starred/librespot
1
0
Fork 0
mirror of https://github.com/librespot-org/librespot.git synced 2026-04-27 16:25:52 +03:00
Code Issues 95 Projects Releases 10 Packages Wiki Activity

[PR #1239] [MERGED] Fix SpotifyId base 62 and 16 str decoding #1296

New issue
Closed
opened 2026-02-27 20:01:54 +03:00 by kerem · 0 comments
kerem commented 2026-02-27 20:01:54 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/librespot-org/librespot/pull/1239
Author: @lelloman
Created: 1/3/2024
Status: Merged
Merged: 5/26/2024
Merged by: @roderickvd

Base: devHead: fix-base62-16-id-decoding-overflow

📝 Commits (1)

  • ce5e2f2 Fix SpotifyId base 62 and 16 str decoding

📊 Changes

1 file changed (+37 additions, -4 deletions)

View changed files

📝 core/src/spotify_id.rs (+37 -4)

📄 Description

A SpotifyId is expected to be a 128 bits integer and can be parsed from a base 62 or 16 string. However the parsing functions only checked the validity of the characters of the string, but not its length. This could result in integer overflows or the parsing of incorrect strings as Spotify ids.

This commit add some checks to the length of the input string passed to the parse functions, and also checks for integer overflows in case of base62 encoded strings.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/librespot-org/librespot/pull/1239 **Author:** [@lelloman](https://github.com/lelloman) **Created:** 1/3/2024 **Status:** ✅ Merged **Merged:** 5/26/2024 **Merged by:** [@roderickvd](https://github.com/roderickvd) **Base:** `dev` ← **Head:** `fix-base62-16-id-decoding-overflow` --- ### 📝 Commits (1) - [`ce5e2f2`](https://github.com/librespot-org/librespot/commit/ce5e2f2392b5680a40b88b28e88b7c9c5cb0587a) Fix SpotifyId base 62 and 16 str decoding ### 📊 Changes **1 file changed** (+37 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `core/src/spotify_id.rs` (+37 -4) </details> ### 📄 Description A SpotifyId is expected to be a 128 bits integer and can be parsed from a base 62 or 16 string. However the parsing functions only checked the validity of the characters of the string, but not its length. This could result in integer overflows or the parsing of incorrect strings as Spotify ids. This commit add some checks to the length of the input string passed to the parse functions, and also checks for integer overflows in case of base62 encoded strings. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-02-27 20:01:54 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
v0.8.0
v0.7.1
v0.7.0
v0.6.0
v0.5.0
v0.4.2
v0.4.1
v0.4.0
v0.3.1
v0.3.0
v0.2.0
v0.1.6
v0.1.5
v0.1.3
v0.1.2
v0.1.1
v0.1.0
Labels
Clear labels   
A-Alsa

   
SpotifyAPI

   
Tokio 1.0

   
audio

   
bug

   
can't reproduce

   
compilation

   
dependencies

   
duplicate

   
enhancement

   
good first issue

   
help wanted

   
high priority

   
imported

   
imported

   
invalid

   
new api

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
reverse engineering

   
wiki

   
wontfix
No labels
A-Alsa
SpotifyAPI
Tokio 1.0
audio
bug
can't reproduce
compilation
dependencies
duplicate
enhancement
good first issue
help wanted
high priority
imported
imported
invalid
new api
pull-request
question
reverse engineering
wiki
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/librespot#1296
No description provided.