summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZhang Peng <peng.zhang1.cn@windriver.com>2025-03-13 22:22:35 +0800
committerSteve Sakoman <steve@sakoman.com>2025-03-19 07:13:17 -0700
commit52209c5a2b9bdc4c6d2d6f596d308b0c275520fd (patch)
tree60432fe13d776e93440481bc48e9bd2643983ff3
parentef3aca9b211d43774eb16bc0768102ac027e428e (diff)
downloadpoky-52209c5a2b9bdc4c6d2d6f596d308b0c275520fd.tar.gz
mpg123: fix CVE-2024-10573
CVE-2024-10573: An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-10573] Upstream patches: [svn://scm.orgis.org/mpg123/branches/1.31-fixes@5442] (From OE-Core rev: a227b80e29c5ba5d963acaa4ddb4b9ad45483bd5) Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch978
-rw-r--r--meta/recipes-multimedia/mpg123/mpg123_1.29.3.bb4
2 files changed, 981 insertions, 1 deletions
diff --git a/meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch b/meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch
new file mode 100644
index 0000000000..ef7b84027d
--- /dev/null
+++ b/meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch
@@ -0,0 +1,978 @@
1From 89d1e6cfbfa5f34a4ba706cad1034e6ad7373726 Mon Sep 17 00:00:00 2001
2From: thor <thor@35dc7657-300d-0410-a2e5-dc2837fedb53>
3Date: Sat, 26 Oct 2024 16:23:36 +0000
4Subject: [PATCH] backport Frankenstein's Monster fix
5
6git-svn-id: svn://scm.orgis.org/mpg123/branches/1.31-fixes@5442 35dc7657-300d-0410-a2e5-dc2837fedb53
7
8CVE: CVE-2024-10573
9Upstream-Status: Backport [svn://scm.orgis.org/mpg123/branches/1.31-fixes@5442]
10
11The original patch is adjusted to fit for the current version.
12
13Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
14---
15 src/libmpg123/frame.c | 15 +--
16 src/libmpg123/frame.h | 46 +++++---
17 src/libmpg123/layer1.c | 2 +-
18 src/libmpg123/layer2.c | 6 +-
19 src/libmpg123/layer3.c | 42 +++----
20 src/libmpg123/libmpg123.c | 22 ++--
21 src/libmpg123/parse.c | 241 ++++++++++++++++++++++----------------
22 7 files changed, 211 insertions(+), 163 deletions(-)
23
24diff --git a/src/libmpg123/frame.c b/src/libmpg123/frame.c
25index b14908f2..20d56931 100644
26--- a/src/libmpg123/frame.c
27+++ b/src/libmpg123/frame.c
28@@ -515,6 +515,7 @@ static void frame_fixed_reset(mpg123_handle *fr)
29 {
30 frame_icy_reset(fr);
31 open_bad(fr);
32+ memset(&(fr->hdr), 0, sizeof(fr->hdr));
33 fr->to_decode = FALSE;
34 fr->to_ignore = FALSE;
35 fr->metaflags = 0;
36@@ -528,15 +529,12 @@ static void frame_fixed_reset(mpg123_handle *fr)
37 fr->clip = 0;
38 fr->oldhead = 0;
39 fr->firsthead = 0;
40- fr->lay = 0;
41 fr->vbr = MPG123_CBR;
42 fr->abr_rate = 0;
43 fr->track_frames = 0;
44 fr->track_samples = -1;
45- fr->framesize=0;
46 fr->mean_frames = 0;
47 fr->mean_framesize = 0;
48- fr->freesize = 0;
49 fr->lastscale = -1;
50 fr->rva.level[0] = -1;
51 fr->rva.level[1] = -1;
52@@ -571,8 +569,7 @@ static void frame_fixed_reset(mpg123_handle *fr)
53 fr->icy.next = 0;
54 #endif
55 fr->halfphase = 0; /* here or indeed only on first-time init? */
56- fr->error_protection = 0;
57- fr->freeformat_framesize = fr->p.freeformat_framesize;
58+ fr->hdr.freeformat_framesize = fr->p.freeformat_framesize;
59 fr->enc_delay = -1;
60 fr->enc_padding = -1;
61 memset(fr->id3buf, 0, sizeof(fr->id3buf));
62@@ -637,7 +634,7 @@ int attribute_align_arg mpg123_framedata(mpg123_handle *mh, unsigned long *heade
63
64 if(header != NULL) *header = mh->oldhead;
65 if(bodydata != NULL) *bodydata = mh->bsbuf;
66- if(bodybytes != NULL) *bodybytes = mh->framesize;
67+ if(bodybytes != NULL) *bodybytes = mh->hdr.framesize;
68
69 return MPG123_OK;
70 }
71@@ -906,9 +903,9 @@ static off_t ignoreframe(mpg123_handle *fr)
72 {
73 off_t preshift = fr->p.preframes;
74 /* Layer 3 _really_ needs at least one frame before. */
75- if(fr->lay==3 && preshift < 1) preshift = 1;
76+ if(fr->hdr.lay==3 && preshift < 1) preshift = 1;
77 /* Layer 1 & 2 reall do not need more than 2. */
78- if(fr->lay!=3 && preshift > 2) preshift = 2;
79+ if(fr->hdr.lay!=3 && preshift > 2) preshift = 2;
80
81 return fr->firstframe - preshift;
82 }
83@@ -953,7 +950,7 @@ void frame_set_frameseek(mpg123_handle *fr, off_t fe)
84 void frame_skip(mpg123_handle *fr)
85 {
86 #ifndef NO_LAYER3
87- if(fr->lay == 3) set_pointer(fr, 1, 512);
88+ if(fr->hdr.lay == 3) set_pointer(fr, 1, 512);
89 #endif
90 }
91
92diff --git a/src/libmpg123/frame.h b/src/libmpg123/frame.h
93index e34ea16f..fcdae8a8 100644
94--- a/src/libmpg123/frame.h
95+++ b/src/libmpg123/frame.h
96@@ -96,6 +96,33 @@ enum frame_state_flags
97 ,FRAME_DECODER_LIVE = 0x8 /**< 1000 Decoder can be used. */
98 };
99
100+// separate frame header structure for safe decoding of headers without
101+// modifying the main frame struct before we are sure that we can read a
102+// frame into it
103+struct frame_header
104+{
105+ int lay;
106+ // lots of flags that could share storage, should reform that
107+ int lsf; /* 0: MPEG 1.0; 1: MPEG 2.0/2.5 -- both used as bool and array index! */
108+ int mpeg25;
109+ int error_protection;
110+ int bitrate_index;
111+ int sampling_frequency;
112+ int padding;
113+ int extension;
114+ int mode;
115+ int mode_ext;
116+ int copyright;
117+ int original;
118+ int emphasis;
119+ // Even 16 bit int is enough for MAXFRAMESIZE
120+ int framesize; /* computed framesize */
121+ int freeformat;
122+ int freeformat_framesize;
123+ // Derived from header and checked against the above.
