File tracker-miners-CVE-2026-1765.patch of Package tracker-miners

diff -urp tracker-miners-3.6.2.orig/src/tracker-extract/tracker-extract-mp3.c tracker-miners-3.6.2/src/tracker-extract/tracker-extract-mp3.c
--- tracker-miners-3.6.2.orig/src/tracker-extract/tracker-extract-mp3.c	2026-02-05 14:34:50.424699841 -0600
+++ tracker-miners-3.6.2/src/tracker-extract/tracker-extract-mp3.c	2026-02-05 14:37:37.676409662 -0600
@@ -1486,8 +1486,12 @@ extract_txxx_tags (id3v2tag *tag, const
 	text_desc     = &data[pos + 4]; /* <text string according to encoding> $00 (00) */
 	text_desc_len = id3v2_strlen (text_encode, text_desc, csize - 4);
 
-	offset        = 4 + text_desc_len + id3v2_nul_size (text_encode);
-	text          = &data[pos + offset]; /* <full text string according to encoding> */
+	offset = 4 + text_desc_len + id3v2_nul_size (text_encode);
+
+	if (pos + offset >= csize)
+		return;
+
+	text = &data[pos + offset]; /* <full text string according to encoding> */
 
 	if (version == 2.3f) {
 		description = id3v2_text_to_utf8 (data[pos], &data[pos + 1], csize - 1, info);

Places

File tracker-miners-CVE-2026-1765.patch of Package tracker-miners

Places