#124 NRG caused cdemu to crash when CDTEXT is too long.

[Robert Short]

I use cdemu to play Nero .nrg files. I have a few images that will always cause cdemu to crash. I busted out gdb and tracked it to the file cdtext-coder.c in the mirage library. There is a char buffer "tmp_buffer" that is 255 characters long. All of the offending images have more characters than that.

I "fixed" it by bumping this buffer to 2000 characters and now the images all play. Obviously this is only a fix until somebody creates even longer cdtext strings. I did this using the tarballs I downloaded this morning. Also, I am running on a debian stable system.

I started to implement a fix by allocating the tmp_buffer to be just what is needed. Since you know how many blocks there are, just allocate 12 times the number blocks. Maybe add an extra character in case you need to guarantee the whole list is null terminated. I realized that my c skills are way too rusty, I didn't understand the glib goop, and i wasn't sure how this piece fits into the overall framework so I would just make a mess and create new bugs.

I also might suggest the use of strnlen instead of strlen. That way you aren't searching for an accidental null byte somewhere.

Thanks for building this software. I love it.

[Henrik Stokseth]

Hi Robert. Thanks for a thorough bugreport.

Internally we're debating whether to do a bigger upgrade on the code in
question or to simply do a smaller fix. I am hoping you can email me a
handful of extracts from the problematic CD images. If anyone of them
happen to contain weird foreign characters I would especially like those.

The command to extract metadata from an NRG image is:
tail --bytes=100K myimage.nrg > mychunk.bin

My email address is henrik AT hshq DOT net
Substitute AT for @ and DOT for .
In advance, thanks for your help.

Regards,
- Henrik