From d81ae5a482050947169f10e89c4d45e982f6012f Mon Sep 17 00:00:00 2001
From: "Patrick C. McGinty" <casey.mcginty@gmail.com>
Date: Tue, 8 Mar 2011 00:18:52 -1000
Subject: Stop accidental free of referenced FLAC vendor string

The libFLAC API is unclear about how it handles empty strings. The
original code assumed that empty string would be copied, when 'copy'
param of set_vendor_string was true, as indicated in the API docs.

Checking into the libFLAC source, when a string of length 0 is provided,
it will NOT be copied.  Therfore, free'ing empty string will cause a
SIGSEGV or worse when the FLAC API tries to read the vendor string.
---
 src/flac_tag.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/flac_tag.c b/src/flac_tag.c
index 7c7906e..d8abf2f 100755
--- a/src/flac_tag.c
+++ b/src/flac_tag.c
@@ -886,8 +886,10 @@ gboolean Flac_Tag_Write_File_Tag (ET_File *ETFile)
         // Set the original vendor string, else will be use the version of library
         if (vce_field_vendor_string_found)
         {
-            FLAC__metadata_object_vorbiscomment_set_vendor_string(vc_block, vce_field_vendor_string, true);
-            g_free(vce_field_vendor_string.entry);
+            // must set 'copy' param to false, because the API will reuse the  pointer of an empty
+            // string (yet still return 'true', indicating it was copied); the string is free'd during
+            // metadata_chain_delete routine
+            FLAC__metadata_object_vorbiscomment_set_vendor_string(vc_block, vce_field_vendor_string, /*copy=*/false);
         }
 
 
-- 
cgit v1.2.3