124+ int ssize;
125+};
126+
127 /* There is a lot to condense here... many ints can be merged as flags; though the main space is still consumed by buffers. */
128 struct mpg123_handle_struct
129 {
130@@ -199,26 +226,12 @@ struct mpg123_handle_struct
131 int single;
132 int II_sblimit;
133 int down_sample_sblimit;
134- int lsf; /* 0: MPEG 1.0; 1: MPEG 2.0/2.5 -- both used as bool and array index! */
135 /* Many flags in disguise as integers... wasting bytes. */
136- int mpeg25;
137 int down_sample;
138 int header_change;
139- int lay;
140+ struct frame_header hdr;
141 long spf; /* cached count of samples per frame */
142 int (*do_layer)(mpg123_handle *);
143- int error_protection;
144- int bitrate_index;
145- int sampling_frequency;
146- int padding;
147- int extension;
148- int mode;
149- int mode_ext;
150- int copyright;
151- int original;
152- int emphasis;
153- int framesize; /* computed framesize */
154- int freesize; /* free format frame size */
155 enum mpg123_vbr vbr; /* 1 if variable bitrate was detected */
156 off_t num; /* frame offset ... */
157 off_t input_offset; /* byte offset of this frame in input stream */
158@@ -227,8 +240,6 @@ struct mpg123_handle_struct
159 int state_flags;
160 char silent_resync; /* Do not complain for the next n resyncs. */
161 unsigned char* xing_toc; /* The seek TOC from Xing header. */
162- int freeformat;
163- long freeformat_framesize;
164
165 /* bitstream info; bsi */
166 int bitindex;
167@@ -255,7 +266,6 @@ struct mpg123_handle_struct
168 double mean_framesize;
169 off_t mean_frames;
170 int fsizeold;
171- int ssize;
172 unsigned int bitreservoir;
173 unsigned char bsspace[2][MAXFRAMESIZE+512+4]; /* MAXFRAMESIZE */
174 unsigned char *bsbuf;
175diff --git a/src/libmpg123/layer1.c b/src/libmpg123/layer1.c
176index c5bfc75d..048611e1 100644
177--- a/src/libmpg123/layer1.c
178+++ b/src/libmpg123/layer1.c
179@@ -217,7 +217,7 @@ int do_layer1(mpg123_handle *fr)
180 real (*fraction)[SBLIMIT] = fr->layer1.fraction; /* fraction[2][SBLIMIT] */
181 int single = fr->single;
182
183- fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ? (fr->mode_ext<<2)+4 : 32;
184+ fr->jsbound = (fr->hdr.mode == MPG_MD_JOINT_STEREO) ? (fr->hdr.mode_ext<<2)+4 : 32;
185
186 if(stereo == 1 || single == SINGLE_MIX) /* I don't see mixing handled here */
187 single = SINGLE_LEFT;
188diff --git a/src/libmpg123/layer2.c b/src/libmpg123/layer2.c
189index 0f2071b5..910f0bf9 100644
190--- a/src/libmpg123/layer2.c
191+++ b/src/libmpg123/layer2.c
192@@ -313,10 +313,10 @@ static void II_select_table(mpg123_handle *fr)
193 const struct al_table *tables[5] = { alloc_0, alloc_1, alloc_2, alloc_3 , alloc_4 };
194 const int sblims[5] = { 27 , 30 , 8, 12 , 30 };
195
196- if(fr->sampling_frequency >= 3) /* Or equivalent: (fr->lsf == 1) */
197+ if(fr->hdr.sampling_frequency >= 3) /* Or equivalent: (fr->lsf == 1) */
198 table = 4;
199 else
200- table = translate[fr->sampling_frequency][2-fr->stereo][fr->bitrate_index];
201+ table = translate[fr->hdr.sampling_frequency][2-fr->stereo][fr->hdr.bitrate_index];
202
203 sblim = sblims[table];
204 fr->alloc = tables[table];
205@@ -337,7 +337,7 @@ int do_layer2(mpg123_handle *fr)
206 int single = fr->single;
207
208 II_select_table(fr);
209- fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ? (fr->mode_ext<<2)+4 : fr->II_sblimit;
210+ fr->jsbound = (fr->hdr.mode == MPG_MD_JOINT_STEREO) ? (fr->hdr.mode_ext<<2)+4 : fr->II_sblimit;
211
212 if(fr->jsbound > fr->II_sblimit)
213 {
214diff --git a/src/libmpg123/layer3.c b/src/libmpg123/layer3.c
215index a25ef098..83912503 100644
216--- a/src/libmpg123/layer3.c
217+++ b/src/libmpg123/layer3.c
218@@ -127,16 +127,16 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
219 int powdiff = (single == SINGLE_MIX) ? 4 : 0;
220
221 const int tabs[2][5] = { { 2,9,5,3,4 } , { 1,8,1,2,9 } };
222- const int *tab = tabs[fr->lsf];
223+ const int *tab = tabs[fr->hdr.lsf];
224
225 { /* First ensure we got enough bits available. */
226 unsigned int needbits = 0;
227 needbits += tab[1]; /* main_data_begin */
228 needbits += stereo == 1 ? tab[2] : tab[3]; /* private */
229- if(!fr->lsf)
230+ if(!fr->hdr.lsf)
231 needbits += stereo*4; /* scfsi */
232 /* For each granule for each channel ... */
233- needbits += tab[0]*stereo*(29+tab[4]+1+22+(!fr->lsf?1:0)+2);
234+ needbits += tab[0]*stereo*(29+tab[4]+1+22+(!fr->hdr.lsf?1:0)+2);
235 if(fr->bits_avail < needbits) \
236 {
237 if(NOQUIET)
238@@ -154,7 +154,7 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
239
240 /* overwrite main_data_begin for the really available bit reservoir */
241 backbits(fr, tab[1]);
242- if(fr->lsf == 0)
243+ if(fr->hdr.lsf == 0)
244 {
245 fr->wordpointer[0] = (unsigned char) (fr->bitreservoir >> 1);
246 fr->wordpointer[1] = (unsigned char) ((fr->bitreservoir & 1) << 7);
247@@ -163,7 +163,7 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
248
249 /* zero "side-info" data for a silence-frame
250 without touching audio data used as bit reservoir for following frame */
251- memset(fr->wordpointer+2, 0, fr->ssize-2);
252+ memset(fr->wordpointer+2, 0, fr->hdr.ssize-2);
253
254 /* reread the new bit reservoir offset */
255 si->main_data_begin = getbits(fr, tab[1]);
256@@ -171,11 +171,11 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
257
258 /* Keep track of the available data bytes for the bit reservoir.
