Skip to content

Commit

Permalink
Merge pull request #1889 from nextcloud/backport/1888/stable29
Browse files Browse the repository at this point in the history
[stable29] chore(mp3info): apply upstream patch for invalid array access
  • Loading branch information
kesselb authored Jul 6, 2024
2 parents 085f84a + 98ff7a6 commit d8dff58
Show file tree
Hide file tree
Showing 5 changed files with 58 additions and 7 deletions.
32 changes: 32 additions & 0 deletions .patches/mp3info-check-array-key.diff
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
diff --git a/src/Mp3Info.php b/src/Mp3Info.php
index 257b147..17e4074 100644
--- a/src/Mp3Info.php
+++ b/src/Mp3Info.php
@@ -373,7 +373,6 @@ private function readMpegFrame($fp) {

switch ($header_bytes[1] >> 3 & 0b11) {
case 0b00: $this->codecVersion = self::MPEG_25; break;
- case 0b01: $this->codecVersion = self::CODEC_UNDEFINED; break;
case 0b10: $this->codecVersion = self::MPEG_2; break;
case 0b11: $this->codecVersion = self::MPEG_1; break;
}
@@ -384,6 +383,9 @@ private function readMpegFrame($fp) {
case 0b11: $this->layerVersion = self::LAYER_1; break;
}

+ if (!isset($this->codecVersion) || !isset($this->layerVersion) || !isset($header_bytes[2])) {
+ throw new \Exception('Unrecognized codecVersion or layerVersion headers!');
+ }
$this->bitRate = self::$_bitRateTable[$this->codecVersion][$this->layerVersion][$header_bytes[2] >> 4];
$this->sampleRate = self::$_sampleRateTable[$this->codecVersion][($header_bytes[2] >> 2) & 0b11];

@@ -394,6 +396,9 @@ private function readMpegFrame($fp) {
case 0b11: $this->channel = self::MONO; break;
}

+ if (!isset($this->channel)) {
+ throw new \Exception('Unrecognized channel header!');
+ }
$vbr_offset = self::$_vbrOffsets[$this->codecVersion][$this->channel == self::MONO ? 0 : 1];

// check for VBR
14 changes: 8 additions & 6 deletions composer.patches.json
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
{
"patches": {
"sabre/dav": {
"Fix getNodeForPath cache": ".patches/fix-cache-for-node.diff"
}

}
"patches": {
"sabre/dav": {
"Fix getNodeForPath cache": ".patches/fix-cache-for-node.diff"
},
"wapmorgan/mp3info": {
"generate exception if codec/layer versions or channel headers are unrecognized": ".patches/mp3info-check-array-key.diff"
}
}
}
5 changes: 5 additions & 0 deletions composer/installed.json
Original file line number Diff line number Diff line change
Expand Up @@ -6747,6 +6747,11 @@
"bin/mp3scan"
],
"type": "library",
"extra": {
"patches_applied": {
"generate exception if codec/layer versions or channel headers are unrecognized": ".patches/mp3info-check-array-key.diff"
}
},
"installation-source": "dist",
"autoload": {
"psr-4": {
Expand Down
7 changes: 7 additions & 0 deletions wapmorgan/mp3info/PATCHES.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
This file was automatically generated by Composer Patches (https://github.com/cweagans/composer-patches)
Patches applied to this directory:

generate exception if codec/layer versions or channel headers are unrecognized
Source: .patches/mp3info-check-array-key.diff


7 changes: 6 additions & 1 deletion wapmorgan/mp3info/src/Mp3Info.php
Original file line number Diff line number Diff line change
Expand Up @@ -373,7 +373,6 @@ private function readMpegFrame($fp) {

switch ($header_bytes[1] >> 3 & 0b11) {
case 0b00: $this->codecVersion = self::MPEG_25; break;
case 0b01: $this->codecVersion = self::CODEC_UNDEFINED; break;
case 0b10: $this->codecVersion = self::MPEG_2; break;
case 0b11: $this->codecVersion = self::MPEG_1; break;
}
Expand All @@ -384,6 +383,9 @@ private function readMpegFrame($fp) {
case 0b11: $this->layerVersion = self::LAYER_1; break;
}

if (!isset($this->codecVersion) || !isset($this->layerVersion) || !isset($header_bytes[2])) {
throw new \Exception('Unrecognized codecVersion or layerVersion headers!');
}
$this->bitRate = self::$_bitRateTable[$this->codecVersion][$this->layerVersion][$header_bytes[2] >> 4];
$this->sampleRate = self::$_sampleRateTable[$this->codecVersion][($header_bytes[2] >> 2) & 0b11];

Expand All @@ -394,6 +396,9 @@ private function readMpegFrame($fp) {
case 0b11: $this->channel = self::MONO; break;
}

if (!isset($this->channel)) {
throw new \Exception('Unrecognized channel header!');
}
$vbr_offset = self::$_vbrOffsets[$this->codecVersion][$this->channel == self::MONO ? 0 : 1];

// check for VBR
Expand Down

0 comments on commit d8dff58

Please sign in to comment.