#209 multiple security crashes

[Anonymous]

please see:
https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-main-mp3splt-c/
https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/
https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c/

[Anonymous]

Also see https://blogs.gentoo.org/ago/2017/02/01/mp3splt-null-pointer-dereference-in-free_options-options_manager-c/

[Jonas Meurer]

Hi, unfortunately I fail to reproduce the crash as the reproducer file is not accepted as input by mp3splt:

$ mp3splt -P -f -t 0.1 -a 00130-mp3splt-badfree-free_options
mp3splt 2.6.2 (09/11/14) - using libmp3splt 0.9.2
Matteo Trotta <mtrotta at="" users.sourceforge.net="">
Alexandru Munteanu
THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTY! USE AT YOUR OWN RISK!
Pretending to split file '00130-mp3splt-badfree-free_options' ...
error: no plugin matches the file '00130-mp3splt-badfree-free_options'</mtrotta>

$ cat 00130-mp3splt-badfree-free_options | mp3splt -P -f -t 0.1 -a m-
mp3splt 2.6.2 (09/11/14) - using libmp3splt 0.9.2
Matteo Trotta <mtrotta at="" users.sourceforge.net="">
Alexandru Munteanu
THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTY! USE AT YOUR OWN RISK!
Pretending to split file 'm-' ...
info: file matches the plugin 'mp3 (libmad)'
error: invalid input file 'm-' for 'mp3 (libmad)' plugin</mtrotta>