259 CRC is included in ssize already. */
260- fr->bitreservoir = fr->bitreservoir + fr->framesize - fr->ssize;
261+ fr->bitreservoir = fr->bitreservoir + fr->hdr.framesize - fr->hdr.ssize;
262
263 /* Limit the reservoir to the max for MPEG 1.0 or 2.x . */
264- if(fr->bitreservoir > (unsigned int) (fr->lsf == 0 ? 511 : 255))
265- fr->bitreservoir = (fr->lsf == 0 ? 511 : 255);
266+ if(fr->bitreservoir > (unsigned int) (fr->hdr.lsf == 0 ? 511 : 255))
267+ fr->bitreservoir = (fr->hdr.lsf == 0 ? 511 : 255);
268
269 /* Now back into less commented territory. It's code. It works. */
270
271@@ -184,7 +184,7 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
272 else
273 si->private_bits = getbits(fr, tab[3]);
274
275- if(!fr->lsf) for(ch=0; ch<stereo; ch++)
276+ if(!fr->hdr.lsf) for(ch=0; ch<stereo; ch++)
277 {
278 si->ch[ch].gr[0].scfsi = -1;
279 si->ch[ch].gr[1].scfsi = getbits(fr, 4);
280@@ -249,14 +249,14 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
281 }
282
283 /* region_count/start parameters are implicit in this case. */
284- if( (!fr->lsf || (gr_info->block_type == 2)) && !fr->mpeg25)
285+ if( (!fr->hdr.lsf || (gr_info->block_type == 2)) && !fr->hdr.mpeg25)
286 {
287 gr_info->region1start = 36>>1;
288 gr_info->region2start = 576>>1;
289 }
290 else
291 {
292- if(fr->mpeg25)
293+ if(fr->hdr.mpeg25)
294 {
295 int r0c,r1c;
296 if((gr_info->block_type == 2) && (!gr_info->mixed_block_flag) ) r0c = 5;
297@@ -291,7 +291,7 @@ static int III_get_side_info(mpg123_handle *fr, struct III_sideinfo *si,int ster
298 gr_info->block_type = 0;
299 gr_info->mixed_block_flag = 0;
300 }
301- if(!fr->lsf) gr_info->preflag = get1bit(fr);
302+ if(!fr->hdr.lsf) gr_info->preflag = get1bit(fr);
303
304 gr_info->scalefac_scale = get1bit(fr);
305 gr_info->count1table_select = get1bit(fr);
306@@ -1717,7 +1717,7 @@ int do_layer3(mpg123_handle *fr)
307 int stereo = fr->stereo;
308 int single = fr->single;
309 int ms_stereo,i_stereo;
310- int sfreq = fr->sampling_frequency;
311+ int sfreq = fr->hdr.sampling_frequency;
312 int stereo1,granules;
313
314 if(stereo == 1)
315@@ -1730,14 +1730,14 @@ int do_layer3(mpg123_handle *fr)
316 else
317 stereo1 = 2;
318
319- if(fr->mode == MPG_MD_JOINT_STEREO)
320+ if(fr->hdr.mode == MPG_MD_JOINT_STEREO)
321 {
322- ms_stereo = (fr->mode_ext & 0x2)>>1;
323- i_stereo = fr->mode_ext & 0x1;
324+ ms_stereo = (fr->hdr.mode_ext & 0x2)>>1;
325+ i_stereo = fr->hdr.mode_ext & 0x1;
326 }
327 else ms_stereo = i_stereo = 0;
328
329- granules = fr->lsf ? 1 : 2;
330+ granules = fr->hdr.lsf ? 1 : 2;
331
332 /* quick hack to keep the music playing */
333 /* after having seen this nasty test file... */
334@@ -1752,7 +1752,7 @@ int do_layer3(mpg123_handle *fr)
335 if(fr->pinfo)
336 {
337 fr->pinfo->maindata = sideinfo.main_data_begin;
338- fr->pinfo->padding = fr->padding;
339+ fr->pinfo->padding = fr->hdr.padding;
340 }
341 #endif
342 for(gr=0;gr<granules;gr++)
343@@ -1773,7 +1773,7 @@ int do_layer3(mpg123_handle *fr)
344 , gr_info->part2_3_length, fr->bits_avail );
345 return clip;
346 }
347- if(fr->lsf)
348+ if(fr->hdr.lsf)
349 part2bits = III_get_scale_factors_2(fr, scalefacs[0],gr_info,0);
350 else
351 part2bits = III_get_scale_factors_1(fr, scalefacs[0],gr_info,0,gr);
352@@ -1813,7 +1813,7 @@ int do_layer3(mpg123_handle *fr)
353 {
354 struct gr_info_s *gr_info = &(sideinfo.ch[1].gr[gr]);
355 long part2bits;
356- if(fr->lsf)
357+ if(fr->hdr.lsf)
358 part2bits = III_get_scale_factors_2(fr, scalefacs[1],gr_info,i_stereo);
359 else
360 part2bits = III_get_scale_factors_1(fr, scalefacs[1],gr_info,1,gr);
361@@ -1863,7 +1863,7 @@ int do_layer3(mpg123_handle *fr)
362 }
363 }
364
365- if(i_stereo) III_i_stereo(hybridIn,scalefacs[1],gr_info,sfreq,ms_stereo,fr->lsf);
366+ if(i_stereo) III_i_stereo(hybridIn,scalefacs[1],gr_info,sfreq,ms_stereo,fr->hdr.lsf);
367
368 if(ms_stereo || i_stereo || (single == SINGLE_MIX) )
369 {
370diff --git a/src/libmpg123/libmpg123.c b/src/libmpg123/libmpg123.c
371index f175a5c9..8ad068b1 100644
372--- a/src/libmpg123/libmpg123.c
373+++ b/src/libmpg123/libmpg123.c
