Issue 125 in mp4v2: Malformed files cause segmentation faults
mp...@googlecode.com
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 125 by stephen....@gmail.com: Malformed files cause segmentation
faults
http://code.google.com/p/mp4v2/issues/detail?id=125
What steps will reproduce the problem?
1. Run mp4info on the attached file
What is the expected output? What do you see instead?
I expect to see some information on the file, but instead it crashes:
/Volumes/Home/sbooth/Downloads/04 BBB.m4a:
ReadChildAtoms: "/Volumes/Home/sbooth/Downloads/04 BBB.m4a": In atom ?lyr
missing child atom data
Track Type Info
1 audio MPEG-4 AAC LC, 211.417 secs, 128 kbps, 44100 Hz
ReadChildAtoms: "/Volumes/Home/sbooth/Downloads/04 BBB.m4a": In atom ?lyr
missing child atom data
Segmentation fault: 11
What version of the product are you using? On what operating system?
The latest svn version
Please provide any additional information below.
I've attached a patch which fixes the problem.
There is a comment in MP4ItmfItem_s that says that dataList.size is always
>=1 (itmf_generic.h:126) but in __itemAtomToModel (generic.cpp:154) if
there are no data atoms the size is left at 0 (line 188). This means that
all the fetchXXX functions in Tag.cpp will segfault when
f->second->dataList.elements[0] is called. The patch remedies the issue by
verifying that dataList.size is at least 1 and returns if it isn't. I
don't know if this is strictly the desired behavior, as the comment
indicates that size should always be at least one, but in my testing I
didn't notice any side effects.
Attachments:
04 BBB.m4a 3.3 MB
Tags.cpp.patch 2.2 KB
mp...@googlecode.com
Comment #1 on issue 125 by stephen....@gmail.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
Is someone available to look at this issue and commit the fix?
mp...@googlecode.com
Comment #2 on issue 125 by jnor...@logitech.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
Stephen,
Sorry, thanks for the reminder. I'll have a look today hopefully;
definitely this week.
mp...@googlecode.com
Status: Fixed
Owner: kid...@gmail.com
Comment #3 on issue 125 by kid...@gmail.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
This should be fixed in r490. Quick question: do you know if you can read
the lyric tag with any other applications out there? Or is this file
somehow invalid?
I think you're correct--the app shouldn't segfault on the file--but I'm
wondering if there's some improvement to be made to read this file in full,
or if it's just bogus at some basic level. Thanks for the report.
mp...@googlecode.com
Comment #4 on issue 125 by kid...@gmail.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
Issue 131 has been merged into this issue.
mp...@googlecode.com
Comment #5 on issue 125 by abarn...@gmail.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
It sounds like the lyrics atom has no child atoms, so there is nothing to
read. (If I'm wrong about the file described above, this is definitely the
case with the album atom in the file I dumped for #131, and I can easily
create a file with a childless lyrics atom as well.) The only real question
is whether to treat it the same as an empty lyrics atom, as if there were
no lyrics atom at all, or as a lyrics atom with a special null value.
iTunes isn't much of a guide here, because it just shows an empty lyrics
field, indistinguishable from a file with no lyrics atom, or a lyrics atom
with a subatom with an empty string (and if you edit the file to add some
lyrics, it writes a new lyrics atom with a child with the new lyrics). I'll
do a bit of playing around with the latest OS X and iOS versions of
AVFoundation to see if they provide more of a guide. But I think what the
library, as patched above, is doing now is probably fine.
mp...@googlecode.com
Comment #6 on issue 125 by kid...@gmail.com: Malformed files cause
segmentation faults
http://code.google.com/p/mp4v2/issues/detail?id=125
Thanks for the update, I appreciate it.