Skip to content
Snippets Groups Projects
Commit b655cfef authored by Xi Wang's avatar Xi Wang Committed by Anton Khirnov
Browse files

apetag: fix error handling in ff_ape_parse_tag() 


The following error handling is broken due to signedness.

    int file_size;
    uint32_t tag_bytes;
    int64_t tag_start;
    ...
    tag_start = file_size - tag_bytes - APE_TAG_FOOTER_BYTES;
    if (tag_start < 0) { ... }

Note that tag_bytes is unsigned, which makes the right-hand side of
`tag_start = ...' unsigned, too.  The 32-bit unsigned value is then
zero-extended to 64 bits.  Therefore, tag_start must be non-negative,
and the check (tag_start < 0) is always false, which breaks the error
handling.  This patch fixes the check.

Signed-off-by: default avatarXi Wang <xi.wang@gmail.com>
Signed-off-by: default avatarAnton Khirnov <anton@khirnov.net>
parent 17fecb4a
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 2 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment