[vlc-commits] [Git][videolan/vlc][3.0.x] xiph_metadata: ensure the tracks metadata are valid numbers

Felix Paul Kühne (@fkuehne) gitlab at videolan.org
Thu Aug 28 19:41:47 UTC 2025 


Felix Paul Kühne pushed to branch 3.0.x at VideoLAN / VLC


Commits:
810a90f8 by Steve Lhomme at 2025-08-28T19:06:52+00:00
xiph_metadata: ensure the tracks metadata are valid numbers

They are already parsed as unsigned values in the TRACKNUMBER field.
The UTF-8 check was removed from these fields in dfdc98f72edafc586f5a531f9071461d0d68a314.
If we turn them into a valid integer (when they are) we have safe UTF-8 data.

Ref. #28976

(cherry picked from commit 63c36ef5af18366f38c7229d653a9e29eead7f06)

- - - - -


1 changed file:

- modules/demux/xiph_metadata.c


Changes:

=====================================
modules/demux/xiph_metadata.c
=====================================
@@ -399,11 +399,19 @@ void vorbis_ParseComment( es_format_t *p_fmt, vlc_meta_t **pp_meta,
         hasMetaFlags |= XIPHMETA_##var; \
     }
 
-#define IF_EXTRACT_ONCE(txt,var) \
+#define IF_EXTRACT_ONCE_NUMBER(txt,var) \
     if( !strncasecmp(psz_comment, txt, strlen(txt)) && !(hasMetaFlags & XIPHMETA_##var) ) \
     { \
-        vlc_meta_Set( p_meta, vlc_meta_ ## var, &psz_comment[strlen(txt)] ); \
-        hasMetaFlags |= XIPHMETA_##var; \
+        bool isnum = true; \
+        const char *num_str = &psz_comment[strlen(txt)], *c; \
+        for (c = num_str; isnum && *c != '\0'; c++) { \
+            isnum = *c >= '0' && *c <= '9'; \
+        } \
+        if (isnum) \
+        { \
+            vlc_meta_Set( p_meta, vlc_meta_ ## var, num_str ); \
+            hasMetaFlags |= XIPHMETA_##var; \
+        } \
     }
 
 #define IF_EXTRACT_FMT(txt,var,fmt,target) \
@@ -442,8 +450,8 @@ void vorbis_ParseComment( es_format_t *p_fmt, vlc_meta_t **pp_meta,
                 }
             }
         }
-        else IF_EXTRACT_ONCE("TRACKTOTAL=", TrackTotal )
-        else IF_EXTRACT_ONCE("TOTALTRACKS=", TrackTotal )
+        else IF_EXTRACT_ONCE_NUMBER("TRACKTOTAL=", TrackTotal )
+        else IF_EXTRACT_ONCE_NUMBER("TOTALTRACKS=", TrackTotal )
         else IF_EXTRACT("DESCRIPTION=", Description )
         else IF_EXTRACT("COMMENT=", Description )
         else IF_EXTRACT("COMMENTS=", Description )
@@ -562,4 +570,3 @@ const char *FindKateCategoryName( const char *psz_tag )
     }
     return N_("Unknown category");
 }
-



View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/810a90f8fad62aca7324dfbbb84c8e7de10cb971

-- 
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/810a90f8fad62aca7324dfbbb84c8e7de10cb971
You're receiving this email because of your account on code.videolan.org.


VideoLAN code repository instance

More information about the vlc-commits mailing list