From: =?utf-8?q?David_Pr=C3=A9vot?= <taffit@debian.org>
Date: Wed, 8 Oct 2014 09:28:33 -0400
Subject: bugfix: possible memory leak in OggFLAC

https://github.com/owncloud/music/issues/212

Origin: upstream, https://github.com/JamesHeinrich/getID3/commit/a9443d559def6ab07489698a5b60c3c58da0e67e
---
 getid3/module.audio.ogg.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/getid3/module.audio.ogg.php b/getid3/module.audio.ogg.php
index 14810bf..b834f11 100644
--- a/getid3/module.audio.ogg.php
+++ b/getid3/module.audio.ogg.php
@@ -505,6 +505,12 @@ $info['warning'][] = 'Ogg Theora (v3) not fully supported in this version of get
 		$ThisFileInfo_ogg_comments_raw = &$info['ogg']['comments_raw'];
 		for ($i = 0; $i < $CommentsCount; $i++) {
 
+			if ($i >= 10000) {
+				// https://github.com/owncloud/music/issues/212#issuecomment-43082336
+				$info['warning'][] = 'Unexpectedly large number ('.$CommentsCount.') of Ogg comments - breaking after reading '.$i.' comments';
+				break 2;
+			}
+
 			$ThisFileInfo_ogg_comments_raw[$i]['dataoffset'] = $CommentStartOffset + $commentdataoffset;
 
 			if ($this->ftell() < ($ThisFileInfo_ogg_comments_raw[$i]['dataoffset'] + 4)) {