374@@ -434,7 +434,7 @@ int attribute_align_arg mpg123_getstate(mpg123_handle *mh, enum mpg123_state key
375 theval = mh->enc_padding;
376 break;
377 case MPG123_DEC_DELAY:
378- theval = mh->lay == 3 ? GAPLESS_DELAY : -1;
379+ theval = mh->hdr.lay == 3 ? GAPLESS_DELAY : -1;
380 break;
381 default:
382 mh->err = MPG123_BAD_KEY;
383@@ -1154,10 +1154,10 @@ static int init_track(mpg123_handle *mh)
384 b = init_track(mh); \
385 if(b < 0) return b; \
386 \
387- mi->version = mh->mpeg25 ? MPG123_2_5 : (mh->lsf ? MPG123_2_0 : MPG123_1_0); \
388- mi->layer = mh->lay; \
389+ mi->version = mh->hdr.mpeg25 ? MPG123_2_5 : (mh->hdr.lsf ? MPG123_2_0 : MPG123_1_0); \
390+ mi->layer = mh->hdr.lay; \
391 mi->rate = frame_freq(mh); \
392- switch(mh->mode) \
393+ switch(mh->hdr.mode) \
394 { \
395 case 0: mi->mode = MPG123_M_STEREO; break; \
396 case 1: mi->mode = MPG123_M_JOINT; break; \
397@@ -1165,14 +1165,14 @@ static int init_track(mpg123_handle *mh)
398 case 3: mi->mode = MPG123_M_MONO; break; \
399 default: mi->mode = 0; /* Nothing good to do here. */ \
400 } \
401- mi->mode_ext = mh->mode_ext; \
402- mi->framesize = mh->framesize+4; /* Include header. */ \
403+ mi->mode_ext = mh->hdr.mode_ext; \
404+ mi->framesize = mh->hdr.framesize+4; /* Include header. */ \
405 mi->flags = 0; \
406- if(mh->error_protection) mi->flags |= MPG123_CRC; \
407- if(mh->copyright) mi->flags |= MPG123_COPYRIGHT; \
408- if(mh->extension) mi->flags |= MPG123_PRIVATE; \
409- if(mh->original) mi->flags |= MPG123_ORIGINAL; \
410- mi->emphasis = mh->emphasis; \
411+ if(mh->hdr.error_protection) mi->flags |= MPG123_CRC; \
412+ if(mh->hdr.copyright) mi->flags |= MPG123_COPYRIGHT; \
413+ if(mh->hdr.extension) mi->flags |= MPG123_PRIVATE; \
414+ if(mh->hdr.original) mi->flags |= MPG123_ORIGINAL; \
415+ mi->emphasis = mh->hdr.emphasis; \
416 mi->bitrate = frame_bitrate(mh); \
417 mi->abr_rate = mh->abr_rate; \
418 mi->vbr = mh->vbr; \
419diff --git a/src/libmpg123/parse.c b/src/libmpg123/parse.c
420index c2efd3dc..a026d6fb 100644
421--- a/src/libmpg123/parse.c
422+++ b/src/libmpg123/parse.c
423@@ -63,9 +63,10 @@ static const int tabsel_123[2][3][16] =
424
425 static const long freqs[9] = { 44100, 48000, 32000, 22050, 24000, 16000 , 11025 , 12000 , 8000 };
426
427-static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeformat_count);
428-static int skip_junk(mpg123_handle *fr, unsigned long *newheadp, long *headcount);
429-static int do_readahead(mpg123_handle *fr, unsigned long newhead);
430+static int decode_header(mpg123_handle *fr, struct frame_header *hdr, unsigned long newhead, int *freeformat_count);
431+static void apply_header(mpg123_handle *fr, struct frame_header *hdr);
432+static int skip_junk(mpg123_handle *fr, unsigned long *newheadp, long *headcount, struct frame_header *nhdr);
433+static int do_readahead(mpg123_handle *fr, struct frame_header *nhdr, unsigned long newhead);
434 static int wetwork(mpg123_handle *fr, unsigned long *newheadp);
435
436 /* These two are to be replaced by one function that gives all the frame parameters (for outsiders).*/
437@@ -73,12 +74,12 @@ static int wetwork(mpg123_handle *fr, unsigned long *newheadp);
438
439 int frame_bitrate(mpg123_handle *fr)
440 {
441- return tabsel_123[fr->lsf][fr->lay-1][fr->bitrate_index];
442+ return tabsel_123[fr->hdr.lsf][fr->hdr.lay-1][fr->hdr.bitrate_index];
443 }
444
445 long frame_freq(mpg123_handle *fr)
446 {
447- return freqs[fr->sampling_frequency];
448+ return freqs[fr->hdr.sampling_frequency];
449 }
450
451 /* compiler is smart enought to inline this one or should I really do it as macro...? */
452@@ -141,8 +142,8 @@ static int check_lame_tag(mpg123_handle *fr)
453 Mono 17 9
454 */
455 int lame_offset = (fr->stereo == 2)
456- ? (fr->lsf ? 17 : 32)
457- : (fr->lsf ? 9 : 17);
458+ ? (fr->hdr.lsf ? 17 : 32)
459+ : (fr->hdr.lsf ? 9 : 17);
460
461 if(fr->p.flags & MPG123_IGNORE_INFOFRAME) goto check_lame_tag_no;
462
463@@ -154,7 +155,7 @@ static int check_lame_tag(mpg123_handle *fr)
464 for the actual data, have to check if each byte of information is present.
