From e7cff14b8d57de284b9dc9836b9c324580cac759 Mon Sep 17 00:00:00 2001
From: Patrick Smits <patrick@noxs.nl>
Date: Thu, 1 May 2008 20:47:38 +0200
Subject: [PATCH] ignore "ALBUM ARTIST" Ogg tag

Hi Antoine,

I've found a bug in FAPG version 0.41. If an .ogg file has a tag "ALBUM
ARTIST", the program will crash. The tag is detected and processed as a
normal "ARTIST" tag, however with an incorrect (huge) length. This causes a
buffer overflow in the strncpy to the artist buffer. I've created a patch
which adds a check on the "ALBUM ARTIST" tag (only for .ogg) before the check
on the "ARTIST" tag. I've tested it locally and it seems to do the job.

Kind Regards,

Patrick Smits

Signed-off-by: Antoine Jacquet <royale@zerezo.com>
---
 fapg.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fapg.c b/fapg.c
index 176c495..38a27bf 100644
--- a/fapg.c
+++ b/fapg.c
@@ -862,6 +862,13 @@ void parse_ogg(unsigned char *file)
             title[size - 6] = '\0';
             c += size;
         }
+        if(strncasecmp(c, "ALBUM ARTIST=", 13) == 0) {
+            // ignore tag
+            size =
+                *(c - 4) + (*(c - 3) << 8) + (*(c - 2) << 16) +
+                (*(c - 1) << 24);
+            c += size;
+        }
         if(strncasecmp(c, "ARTIST=", 7) == 0) {
             size =
                 *(c - 4) + (*(c - 3) << 8) + (*(c - 2) << 16) +
-- 
2.20.1