current frame '%s' (%" G_GSIZE_FORMAT ") "
"exceeds file boundaries (%" G_GSIZE_FORMAT "), "
"not processing any more frames",
@@ -2054,7 +2054,7 @@ parse_id3v23 (const gchar *data,
* tag size (tsize) does not include the header which is 10
* bytes, so we check that there is some content AFTER the
* headers. */
- if (tsize + header_size > size) {
+ if (tsize > size - header_size) {
g_message ("[v23] Expected MP3 tag size and header size to be within file size boundaries");
return;
}
@@ -2076,7 +2076,7 @@ parse_id3v23 (const gchar *data,
* simply the total tag size excluding the frames and
* the headers, in other words the padding.
*/
- if (tsize + header_size + ext_header_size > size) {
+ if (ext_header_size > size - header_size - tsize) {
g_message ("[v23] Expected MP3 tag size and extended header size to be within file
size boundaries");
return;
}
@@ -2113,7 +2113,7 @@ parse_id3v23 (const gchar *data,
csize = (size_t) extract_uint32 (&data[pos + 4]);
- if (pos + frame_size + csize > size) {
+ if (csize > size - frame_size - pos) {
g_debug ("[v23] Size of current frame '%s' (%" G_GSIZE_FORMAT ") "
"exceeds file boundaries (%" G_GSIZE_FORMAT "), "
"not processing any more frames",
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]