465 But: 4 B Info/Xing + 4 B flags is bare minimum.
466 */
467- if(fr->framesize < lame_offset+8) goto check_lame_tag_no;
468+ if(fr->hdr.framesize < lame_offset+8) goto check_lame_tag_no;
469
470 /* only search for tag when all zero before it (apart from checksum) */
471 for(i=2; i < lame_offset; ++i) if(fr->bsbuf[i] != 0) goto check_lame_tag_no;
472@@ -190,7 +191,7 @@ static int check_lame_tag(mpg123_handle *fr)
473
474 /* From now on, I have to carefully check if the announced data is actually
475 there! I'm always returning 'yes', though. */
476- #define check_bytes_left(n) if(fr->framesize < lame_offset+n) \
477+ #define check_bytes_left(n) if(fr->hdr.framesize < lame_offset+n) \
478 goto check_lame_tag_yes
479 if(xing_flags & 1) /* total bitstream frames */
480 {
481@@ -443,10 +444,10 @@ static int head_compatible(unsigned long fred, unsigned long bret)
482 static void halfspeed_prepare(mpg123_handle *fr)
483 {
484 /* save for repetition */
485- if(fr->p.halfspeed && fr->lay == 3)
486+ if(fr->p.halfspeed && fr->hdr.lay == 3)
487 {
488 debug("halfspeed - reusing old bsbuf ");
489- memcpy (fr->ssave, fr->bsbuf, fr->ssize);
490+ memcpy (fr->ssave, fr->bsbuf, fr->hdr.ssize);
491 }
492 }
493
494@@ -462,8 +463,8 @@ static int halfspeed_do(mpg123_handle *fr)
495 fr->to_decode = fr->to_ignore = TRUE;
496 --fr->halfphase;
497 set_pointer(fr, 0, 0);
498- if(fr->lay == 3) memcpy (fr->bsbuf, fr->ssave, fr->ssize);
499- if(fr->error_protection) fr->crc = getbits(fr, 16); /* skip crc */
500+ if(fr->hdr.lay == 3) memcpy (fr->bsbuf, fr->ssave, fr->hdr.ssize);
501+ if(fr->hdr.error_protection) fr->crc = getbits(fr, 16); /* skip crc */
502 return 1;
503 }
504 else
505@@ -496,10 +497,11 @@ int read_frame(mpg123_handle *fr)
506 /* TODO: rework this thing */
507 int freeformat_count = 0;
508 unsigned long newhead;
509+ /* Start with current frame header state as copy for roll-back ability. */
510+ struct frame_header nhdr = fr->hdr;
511 off_t framepos;
512 int ret;
513 /* stuff that needs resetting if complete frame reading fails */
514- int oldsize = fr->framesize;
515 int oldphase = fr->halfphase;
516
517 /* The counter for the search-first-header loop.
518@@ -507,11 +509,12 @@ int read_frame(mpg123_handle *fr)
519 when repeatedly headers are found that do not have valid followup headers. */
520 long headcount = 0;
521
522- fr->fsizeold=fr->framesize; /* for Layer3 */
523+ fr->fsizeold=fr->hdr.framesize; /* for Layer3 */
524
525 if(halfspeed_do(fr) == 1) return 1;
526
527 /* From now on, old frame data is tainted by parsing attempts. */
528+ // Handling premature effects of decode_header now, more decoupling would be welcome.
529 fr->to_decode = fr->to_ignore = FALSE;
530
531 if( fr->p.flags & MPG123_NO_FRANKENSTEIN &&
532@@ -540,13 +543,13 @@ init_resync:
533 #ifdef SKIP_JUNK
534 if(!fr->firsthead && !head_check(newhead))
535 {
536- ret = skip_junk(fr, &newhead, &headcount);
537+ ret = skip_junk(fr, &newhead, &headcount, &nhdr);
538 JUMP_CONCLUSION(ret);
539 }
540 #endif
541
542 ret = head_check(newhead);
543- if(ret) ret = decode_header(fr, newhead, &freeformat_count);
544+ if(ret) ret = decode_header(fr, &nhdr, newhead, &freeformat_count);
545
546 JUMP_CONCLUSION(ret); /* That only continues for ret == PARSE_BAD or PARSE_GOOD. */
547 if(ret == PARSE_BAD)
548@@ -561,7 +564,7 @@ init_resync:
549 {
550 ret = fr->p.flags & MPG123_NO_READAHEAD
551 ? PARSE_GOOD
552- : do_readahead(fr, newhead);
553+ : do_readahead(fr, &nhdr, newhead);
554 /* readahead can fail mit NEED_MORE, in which case we must also make the just read header available again for next go */
555 if(ret < 0) fr->rd->back_bytes(fr, 4);
556 JUMP_CONCLUSION(ret);
557@@ -585,8 +588,8 @@ init_resync:
558 {
559 unsigned char *newbuf = fr->bsspace[fr->bsnum]+512;
560 /* read main data into memory */
561- debug2("read frame body of %i at %"OFF_P, fr->framesize, framepos+4);
562- if((ret=fr->rd->read_frame_body(fr,newbuf,fr->framesize))<0)
563+ debug2("read frame body of %i at %"PRIi64, nhdr.framesize, framepos+4);
564+ if((ret=fr->rd->read_frame_body(fr,newbuf,nhdr.framesize))<0)
565 {
566 /* if failed: flip back */
567 debug1("%s", ret == MPG123_NEED_MORE ? "need more" : "read error");
568@@ -597,6 +600,10 @@ init_resync:
569 }
570 fr->bsnum = (fr->bsnum + 1) & 1;
571
572+ // We read the frame body, time to apply the matching header.
573+ // Even if erroring out later, the header state needs to match the body.
574+ apply_header(fr, &nhdr);
575+
576 if(!fr->firsthead)
577 {
578 fr->firsthead = newhead; /* _now_ it's time to store it... the first real header */
579@@ -608,7 +615,7 @@ init_resync:
580 fr->audio_start = framepos;
581 /* Only check for LAME tag at beginning of whole stream
582 ... when there indeed is one in between, it's the user's problem. */
583- if(fr->lay == 3 && check_lame_tag(fr) == 1)
584+ if(fr->hdr.lay == 3 && check_lame_tag(fr) == 1)
585 { /* ...in practice, Xing/LAME tags are layer 3 only. */
586 if(fr->rd->forget != NULL) fr->rd->forget(fr);
587
588@@ -624,6 +631,8 @@ init_resync:
589
590 set_pointer(fr, 0, 0);
591
592+ // No use of nhdr from here on. It is fr->hdr now!
593+
594 /* Question: How bad does the floating point value get with repeated recomputation?
