flac: fix processing of STREAMINFO metadata blocks starting with fLaC
If the data of the STREAMINFO metadata block begins with "fLaC", it should be interpreted as data instead of simply skipping 8 bytes.
The example file contains a STREAMINFO metadata block whose first 4 bytes are "fLaC". As a result, 8 bytes of the STREAMINFO metadata block are skipped in /modules/packetizer/flac.c:ProcessHeader, which leads to a failing assertion in /modules/demux/flac.c:GetPacketizedBlock. Note: Contrary to the flac standard, the example file contains the STREAMINFO metadata block in second position and a VORBIS_COMMENT metadata block before it. Files that do not contain the STREAMINFO metadata block in the first position can currently be processed.
Click to expand to see logs
\[000059a75ae22a50\] main libvlc debug: VLC media player - 4.0.0-dev Otto Chriek\[000059a75ae22a50\] main libvlc debug: Copyright © 1996-2024 the VideoLAN team[000059a75ae22a50] main libvlc debug: revision 4.0.0-dev-27440-g 306505b7
[000059a75ae22a50] main libvlc debug: configured with ./configure '--disable-lua' '--disable-libplacebo' '--disable-qt' '--disable-xcb' 'CFLAGS=-DFUZZING_BUILD_UNSAFE_FOR_PRODUCTION -O0 -g3' 'CXXFLAGS=-DFUZZING_BUILD_UNSAFE_FOR_PRODUCTION -O0 -g3'[000059a75ae22a50] main libvlc debug: searching plug-in modules[000059a75ae22a50] main libvlc debug: loading plugins cache file ~vlc/modules/plugins/plugins.dat[000059a75ae22a50] main libvlc warning: cannot read ~vlc/modules/plugins/plugins.dat: No such file or directory[000059a75ae22a50] main libvlc debug: recursively browsing `~vlc/modules/plugins'[000059a75ae22a50] main libvlc debug: loading plugins cache file ~vlc/modules/plugins.dat[000059a75ae22a50] main libvlc debug: recursively browsing `~vlc/modules'[000059a75ae22a50] main libvlc debug: plug-ins loaded: 556 modules[000059a75ae22a50] main libvlc debug: opening config file (~/.config/vlc/vlcrc)[00007fffcba6a448] main generic debug: looking for logger module matching "any": 4 candidates[00007fffcba6a448] main generic debug: using logger module "console"[00007fffcba6a478] main generic debug: looking for tracer module matching "none": 0 candidates[00007fffcba6a478] main generic debug: no tracer modules matched with name none[000059a75ae22a50] main libvlc debug: translation test: code is "C"[00007fffcba6a408] main generic debug: looking for keystore module matching "memory": 1 candidates[00007fffcba6a408] main generic debug: using keystore module "memory"[000059a75ae22a50] main libvlc debug: CPU has capabilities SSE2 SSE3 SSSE3 SSE4.1 AVX AVX2 FPU [00007fffcba6a438] main generic debug: looking for medialibrary module matching "any": 0 candidates[00007fffcba6a438] main generic debug: no medialibrary modules matched with name any[000059a75ae22a50] main libvlc warning: Media library initialization failed[000059a75aeb84b0] main player debug: creating audio output[00007fffcba6a138] main generic debug: looking for audio output module matching "any": 4 candidates[000059a75aebc120] vlcpulse audio output debug: using library version 17.0.0[000059a75aebc120] vlcpulse audio output debug: (compiled with version 17.0.0, protocol 35)
[000059a75aebc120] vlcpulse audio output debug: connected locally to /run/user/1000/pulse/native as client #2693 (closed)
[000059a75aebc120] vlcpulse audio output debug: using protocol 35, server protocol 35[000059a75aebc120] pulse audio output debug: server PulseAudio (on PipeWire 1.0.1) version 15.0.0 on jonas@ArchLaptop[000059a75aebc120] pulse audio output debug: adding sink 53: alsa_output.pci-0000_00_1f.3.analog-stereo (Built-in Audio Analog Stereo)[00007fffcba6a138] main generic debug: using audio output module "pulse"[000059a75aeb84b0] main player debug: keeping audio output[00007fffcba6a308] main generic debug: looking for interface module matching "dbus,none": 1 candidates[000059a75aed1040] dbus interface debug: listening on dbus as: org.mpris.MediaPlayer2.vlc[00007fffcba6a308] main generic debug: using interface module "dbus"[000077109c000ba0] main input debug: Creating an input for preparsing 'id:000000,sig:06,src:003422,time:3303751201,execs:6857827263,op:ext_AO,pos:188'[00007fffcba6a458] main generic debug: looking for interface module matching "hotkeys": 1 candidates[00007fffcba6a458] main generic debug: using interface module "hotkeys"[000059a75ae22a50] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface.[00007fffcba6a4c8] main generic debug: looking for interface module matching "any": 2 candidatesRemote control interface initialized. Type `help' for help.[00007fffcba6a4c8] main generic debug: using interface module "cli"[000059a75aef77e0] main input debug: Creating an input for 'id:000000,sig:06,src:003422,time:3303751201,execs:6857827263,op:ext_AO,pos:188'
