Check chunk sizes

WAVE and AIFF files cannot be larger than exactly 4GiB. Anything larger must be read with --ignore-chunk-sizes. Also, prevent overflow in foreign metadata handling
2022-11-03 20:32:35 +01:00 · 2022-11-03 20:32:35 +01:00 · f00e355363
commit f00e355363
parent 093b7f21dd
2 changed files with 9 additions and 3 deletions
--- a/src/flac/foreign_metadata.c
+++ b/src/flac/foreign_metadata.c
@ -203,7 +203,7 @@ static FLAC__bool read_from_wave_(foreign_metadata_t *fm, FILE *f, const char **
 			eof_offset++;
 	}
 	while(!feof(f)) {
-		FLAC__uint32 size;
+		FLAC__off_t size;
 		if((offset = ftello(f)) < 0) {
 			if(error) *error = "ftello() error (003)";
 			return false;
@ -255,11 +255,11 @@ static FLAC__bool read_from_wave_(foreign_metadata_t *fm, FILE *f, const char **
 			}
 			/* unpack the size again since we don't want the padding byte effect */
 			size = unpack32le_(buffer+4);
-			if(size < sizeof(buffer2)) {
+			if(size < (FLAC__off_t)sizeof(buffer2)) {
 				if(error) *error = "invalid RF64 file: \"ds64\" chunk size is < 28 (r03)";
 				return false;
 			}
-			if(size > sizeof(buffer2)) {
+			if(size > (FLAC__off_t)sizeof(buffer2)) {
 				if(error) *error = "RF64 file has \"ds64\" chunk with extra size table, which is not currently supported (r04)";
 				return false;
 			}
--- a/src/flac/main.c
+++ b/src/flac/main.c
@ -1814,6 +1814,12 @@ int encode_file(const char *infilename, FLAC__bool is_first_file, FLAC__bool is_
 		}
 	}

+	if(!option_values.ignore_chunk_sizes && (input_format == FORMAT_WAVE || input_format == FORMAT_AIFF) && infilesize >= UINT32_MAX) {
+		conditional_fclose(encode_infile);
+		return usage_error("ERROR: file %s is too large to be valid.\n"
+		                   "Please consult the manual on the --ignore-chunk-sizes option\n\n", infilename);
+	}
+
 	if(option_values.keep_foreign_metadata || option_values.keep_foreign_metadata_if_present) {
 		if(encode_infile == stdin || option_values.force_to_stdout) {
 			conditional_fclose(encode_infile);