595 Also, considering that we can play the file or parts of many times. */
596 if(++fr->mean_frames != 0)
597@@ -632,7 +641,7 @@ init_resync:
598 }
599 ++fr->num; /* 0 for first frame! */
600 debug4("Frame %"OFF_P" %08lx %i, next filepos=%"OFF_P,
601- (off_p)fr->num, newhead, fr->framesize, (off_p)fr->rd->tell(fr));
602+ (off_p)fr->num, newhead, fr->hdr.framesize, (off_p)fr->rd->tell(fr));
603 if(!(fr->state_flags & FRAME_FRANKENSTEIN) && (
604 (fr->track_frames > 0 && fr->num >= fr->track_frames)
605 #ifdef GAPLESS
606@@ -664,7 +673,7 @@ init_resync:
607 if(fr->rd->forget != NULL) fr->rd->forget(fr);
608
609 fr->to_decode = fr->to_ignore = TRUE;
610- if(fr->error_protection) fr->crc = getbits(fr, 16); /* skip crc */
611+ if(fr->hdr.error_protection) fr->crc = getbits(fr, 16); /* skip crc */
612
613 /*
614 Let's check for header change after deciding that the new one is good
615@@ -711,7 +720,6 @@ read_frame_bad:
616
617 fr->silent_resync = 0;
618 if(fr->err == MPG123_OK) fr->err = MPG123_ERR_READER;
619- fr->framesize = oldsize;
620 fr->halfphase = oldphase;
621 /* That return code might be inherited from some feeder action, or reader error. */
622 return ret;
623@@ -725,9 +733,9 @@ read_frame_bad:
624 * <0: error codes, possibly from feeder buffer (NEED_MORE)
625 * PARSE_BAD: cannot get the framesize for some reason and shall silentry try the next possible header (if this is no free format stream after all...)
626 */
627-static int guess_freeformat_framesize(mpg123_handle *fr, unsigned long oldhead)
628+static int guess_freeformat_framesize(mpg123_handle *fr, unsigned long oldhead, int *framesize)
629 {
630- long i;
631+ int i;
632 int ret;
633 unsigned long head;
634 if(!(fr->rdat.flags & (READER_SEEKABLE|READER_BUFFERED)))
635@@ -748,7 +756,7 @@ static int guess_freeformat_framesize(mpg123_handle *fr, unsigned long oldhead)
636 if((head & HDR_SAMEMASK) == (oldhead & HDR_SAMEMASK))
637 {
638 fr->rd->back_bytes(fr,i+1);
639- fr->framesize = i-3;
640+ *framesize = i-3;
641 return PARSE_GOOD; /* Success! */
642 }
643 }
644@@ -765,8 +773,13 @@ static int guess_freeformat_framesize(mpg123_handle *fr, unsigned long oldhead)
645 * 0: no valid header
646 * <0: some error
647 * You are required to do a head_check() before calling!
648+ *
649+ * This now only operates on a frame header struct, not the full frame structure.
650+ * The scope is limited to parsing header information and determining the size of
651+ * the frame body to read. Everything else belongs into a later stage of applying
652+ * header information to the main decoder frame structure.
653 */
654-static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeformat_count)
655+static int decode_header(mpg123_handle *fr, struct frame_header *fh, unsigned long newhead, int *freeformat_count)
656 {
657 #ifdef DEBUG /* Do not waste cycles checking the header twice all the time. */
658 if(!head_check(newhead))
659@@ -777,43 +790,42 @@ static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeforma
660 /* For some reason, the layer and sampling freq settings used to be wrapped
661 in a weird conditional including MPG123_NO_RESYNC. What was I thinking?
662 This information has to be consistent. */
663- fr->lay = 4 - HDR_LAYER_VAL(newhead);
664+ fh->lay = 4 - HDR_LAYER_VAL(newhead);
665
666 if(HDR_VERSION_VAL(newhead) & 0x2)
667 {
668- fr->lsf = (HDR_VERSION_VAL(newhead) & 0x1) ? 0 : 1;
669- fr->mpeg25 = 0;
670- fr->sampling_frequency = HDR_SAMPLERATE_VAL(newhead) + (fr->lsf*3);
671+ fh->lsf = (HDR_VERSION_VAL(newhead) & 0x1) ? 0 : 1;
672+ fh->mpeg25 = 0;
673+ fh->sampling_frequency = HDR_SAMPLERATE_VAL(newhead) + (fh->lsf*3);
674 }
675 else
676 {
677- fr->lsf = 1;
678- fr->mpeg25 = 1;
679- fr->sampling_frequency = 6 + HDR_SAMPLERATE_VAL(newhead);
680+ fh->lsf = 1;
681+ fh->mpeg25 = 1;
682+ fh->sampling_frequency = 6 + HDR_SAMPLERATE_VAL(newhead);
683 }
684
685 #ifdef DEBUG
686 /* seen a file where this varies (old lame tag without crc, track with crc) */
687- if((HDR_CRC_VAL(newhead)^0x1) != fr->error_protection) debug("changed crc bit!");
688+ if((HDR_CRC_VAL(newhead)^0x1) != fh->error_protection) debug("changed crc bit!");
689 #endif
690- fr->error_protection = HDR_CRC_VAL(newhead)^0x1;
691- fr->bitrate_index = HDR_BITRATE_VAL(newhead);
692- fr->padding = HDR_PADDING_VAL(newhead);
693- fr->extension = HDR_PRIVATE_VAL(newhead);
694- fr->mode = HDR_CHANNEL_VAL(newhead);
695- fr->mode_ext = HDR_CHANEX_VAL(newhead);
696- fr->copyright = HDR_COPYRIGHT_VAL(newhead);
697- fr->original = HDR_ORIGINAL_VAL(newhead);
698- fr->emphasis = HDR_EMPHASIS_VAL(newhead);
699- fr->freeformat = !(newhead & HDR_BITRATE);
700-
701- fr->stereo = (fr->mode == MPG_MD_MONO) ? 1 : 2;
702+ fh->error_protection = HDR_CRC_VAL(newhead)^0x1;
703+ fh->bitrate_index = HDR_BITRATE_VAL(newhead);
704+ fh->padding = HDR_PADDING_VAL(newhead);
705+ fh->extension = HDR_PRIVATE_VAL(newhead);
706+ fh->mode = HDR_CHANNEL_VAL(newhead);
707+ fh->mode_ext = HDR_CHANEX_VAL(newhead);
708+ fh->copyright = HDR_COPYRIGHT_VAL(newhead);
709+ fh->original = HDR_ORIGINAL_VAL(newhead);
710+ fh->emphasis = HDR_EMPHASIS_VAL(newhead);
711+ fh->freeformat = !(newhead & HDR_BITRATE);
712+
713
