From b0607c4e51c1dd5404956f2ad2416690b300329b Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Wed, 3 Jul 2024 11:25:14 +0200 Subject: [PATCH] chore(mp3info): apply upstream patch for invalid array access Patch: https://github.com/wapmorgan/Mp3Info/pull/36 Signed-off-by: Daniel Kesselberg [skip ci] --- .patches/mp3info-check-array-key.diff | 32 +++++++++++++++++++++++++++ composer.patches.json | 14 +++++++----- composer/installed.json | 5 +++++ wapmorgan/mp3info/PATCHES.txt | 7 ++++++ wapmorgan/mp3info/src/Mp3Info.php | 7 +++++- 5 files changed, 58 insertions(+), 7 deletions(-) create mode 100644 .patches/mp3info-check-array-key.diff create mode 100644 wapmorgan/mp3info/PATCHES.txt diff --git a/.patches/mp3info-check-array-key.diff b/.patches/mp3info-check-array-key.diff new file mode 100644 index 000000000..ff1718187 --- /dev/null +++ b/.patches/mp3info-check-array-key.diff @@ -0,0 +1,32 @@ +diff --git a/src/Mp3Info.php b/src/Mp3Info.php +index 257b147..17e4074 100644 +--- a/src/Mp3Info.php ++++ b/src/Mp3Info.php +@@ -373,7 +373,6 @@ private function readMpegFrame($fp) { + + switch ($header_bytes[1] >> 3 & 0b11) { + case 0b00: $this->codecVersion = self::MPEG_25; break; +- case 0b01: $this->codecVersion = self::CODEC_UNDEFINED; break; + case 0b10: $this->codecVersion = self::MPEG_2; break; + case 0b11: $this->codecVersion = self::MPEG_1; break; + } +@@ -384,6 +383,9 @@ private function readMpegFrame($fp) { + case 0b11: $this->layerVersion = self::LAYER_1; break; + } + ++ if (!isset($this->codecVersion) || !isset($this->layerVersion) || !isset($header_bytes[2])) { ++ throw new \Exception('Unrecognized codecVersion or layerVersion headers!'); ++ } + $this->bitRate = self::$_bitRateTable[$this->codecVersion][$this->layerVersion][$header_bytes[2] >> 4]; + $this->sampleRate = self::$_sampleRateTable[$this->codecVersion][($header_bytes[2] >> 2) & 0b11]; + +@@ -394,6 +396,9 @@ private function readMpegFrame($fp) { + case 0b11: $this->channel = self::MONO; break; + } + ++ if (!isset($this->channel)) { ++ throw new \Exception('Unrecognized channel header!'); ++ } + $vbr_offset = self::$_vbrOffsets[$this->codecVersion][$this->channel == self::MONO ? 0 : 1]; + + // check for VBR diff --git a/composer.patches.json b/composer.patches.json index 225e63c4c..96a4fa1ea 100644 --- a/composer.patches.json +++ b/composer.patches.json @@ -1,8 +1,10 @@ { - "patches": { - "sabre/dav": { - "Fix getNodeForPath cache": ".patches/fix-cache-for-node.diff" - } - - } + "patches": { + "sabre/dav": { + "Fix getNodeForPath cache": ".patches/fix-cache-for-node.diff" + }, + "wapmorgan/mp3info": { + "generate exception if codec/layer versions or channel headers are unrecognized": ".patches/mp3info-check-array-key.diff" + } + } } diff --git a/composer/installed.json b/composer/installed.json index 5b1413c46..e3980f65b 100644 --- a/composer/installed.json +++ b/composer/installed.json @@ -6697,6 +6697,11 @@ "bin/mp3scan" ], "type": "library", + "extra": { + "patches_applied": { + "generate exception if codec/layer versions or channel headers are unrecognized": ".patches/mp3info-check-array-key.diff" + } + }, "installation-source": "dist", "autoload": { "psr-4": { diff --git a/wapmorgan/mp3info/PATCHES.txt b/wapmorgan/mp3info/PATCHES.txt new file mode 100644 index 000000000..c6bbacdd6 --- /dev/null +++ b/wapmorgan/mp3info/PATCHES.txt @@ -0,0 +1,7 @@ +This file was automatically generated by Composer Patches (https://github.com/cweagans/composer-patches) +Patches applied to this directory: + +generate exception if codec/layer versions or channel headers are unrecognized +Source: .patches/mp3info-check-array-key.diff + + diff --git a/wapmorgan/mp3info/src/Mp3Info.php b/wapmorgan/mp3info/src/Mp3Info.php index 257b14799..17e40747d 100644 --- a/wapmorgan/mp3info/src/Mp3Info.php +++ b/wapmorgan/mp3info/src/Mp3Info.php @@ -373,7 +373,6 @@ private function readMpegFrame($fp) { switch ($header_bytes[1] >> 3 & 0b11) { case 0b00: $this->codecVersion = self::MPEG_25; break; - case 0b01: $this->codecVersion = self::CODEC_UNDEFINED; break; case 0b10: $this->codecVersion = self::MPEG_2; break; case 0b11: $this->codecVersion = self::MPEG_1; break; } @@ -384,6 +383,9 @@ private function readMpegFrame($fp) { case 0b11: $this->layerVersion = self::LAYER_1; break; } + if (!isset($this->codecVersion) || !isset($this->layerVersion) || !isset($header_bytes[2])) { + throw new \Exception('Unrecognized codecVersion or layerVersion headers!'); + } $this->bitRate = self::$_bitRateTable[$this->codecVersion][$this->layerVersion][$header_bytes[2] >> 4]; $this->sampleRate = self::$_sampleRateTable[$this->codecVersion][($header_bytes[2] >> 2) & 0b11]; @@ -394,6 +396,9 @@ private function readMpegFrame($fp) { case 0b11: $this->channel = self::MONO; break; } + if (!isset($this->channel)) { + throw new \Exception('Unrecognized channel header!'); + } $vbr_offset = self::$_vbrOffsets[$this->codecVersion][$this->channel == self::MONO ? 0 : 1]; // check for VBR