Corrupt output if metadata block too large

Metadata blocks are limited to 16 MiB (+4 bytes) in size by the [FLAC specification](https://www.rfc-editor.org/rfc/rfc9639.html#name-metadata-block-header:~:text=The%20three%20bytes%20that%20follow%20code%20for%20the%20size%20of%20the%20metadata%20block%20in%20bytes%2C%20excluding%20the%204%20header%20bytes%2C%20as%20an%20unsigned%20number%20coded%20big%2Dendian.). At present this limit is not checked when writing out a FLAC file: https://github.com/jameshurst/rust-metaflac/blob/2fce8386791d67b8e37dae37d15e82b43bcf85fb/src/block.rs#L142

The impact is that when the metadata block encodes to a larger size the resulting file will be corrupt because the length value in the header doesn't match the length of the data that was written. This is most likely to happen with `PICTURE` or `APPLICATION` blocks.

For reference, the official library checks for overly large metadata in several locations but there's a final check [when writing out the header for a metadata block](https://github.com/xiph/flac/blob/8d648456a2d7444d54a579e365bab4c815ac6873/src/libFLAC/metadata_iterators.c#L2746):
```c
	FLAC__ASSERT(block->length < (1u << FLAC__STREAM_METADATA_LENGTH_LEN));
	/* double protection */
	if(block->length >= (1u << FLAC__STREAM_METADATA_LENGTH_LEN))
		return false;
```
with:
```c
FLAC_API const uint32_t FLAC__STREAM_METADATA_LENGTH_LEN = 24; /* bits */
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Corrupt output if metadata block too large #26

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Corrupt output if metadata block too large #26

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions