From b72767df8e4f496da36138aa7127e408c1cde7f8 Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Tue, 26 Jun 2012 18:54:00 +0200
Subject: [PATCH] apetag: fix the amount of data read from binary tags.

Substract the filename size from the data size.
---
 libavformat/apetag.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libavformat/apetag.c b/libavformat/apetag.c
index e5c839ea34d..f8653d3ce71 100644
--- a/libavformat/apetag.c
+++ b/libavformat/apetag.c
@@ -59,7 +59,12 @@ static int ape_tag_read_field(AVFormatContext *s)
         AVStream *st = avformat_new_stream(s, NULL);
         if (!st)
             return AVERROR(ENOMEM);
-        avio_get_str(pb, size, filename, sizeof(filename));
+
+        size -= avio_get_str(pb, size, filename, sizeof(filename));
+        if (size <= 0) {
+            av_log(s, AV_LOG_WARNING, "Skipping binary tag '%s'.\n", key);
+            return 0;
+        }
         st->codec->extradata = av_malloc(size + FF_INPUT_BUFFER_PADDING_SIZE);
         if (!st->codec->extradata)
             return AVERROR(ENOMEM);
-- 
GitLab