714 /* we can't use tabsel_123 for freeformat, so trying to guess framesize... */
715- if(fr->freeformat)
716+ if(fh->freeformat)
717 {
718 /* when we first encounter the frame with freeformat, guess framesize */
719- if(fr->freeformat_framesize < 0)
720+ if(fh->freeformat_framesize < 0)
721 {
722 int ret;
723 if(fr->p.flags & MPG123_NO_READAHEAD)
724@@ -828,12 +840,12 @@ static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeforma
725 if(VERBOSE3) error("You fooled me too often. Refusing to guess free format frame size _again_.");
726 return PARSE_BAD;
727 }
728- ret = guess_freeformat_framesize(fr, newhead);
729+ ret = guess_freeformat_framesize(fr, newhead, &(fh->framesize));
730 if(ret == PARSE_GOOD)
731 {
732- fr->freeformat_framesize = fr->framesize - fr->padding;
733+ fh->freeformat_framesize = fh->framesize - fh->padding;
734 if(VERBOSE2)
735- fprintf(stderr, "Note: free format frame size %li\n", fr->freeformat_framesize);
736+ fprintf(stderr, "Note: free format frame size %i\n", fh->freeformat_framesize);
737 }
738 else
739 {
740@@ -848,81 +860,110 @@ static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeforma
741 /* freeformat should be CBR, so the same framesize can be used at the 2nd reading or later */
742 else
743 {
744- fr->framesize = fr->freeformat_framesize + fr->padding;
745+ fh->framesize = fh->freeformat_framesize + fh->padding;
746 }
747 }
748
749- switch(fr->lay)
750+ switch(fh->lay)
751 {
752 #ifndef NO_LAYER1
753 case 1:
754- fr->spf = 384;
755- fr->do_layer = do_layer1;
756- if(!fr->freeformat)
757+ if(!fh->freeformat)
758 {
759- long fs = (long) tabsel_123[fr->lsf][0][fr->bitrate_index] * 12000;
760- fs /= freqs[fr->sampling_frequency];
761- fs = ((fs+fr->padding)<<2)-4;
762- fr->framesize = (int)fs;
763+ long fs = (long) tabsel_123[fh->lsf][0][fh->bitrate_index] * 12000;
764+ fs /= freqs[fh->sampling_frequency];
765+ fs = ((fs+fh->padding)<<2)-4;
766+ fh->framesize = (int)fs;
767 }
768 break;
769 #endif
770 #ifndef NO_LAYER2
771 case 2:
772- fr->spf = 1152;
773- fr->do_layer = do_layer2;
774- if(!fr->freeformat)
775+ if(!fh->freeformat)
776 {
777- debug2("bitrate index: %i (%i)", fr->bitrate_index, tabsel_123[fr->lsf][1][fr->bitrate_index] );
778- long fs = (long) tabsel_123[fr->lsf][1][fr->bitrate_index] * 144000;
779- fs /= freqs[fr->sampling_frequency];
780- fs += fr->padding - 4;
781- fr->framesize = (int)fs;
782+ debug2("bitrate index: %i (%i)", fh->bitrate_index, tabsel_123[fh->lsf][1][fh->bitrate_index] );
783+ long fs = (long) tabsel_123[fh->lsf][1][fh->bitrate_index] * 144000;
784+ fs /= freqs[fh->sampling_frequency];
785+ fs += fh->padding - 4;
786+ fh->framesize = (int)fs;
787 }
788 break;
789 #endif
790 #ifndef NO_LAYER3
791 case 3:
792- fr->spf = fr->lsf ? 576 : 1152; /* MPEG 2.5 implies LSF.*/
793- fr->do_layer = do_layer3;
794- if(fr->lsf)
795- fr->ssize = (fr->stereo == 1) ? 9 : 17;
796+ if(fh->lsf)
797+ fh->ssize = (fh->mode == MPG_MD_MONO) ? 9 : 17;
798 else
799- fr->ssize = (fr->stereo == 1) ? 17 : 32;
800+ fh->ssize = (fh->mode == MPG_MD_MONO) ? 17 : 32;
801
802- if(fr->error_protection)
803- fr->ssize += 2;
804+ if(fh->error_protection)
805+ fh->ssize += 2;
806
807- if(!fr->freeformat)
808+ if(!fh->freeformat)
809 {
810- long fs = (long) tabsel_123[fr->lsf][2][fr->bitrate_index] * 144000;
811- fs /= freqs[fr->sampling_frequency]<<(fr->lsf);
812- fs += fr->padding - 4;
813- fr->framesize = fs;
814+ long fs = (long) tabsel_123[fh->lsf][2][fh->bitrate_index] * 144000;
815+ fs /= freqs[fh->sampling_frequency]<<(fh->lsf);
816+ fs += fh->padding - 4;
817+ fh->framesize = fs;
818 }
819- if(fr->framesize < fr->ssize)
820+ if(fh->framesize < fh->ssize)
821 {
822 if(NOQUIET)
823 error2( "Frame smaller than mandatory side info (%i < %i)!"
824- , fr->framesize, fr->ssize );
825+ , fh->framesize, fh->ssize );
826 return PARSE_BAD;
827 }
828 break;
829 #endif
830 default:
831- if(NOQUIET) error1("Layer type %i not supported in this build!", fr->lay);
832+ if(NOQUIET) error1("Layer type %i not supported in this build!", fh->lay);
833
834 return PARSE_BAD;
835 }
836- if (fr->framesize > MAXFRAMESIZE)
837+ if (fh->framesize > MAXFRAMESIZE)
838 {
839- if(NOQUIET) error1("Frame size too big: %d", fr->framesize+4-fr->padding);
840+ if(NOQUIET) error1("Frame size too big: %d", fh->framesize+4-fh->padding);
841
842 return PARSE_BAD;
843 }
844 return PARSE_GOOD;
845 }
846
847+// Apply decoded header structure to frame struct, including
848+// main decoder function pointer.
849+static void apply_header(mpg123_handle *fr, struct frame_header *hdr)
850+{
851+ // copy the whole struct, do some postprocessing
852+ fr->hdr = *hdr;
853+ fr->stereo = (fr->hdr.mode == MPG_MD_MONO) ? 1 : 2;
854+ switch(fr->hdr.lay)
855+ {
856+#ifndef NO_LAYER1
857+ case 1:
858+ fr->spf = 384;
859+ fr->do_layer = INT123_do_layer1;
860+ break;
861+#endif
862+#ifndef NO_LAYER2
863+ case 2:
864+ fr->spf = 1152;
865+ fr->do_layer = INT123_do_layer2;
866+ break;
867+#endif
868+#ifndef NO_LAYER3
869+ case 3:
870+ fr->spf = fr->hdr.lsf ? 576 : 1152; /* MPEG 2.5 implies LSF.*/
871+ fr->do_layer = INT123_do_layer3;
872+#endif
873+ break;
874+ default:
875+ // No error checking/message here, been done in decode_header().
