Rollback removePicture in ogg

Change-Id: I29a04e6eca68b02bb038014199e41f500e826e1b
Signed-off-by: minje.ahn <minje.ahn@samsung.com>

diff --git a/src/metadata_editor.cpp b/src/metadata_editor.cpp
index 17d7c17..79107b2 100755 (executable)
--- a/src/metadata_editor.cpp
+++ b/src/metadata_editor.cpp
@@ -176,7 +176,14 @@ static int __remove_ogg_picture(Ogg::XiphComment *xtag, int index)
        ME_RETVM_IF(!xtag, METADATA_EDITOR_ERROR_INVALID_PARAMETER, "Invalid XiphComment");
        ME_RETV_IF(!__is_valid_index(xtag->pictureList(), index), METADATA_EDITOR_ERROR_INVALID_PARAMETER);
 
-       auto it = std::next(xtag->pictureList().begin(), index);
+       /* xiphComment::removePicture works abnormally. Do not modify this fuction.
+               - Use xtag->pictureList()[index] : crashed
+               - Use copied xtag->pictureList()[index] : crashed
+               - Use iterator with std::next() : heap-use-after-free occured
+       */
+       List<FLAC::Picture *>::Iterator it = xtag->pictureList().begin();
+       std::advance(it, index);
+
        /* No need to set it to 'true'. taglib sets auto-delete. */
        xtag->removePicture(*it, false);