Merge pull request #2182 from nextcloud/fix/break-mp3-parse-on-invalid-frame

juliusknorr · web-flow · commit a7473d3ebcbe · 2025-11-18T10:36:54.000+01:00
fix: mp3info break frame parsing on short frames
diff --git a/.patches/mp3info-break-frame-parsing.patch b/.patches/mp3info-break-frame-parsing.patch
@@ -0,0 +1,26 @@
+From 186b99ac4a57d091e9414c0944524a9e098835f3 Mon Sep 17 00:00:00 2001
+From: grnd-alt <github@belakkaf.net>
+Date: Mon, 13 Oct 2025 12:18:37 +0200
+Subject: [PATCH] fix: break frame parsing on short frame
+
+Signed-off-by: grnd-alt <github@belakkaf.net>
+---
+ src/Mp3Info.php | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/Mp3Info.php b/src/Mp3Info.php
+index ccf97f4..24781d7 100644
+--- a/src/Mp3Info.php
++++ b/src/Mp3Info.php
+@@ -584,6 +584,11 @@ protected function parseId3v23Body($fp, $lastByte) {
+             $raw = fread($fp, 10);
+             $frame_id = substr($raw, 0, 4);
+ 
++            if (strlen($raw) < 10) {
++                fseek($fp, $lastByte);
++                break;
++            }
++
+             if ($frame_id == str_repeat(chr(0), 4)) {
+                 fseek($fp, $lastByte);
+                 break;
diff --git a/.patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch b/.patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch
@@ -0,0 +1,33 @@
+From 37365fd60dd3f4a637a887376b32f4d5e05726ce Mon Sep 17 00:00:00 2001
+From: wapmorgan <wapmorgan@gmail.com>
+Date: Sat, 28 Jun 2025 03:34:24 +0300
+Subject: [PATCH] #30 Fix incorrect lookup for mpeg header. Previously it skips
+ 1 extra byte every jump that leads to 50/50% chance to find mpeg header
+
+---
+ bin/mp3scan     | 2 +-
+ src/Mp3Info.php | 1 -
+ 2 files changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/bin/mp3scan b/bin/mp3scan
+index 8f3e28c..6352cc5 100755
+--- a/bin/mp3scan
++++ b/bin/mp3scan
+@@ -1,4 +1,4 @@
+-#!/usr/bin/php
++#!/usr/bin/env php
+ <?php
+ use wapmorgan\Mp3Info\Mp3Info;
+ 
+diff --git a/src/Mp3Info.php b/src/Mp3Info.php
+index 17e4074..ccf97f4 100644
+--- a/src/Mp3Info.php
++++ b/src/Mp3Info.php
+@@ -363,7 +363,6 @@ private function readMpegFrame($fp) {
+                     break;
+                 }
+             }
+-            fseek($fp, 1, SEEK_CUR);
+         } while (ftell($fp) <= $header_seek_pos);
+ 
+         if (!isset($header_bytes) || $header_bytes[0] !== 0xFF || (($header_bytes[1] >> 5) & 0b111) != 0b111) {
diff --git a/composer.patches.json b/composer.patches.json
@@ -1,3 +1,8 @@
 {
-	"patches": {}
+	"patches": {
+		"wapmorgan/mp3info": {
+			"Break frame parsing on invalid frame": ".patches/mp3info-break-frame-parsing.patch",
+			"fix incorrect lookup for mpeg header": ".patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch"
+		}
+	}
 }
diff --git a/composer/installed.json b/composer/installed.json
@@ -6183,6 +6183,12 @@
                 "bin/mp3scan"
             ],
             "type": "library",
+            "extra": {
+                "patches_applied": {
+                    "Break frame parsing on invalid frame": ".patches/mp3info-break-frame-parsing.patch",
+                    "fix incorrect lookup for mpeg header": ".patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch"
+                }
+            },
             "installation-source": "dist",
             "autoload": {
                 "psr-4": {
diff --git a/wapmorgan/mp3info/PATCHES.txt b/wapmorgan/mp3info/PATCHES.txt
@@ -0,0 +1,11 @@
+This file was automatically generated by Composer Patches (https://github.com/cweagans/composer-patches)
+Patches applied to this directory:
+
+Break frame parsing on invalid frame
+Source: .patches/mp3info-break-frame-parsing.patch
+
+
+fix incorrect lookup for mpeg header
+Source: .patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch
+
+
diff --git a/wapmorgan/mp3info/src/Mp3Info.php b/wapmorgan/mp3info/src/Mp3Info.php
@@ -363,7 +363,6 @@ private function readMpegFrame($fp) {
                     break;
                 }
             }
-            fseek($fp, 1, SEEK_CUR);
         } while (ftell($fp) <= $header_seek_pos);
 
         if (!isset($header_bytes) || $header_bytes[0] !== 0xFF || (($header_bytes[1] >> 5) & 0b111) != 0b111) {
@@ -585,6 +584,11 @@ protected function parseId3v23Body($fp, $lastByte) {
             $raw = fread($fp, 10);
             $frame_id = substr($raw, 0, 4);
 
+            if (strlen($raw) < 10) {
+                fseek($fp, $lastByte);
+                break;
+            }
+
             if ($frame_id == str_repeat(chr(0), 4)) {
                 fseek($fp, $lastByte);
                 break;

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,8 @@`
`1`	`1`	`{`
`2`		`- "patches": {}`
	`2`	`+ "patches": {`
	`3`	`+ "wapmorgan/mp3info": {`
	`4`	`+ "Break frame parsing on invalid frame": ".patches/mp3info-break-frame-parsing.patch",`
	`5`	`+ "fix incorrect lookup for mpeg header": ".patches/mp3info-fix-incorrect-lookup-for-mpeg-header.patch"`
	`6`	`+ }`
	`7`	`+ }`
`3`	`8`	`}`