flac: Verify STREAMINFO block type and length.

rillian · kinetiknz · commit 4e8b5432cda2 · 2016-10-26T14:57:41.000+13:00
This metadata block has a fixed length, so that's a better
check and just verifying there's no overflow.
diff --git a/mp4parse/tests/public.rs b/mp4parse/tests/public.rs
@@ -76,8 +76,10 @@ fn public_api() {
                         "ES"
                     }
                     mp4::AudioCodecSpecific::FLACSpecificBox(flac) => {
+                        // STREAMINFO block must be present and first.
                         assert!(flac.blocks.len() > 0);
-                        assert!(flac.blocks[0].data.len() > 0);
+                        assert!(flac.blocks[0].block_type == 0);
+                        assert!(flac.blocks[0].data.len() == 34);
                         "FLAC"
                     }
                     mp4::AudioCodecSpecific::OpusSpecificBox(opus) => {
diff --git a/mp4parse_capi/src/lib.rs b/mp4parse_capi/src/lib.rs
@@ -450,12 +450,12 @@ pub unsafe extern fn mp4parse_get_track_audio_info(parser: *mut mp4parse_parser,
         }
         AudioCodecSpecific::FLACSpecificBox(ref flac) => {
             // Return the STREAMINFO metadata block in the codec_specific.
-            let streaminfo = &flac.blocks[0].data;
-            if streaminfo.len() > std::u32::MAX as usize {
+            let streaminfo = &flac.blocks[0];
+            if streaminfo.block_type != 0 || streaminfo.data.len() != 34 {
                 return MP4PARSE_ERROR_INVALID;
             }
-            (*info).codec_specific_config.length = streaminfo.len() as u32;
-            (*info).codec_specific_config.data = streaminfo.as_ptr();
+            (*info).codec_specific_config.length = streaminfo.data.len() as u32;
+            (*info).codec_specific_config.data = streaminfo.data.as_ptr();
         }
         AudioCodecSpecific::OpusSpecificBox(ref opus) => {
             let mut v = Vec::new();

Original file line number	Diff line number	Diff line change
`@@ -76,8 +76,10 @@ fn public_api() {`
`76`	`76`	`"ES"`
`77`	`77`	`}`
`78`	`78`	`mp4::AudioCodecSpecific::FLACSpecificBox(flac) => {`
	`79`	`+ // STREAMINFO block must be present and first.`
`79`	`80`	`assert!(flac.blocks.len() > 0);`
`80`		`- assert!(flac.blocks[0].data.len() > 0);`
	`81`	`+ assert!(flac.blocks[0].block_type == 0);`
	`82`	`+ assert!(flac.blocks[0].data.len() == 34);`
`81`	`83`	`"FLAC"`
`82`	`84`	`}`
`83`	`85`	`mp4::AudioCodecSpecific::OpusSpecificBox(opus) => {`
Original file line number	Diff line number	Diff line change
`@@ -450,12 +450,12 @@ pub unsafe extern fn mp4parse_get_track_audio_info(parser: *mut mp4parse_parser,`
`450`	`450`	`}`
`451`	`451`	`AudioCodecSpecific::FLACSpecificBox(ref flac) => {`
`452`	`452`	`// Return the STREAMINFO metadata block in the codec_specific.`
`453`		`- let streaminfo = &flac.blocks[0].data;`
`454`		`- if streaminfo.len() > std::u32::MAX as usize {`
	`453`	`+ let streaminfo = &flac.blocks[0];`
	`454`	`+ if streaminfo.block_type != 0 \|\| streaminfo.data.len() != 34 {`
`455`	`455`	`return MP4PARSE_ERROR_INVALID;`
`456`	`456`	`}`
`457`		`- (*info).codec_specific_config.length = streaminfo.len() as u32;`
`458`		`- (*info).codec_specific_config.data = streaminfo.as_ptr();`
	`457`	`+ (*info).codec_specific_config.length = streaminfo.data.len() as u32;`
	`458`	`+ (*info).codec_specific_config.data = streaminfo.data.as_ptr();`
`459`	`459`	`}`
`460`	`460`	`AudioCodecSpecific::OpusSpecificBox(ref opus) => {`
`461`	`461`	`let mut v = Vec::new();`