| Subject: | No checks on header read |
The _read_data sub in Container.pm does not do any kind of sanity checks
of the header nor the data size it reads in. Normally this shouldn't
pose a problem, but RIFF files are often created quite badly, and not to
spec(yet still play fine).
Some files have arbitrary data at the beginning and/or end of the file.
File::Format::RIFF::Chunk->_read_header will read in 4 bytes and return
that as the size of the chunk. If this 4 bytes is not part of a
correctly made chunk (or not part of a chunk at all), then the value
added to the $to_read value in Container->_read_data could be anything.
Using Perl 5.8.8 on CentOS