[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#304913: libid3tag0: endless loop until OOM while parsing ID3v2 tag

Package: libid3tag0
Version: 0.15.1b-4.1
Severity: normal
Tags: patch

libid3tag has problems with some ID3v2 tags. If the ID3v2 tag contains
string list fields with an UTF16 string whose length is an odd number
of bytes (which is effectively a broken string, but should still be
parsed correctly), libid3tag ends up in an endless loop allocating
memory until it can't allocate more memory or the process is killed.

This bug affects a number of applications depending on libid3tag0 for
tag parsing, including many GStreamer-based audio players like rhythmbox
or muine.

A two-line patch is available here:


The patch has been sent upstream months ago, but it doesn't look like
there is going to be a new release any time soon.

Would be great if it could be applied to the package until a new
upstream version is released.


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages libid3tag0 depends on:
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  zlib1g                      1:1.2.2-4    compression library - runtime

-- no debconf information

Reply to: