Package: xmms-scrobbler Version: 0.3.8.1-4 Severity: normal
In static id3v2_t *readFrames(char *bp, char *end, id3header_t *id3_data) the following line - (framedata = parseFrame(&bp, end, id3_data) should be + if (!(framedata = parseFrame(&bp, end, id3_data))) { + return NULL; + } because in parseFrame we could return without modifing bp. This is not enough because the NULL value returned from readFrames is not properly checked and will lead to a segfault. So in void get_tag_data(metatag_t *meta, char *filename, int track) - if(meta->has_id3v2) - meta->id3v2 = fetchID3v2(filename); we should have + if(meta->has_id3v2) { + meta->id3v2 = fetchID3v2(filename); + if (!meta->id3v2) + meta->has_id3v2 = 0; + } If this check isn't made it will crash in void get_tag_data(metatag_t *meta, char *filename, int track) id3v2_t *id3v2 = meta->id3v2; for(i = 0; i < id3v2->numitems; i++) Probably IDv1 and others should be checked for this kind of errors. -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages xmms-scrobbler depends on: ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries ii libcomer 1.39+1.40-WIP-2006.10.02+dfsg-2 common error description library ii libcurl3 7.15.5-1 Multi-protocol file transfer libra ii libidn11 0.6.5-1 GNU libidn library, implementation ii libkrb53 1.4.4-3 MIT Kerberos runtime libraries ii libmusic 2.1.4-1 Second generation incarnation of t ii libssl0. 0.9.8c-3 SSL shared libraries ii libstdc+ 4.1.1-17 The GNU Standard C++ Library v3 ii xmms 1:1.2.10+20061001-3 Versatile X audio player ii zlib1g 1:1.2.3-13 compression library - runtime xmms-scrobbler recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]