876+ fr->spf = 0;
877+ fr->do_layer = NULL;
878+ }
879+}
880+
881+
882 /* Prepare for bit reading. Two stages:
883 0. Layers 1 and 2, side info for layer 3
884 1. Second call for possible bit reservoir for layer 3 part 2,3.
885@@ -934,26 +975,26 @@ static int decode_header(mpg123_handle *fr,unsigned long newhead, int *freeforma
886 void set_pointer(mpg123_handle *fr, int part2, long backstep)
887 {
888 fr->bitindex = 0;
889- if(fr->lay == 3)
890+ if(fr->hdr.lay == 3)
891 {
892 if(part2)
893 {
894- fr->wordpointer = fr->bsbuf + fr->ssize - backstep;
895+ fr->wordpointer = fr->bsbuf + fr->hdr.ssize - backstep;
896 if(backstep)
897 memcpy( fr->wordpointer, fr->bsbufold+fr->fsizeold-backstep
898 , backstep );
899- fr->bits_avail = (long)(fr->framesize - fr->ssize + backstep)*8;
900+ fr->bits_avail = (long)(fr->hdr.framesize - fr->hdr.ssize + backstep)*8;
901 }
902 else
903 {
904 fr->wordpointer = fr->bsbuf;
905- fr->bits_avail = fr->ssize*8;
906+ fr->bits_avail = fr->hdr.ssize*8;
907 }
908 }
909 else
910 {
911 fr->wordpointer = fr->bsbuf;
912- fr->bits_avail = fr->framesize*8;
913+ fr->bits_avail = fr->hdr.framesize*8;
914 }
915 }
916
917@@ -961,7 +1002,7 @@ void set_pointer(mpg123_handle *fr, int part2, long backstep)
918
919 double compute_bpf(mpg123_handle *fr)
920 {
921- return (fr->framesize > 0) ? fr->framesize + 4.0 : 1.0;
922+ return (fr->hdr.framesize > 0) ? fr->hdr.framesize + 4.0 : 1.0;
923 }
924
925 int attribute_align_arg mpg123_spf(mpg123_handle *mh)
926@@ -977,8 +1018,8 @@ double attribute_align_arg mpg123_tpf(mpg123_handle *fr)
927 double tpf;
928 if(fr == NULL || !fr->firsthead) return MPG123_ERR;
929
930- tpf = (double) bs[fr->lay];
931- tpf /= freqs[fr->sampling_frequency] << (fr->lsf);
932+ tpf = (double) bs[fr->hdr.lay];
933+ tpf /= freqs[fr->hdr.sampling_frequency] << (fr->hdr.lsf);
934 return tpf;
935 }
936
937@@ -1062,7 +1103,7 @@ int get_songlen(mpg123_handle *fr,int no)
938 }
939
940 /* first attempt of read ahead check to find the real first header; cannot believe what junk is out there! */
941-static int do_readahead(mpg123_handle *fr, unsigned long newhead)
942+static int do_readahead(mpg123_handle *fr, struct frame_header *nhdr, unsigned long newhead)
943 {
944 unsigned long nexthead = 0;
945 int hd = 0;
946@@ -1074,9 +1115,9 @@ static int do_readahead(mpg123_handle *fr, unsigned long newhead)
947
948 start = fr->rd->tell(fr);
949
950- debug2("doing ahead check with BPF %d at %"OFF_P, fr->framesize+4, (off_p)start);
951+ debug2("doing ahead check with BPF %d at %"OFF_P, nhdr->framesize+4, (off_p)start);
952 /* step framesize bytes forward and read next possible header*/
953- if((oret=fr->rd->skip_bytes(fr, fr->framesize))<0)
954+ if((oret=fr->rd->skip_bytes(fr, nhdr->framesize))<0)
955 {
956 if(oret==READER_ERROR && NOQUIET) error("cannot seek!");
957
958@@ -1211,7 +1252,7 @@ static int forget_head_shift(mpg123_handle *fr, unsigned long *newheadp, int for
959 }
960
961 /* watch out for junk/tags on beginning of stream by invalid header */
962-static int skip_junk(mpg123_handle *fr, unsigned long *newheadp, long *headcount)
963+static int skip_junk(mpg123_handle *fr, unsigned long *newheadp, long *headcount, struct frame_header *nhdr)
964 {
965 int ret;
966 int freeformat_count = 0;
967@@ -1267,7 +1308,7 @@ static int skip_junk(mpg123_handle *fr, unsigned long *newheadp, long *headcount
968 if(++forgetcount > FORGET_INTERVAL) forgetcount = 0;
969 if((ret=forget_head_shift(fr, &newhead, !forgetcount))<=0) return ret;
970
971- if(head_check(newhead) && (ret=decode_header(fr, newhead, &freeformat_count))) break;
972+ if(head_check(newhead) && (ret=decode_header(fr, nhdr, newhead, &freeformat_count))) break;
973 } while(1);
974 if(ret<0) return ret;
975
976--
9772.43.0
978
diff --git a/meta/recipes-multimedia/mpg123/mpg123_1.29.3.bb b/meta/recipes-multimedia/mpg123/mpg123_1.29.3.bb
index 0baa7aa4a1..62c6564cec 100644
--- a/meta/recipes-multimedia/mpg123/mpg123_1.29.3.bb
+++ b/meta/recipes-multimedia/mpg123/mpg123_1.29.3.bb
@@ -9,7 +9,9 @@ SECTION = "multimedia"
9LICENSE = "LGPL-2.1-only" 9LICENSE = "LGPL-2.1-only"
10LIC_FILES_CHKSUM = "file://COPYING;md5=e7b9c15fcfb986abb4cc5e8400a24169" 10LIC_FILES_CHKSUM = "file://COPYING;md5=e7b9c15fcfb986abb4cc5e8400a24169"
11 11
12SRC_URI = "https://www.mpg123.de/download/${BP}.tar.bz2" 12SRC_URI = "https://www.mpg123.de/download/${BP}.tar.bz2 \
13 file://CVE-2024-10573.patch \
14 "
13SRC_URI[sha256sum] = "963885d8cc77262f28b77187c7d189e32195e64244de2530b798ddf32183e847" 15SRC_URI[sha256sum] = "963885d8cc77262f28b77187c7d189e32195e64244de2530b798ddf32183e847"
14 16
15UPSTREAM_CHECK_REGEX = "mpg123-(?P<pver>\d+(\.\d+)+)\.tar" 17UPSTREAM_CHECK_REGEX = "mpg123-(?P<pver>\d+(\.\d+)+)\.tar"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-04 23:45:14 +0000