From 8fb3472db04ab352104ab1448f18272bcd650ea0 Mon Sep 17 00:00:00 2001 From: "minje.ahn" Date: Tue, 16 Aug 2022 08:31:26 +0900 Subject: [PATCH] Fix heap-use-after-free bug Auto-delete is set for lists in taglib. Therefore, there is no need to free the elements to be excluded. Change-Id: Ibfe04068e7396dcdba9da01512627473ab52bac0 Signed-off-by: minje.ahn --- packaging/capi-media-metadata-editor.spec | 2 +- src/metadata_editor.cpp | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/packaging/capi-media-metadata-editor.spec b/packaging/capi-media-metadata-editor.spec index 7443aae..4f59ed2 100755 --- a/packaging/capi-media-metadata-editor.spec +++ b/packaging/capi-media-metadata-editor.spec @@ -1,6 +1,6 @@ Name: capi-media-metadata-editor Summary: A metadata editor library in Tizen Native API -Version: 0.2.7 +Version: 0.2.8 Release: 0 Group: Multimedia/API License: Apache-2.0 diff --git a/src/metadata_editor.cpp b/src/metadata_editor.cpp index c950c3d..17d7c17 100755 --- a/src/metadata_editor.cpp +++ b/src/metadata_editor.cpp @@ -177,7 +177,8 @@ static int __remove_ogg_picture(Ogg::XiphComment *xtag, int index) ME_RETV_IF(!__is_valid_index(xtag->pictureList(), index), METADATA_EDITOR_ERROR_INVALID_PARAMETER); auto it = std::next(xtag->pictureList().begin(), index); - xtag->removePicture(*it, true); + /* No need to set it to 'true'. taglib sets auto-delete. */ + xtag->removePicture(*it, false); return METADATA_EDITOR_ERROR_NONE; } @@ -288,7 +289,8 @@ public: auto lst = __file->pictureList(); ME_RETV_IF(!__is_valid_index(lst, index), METADATA_EDITOR_ERROR_INVALID_PARAMETER); - __file->removePicture(lst[index], true); + /* No need to set it to 'true'. taglib sets auto-delete. */ + __file->removePicture(lst[index], false); return METADATA_EDITOR_ERROR_NONE; } -- 2.34.1