github-mirrors/librespot
1
0
Fork 0
mirror of https://github.com/librespot-org/librespot.git synced 2024-12-18 17:11:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #766 from Johannesd3/fix-integer-overflow

Browse source 
Fix integer overflow in spotify_id
This commit is contained in:
Johannesd3 2021-05-28 09:33:00 +02:00 committed by GitHub
commit d1cdc9e236
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
core/src/spotify_id.rs
View file

@ -116,22 +116,25 @@ impl SpotifyId {
/// ///
/// [Spotify URI]: https://developer.spotify.com/documentation/web-api/#spotify-uris-and-ids /// [Spotify URI]: https://developer.spotify.com/documentation/web-api/#spotify-uris-and-ids
pub fn from_uri(src: &str) -> Result<SpotifyId, SpotifyIdError> { pub fn from_uri(src: &str) -> Result<SpotifyId, SpotifyIdError> {
// We expect the ID to be the last colon-delimited item in the URI. let src = src.strip_prefix("spotify:").ok_or(SpotifyIdError)?;
let b = src.as_bytes();
let id_i = b.len() - SpotifyId::SIZE_BASE62; if src.len() <= SpotifyId::SIZE_BASE62 {
if b[id_i - 1] != b':' {
return Err(SpotifyIdError); return Err(SpotifyIdError);
} }
let mut id = SpotifyId::from_base62(&src[id_i..])?; let colon_index = src.len() - SpotifyId::SIZE_BASE62 - 1;
// Slice offset by 8 as we are skipping the "spotify:" prefix. if src.as_bytes()[colon_index] != b':' {
id.audio_type = src[8..id_i - 1].into(); return Err(SpotifyIdError);
}
let mut id = SpotifyId::from_base62(&src[colon_index + 1..])?;
id.audio_type = src[..colon_index].into();
Ok(id) Ok(id)
} }
/// Returns the `SpotifyId` as a base16 (hex) encoded, `SpotifyId::SIZE_BASE62` (22) /// Returns the `SpotifyId` as a base16 (hex) encoded, `SpotifyId::SIZE_BASE16` (32)
/// character long `String`. /// character long `String`.
pub fn to_base16(&self) -> String { pub fn to_base16(&self) -> String {
to_base16(&self.to_raw(), &mut [0u8; SpotifyId::SIZE_BASE16]) to_base16(&self.to_raw(), &mut [0u8; SpotifyId::SIZE_BASE16])
@ -305,7 +308,7 @@ mod tests {
}, },
]; ];
static CONV_INVALID: [ConversionCase; 2] = [ static CONV_INVALID: [ConversionCase; 3] = [
ConversionCase { ConversionCase {
id: 0, id: 0,
kind: SpotifyAudioType::NonPlayable, kind: SpotifyAudioType::NonPlayable,
@ -330,6 +333,18 @@ mod tests {
154, 27, 28, 251, 154, 27, 28, 251,
], ],
}, },
ConversionCase {
id: 0,
kind: SpotifyAudioType::NonPlayable,
// Uri too short
uri: "spotify:azb:aRS48xBl0tH",
base16: "--------------------",
base62: "....................",
raw: &[
// Invalid length.
154, 27, 28, 251,
],
},
]; ];
#[test] #[test]