status change: ( new input: file://....id%3A000000%2Csig%3A06%2Csrc%3A003422%2Ctime%3A3303751201%2Cexecs%3A6857827263%2Cop%3Aext_AO%2Cpos%3A188 )
status change: ( state: 1 )[000059a75aef77e0] main input debug: using timeshift granularity of 50 MiB[000059a75aef77e0] main input debug: using default timeshift path
[000059a75aef77e0] main input debug: `file://....id%3A000000%2Csig%3A06%2Csrc%3A003422%2Ctime%3A3303751201%2Cexecs%3A6857827263%2Cop%3Aext_AO%2Cpos%3A188'
[0000771084000e80] main access debug: creating access: file://....id%3A000000%2Csig%3A06%2Csrc%3A003422%2Ctime%3A3303751201%2Cexecs%3A6857827263%2Cop%3Aext_AO%2Cpos%3A188
[0000771084000e80] main access debug: (path: ....id:000000,sig:06,src:003422,time:3303751201,execs:6857827263,op:ext_AO,pos:188)[00007710b06fb968] main generic debug: looking for access module matching "file": 4 candidates[00007710b06fb968] main generic debug: using access module "filesystem"[00007710b06fb988] main generic debug: looking for stream_filter module matching "prefetch,cache": 2 candidates[00007710840017d0] cache_read stream filter debug: Using stream method for AStream*[00007710840017d0] cache_read stream filter debug: starting pre-buffering[00007710840017d0] cache_read stream filter debug: received first data after 0 ms[00007710840017d0] cache_read stream filter debug: pre-buffering done 1024 bytes in 0s - 25000 KiB/s[00007710b06fb988] main generic debug: using stream_filter module "cache_read"[00007710b06fba08] main generic debug: looking for stream_filter module matching "any": 8 candidates[00007710b06fba08] main generic debug: no stream_filter modules matched with name any[00007710b06fb958] main generic debug: looking for stream_directory module matching "any": 1 candidates[00007710b06fb958] main generic debug: no stream_directory modules matched with name any
[000059a75aef77e0] main input debug: attachment of directory-extractor failed for file://....id%3A000000%2Csig%3A06%2Csrc%3A003422%2Ctime%3A3303751201%2Cexecs%3A6857827263%2Cop%3Aext_AO%2Cpos%3A188
[00007710b06fb9e8] main generic debug: looking for stream_filter module matching "record": 1 candidates[00007710b06fb9e8] main generic debug: using stream_filter module "record"
[000059a75aef77e0] main input debug: creating demux "any", URL: file://....id:000000,sig:06,src:003422,time:3303751201,execs:6857827263,op:ext_AO,pos:188
[00007710b06fb9f8] main generic debug: looking for demux module matching "ext-/vl_fuzz/crashes/flac/id:000000,sig:06,src:003422,time:3303751201,execs:6857827263,op:ext_AO,pos:188": 63 candidates[00007710b06fb5e8] main generic debug: looking for packetizer module matching "any": 25 candidates[00007710b06fb5e8] main generic debug: using packetizer module "flac"[000059a75aef77e0] main input debug: selecting program id=0[000059a75aef77e0] main input debug: ES track added: 'audio/0' (fourcc: 'flac')[00007710b06fb9f8] main generic debug: using demux module "flacsys"[000059a75aef77e0] main input debug: looking for a subtitle file in ....[00007710b06fb2a8] main generic debug: looking for packetizer module matching "any": 25 candidates[00007710b06fb2a8] main generic debug: using packetizer module "flac"[00007710b06fb2a8] main generic debug: looking for audio decoder module matching "any": 17 candidates[00007710b06fb2a8] main generic debug: using audio decoder module "flac"[00007710b59fcb58] main generic debug: looking for meta fetcher module matching "any": 0 candidates[00007710b59fcb58] main generic debug: no meta fetcher modules matched with name any[00007710b59fcb28] main generic debug: looking for art finder module matching "any": 1 candidates[000059a75aef77e0] main input debug: ES track selected: 'audio/0' (fourcc: 'flac')
[000059a75aef77e0] main input debug: `file://....id%3A000000%2Csig%3A06%2Csrc%3A003422%2Ctime%3A3303751201%2Cexecs%3A6857827263%2Cop%3Aext_AO%2Cpos%3A188' successfully opened
status change: ( play state: 2 )[00007710b59fcb28] main generic debug: no art finder modules matched with name anyvlc: demux/flac.c:234: GetPacketizedBlock: Assertion `i_ret != 0' failed.fish: Job 1, './vlc ...../i…' terminated by signal SIGABRT (Abort)