Hydrogenaudio Forums > Lengthcheck for ID3v2 Tags

Full Version: Lengthcheck for ID3v2 Tags

Hydrogenaudio Forums > Hosted Forums > foobar2000 > Support - (fb2k)

Achim

Jul 17 2005, 05:10

Hi,

I just read an articel about a buffer overflow in WinAmp that can be caused by an overlength in the ID3v2 tag.
Just out of couriosity i tried to play the test file that can be downloaded and recognized a huge memory consumtion and processor load when I tried to play the file.
Is there a check for the integrity of the ID3v2 header in foobar?

Find details about the WinAmp bug and the test file on:

hxxp://security.lss.hr/index.php?page=details&ID=LSS-2005-07-14

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.