Bug 278773

Summary: crash parsing ID3v2 tag in ape file due to null pointer dereference
Product: [Unmaintained] taglib Reporter: Jonathan Liu <net147>
Component: generalAssignee: Scott Wheeler <wheeler>
Status: RESOLVED FIXED    
Severity: crash CC: lalinsky, scarpino
Priority: NOR    
Version First Reported In: 1.7   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: Fix crash

Description Jonathan Liu 2011-07-29 11:31:12 UTC 
Version:           1.7 (using KDE 4.7.0) 
OS:                Linux

https://github.com/taglib/taglib/blob/master/taglib/ape/apeproperties.cpp#L140.
A null FrameFactory pointer to ID3v2::Tag constructor. Later on when reading the tag, it crashes trying to dereference the null pointer. It should omit the null pointer argument so that the default FrameFactory instance is used.

http://code.google.com/p/clementine-player/issues/detail?id=1825

Reproducible: Always

Steps to Reproduce:
Install clementine. Open APE file attached to http://code.google.com/p/clementine-player/issues/detail?id=1825.

Actual Results:  
Crash

Expected Results:  
Not crash
Comment 1 Jonathan Liu 2011-07-29 11:32:31 UTC 
Created attachment 62301 [details]
Fix crash
Comment 2 Lukáš Lalinský 2011-08-06 09:06:36 UTC 
Thank you for the patch, merged in https://github.com/taglib/taglib/commit/7cc36db7606dfc85d2e344d35c4e26fe8f698bdc