From 60b9d1f3c65d79a425e3c584b59cf75a0500a51f Mon Sep 17 00:00:00 2001
From: "T. Joseph Carter" <tjcarter@spiritsubstance.com>
Date: Mon, 3 Jul 2017 05:21:41 -0700
Subject: [PATCH] Test 2mg comment/creator blocks are "valid"

CiderPress checks that these optional areas are actually as long as the header
says they are and discards them if they're not.  This seems like a useful
heuristic.  It happens to be the only one we can perform.  :)
---
 cppo | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/cppo b/cppo
index 342e091..5ffddad 100755
--- a/cppo
+++ b/cppo
@@ -930,15 +930,32 @@ class Disk:
 			self._raw_twoimg = self.image[:hdr.hdr_len]
 			if hdr.version == 1:
 				if hdr.hdr_len == 64:
+					# Extract comment (if it exists and is valid)
 					if hdr.comment_offset and hdr.comment_len:
 						self.twoimg_comment = self.image[
 								hdr.comment_offset
 								: hdr.comment_offset + hdr.comment_len]
+						if len(self.twoimg_comment) != hdr.comment_len:
+							log.warn('invalid 2mg comment: {} bytes '
+									'(expected {} bytes)'.format(
+										len(self.twoimg_comment),
+										hdr.comment_len))
+							self.twoimg_comment = None
+
+					# Extract creator area (if it exists and is valid)
 					if hdr.creator_offset and hdr.creator_len:
 						self.twoimg_creator = self.image[
 								hdr.creator_offset
 								: hdr.creator_offset + hdr.creator_len]
+						if len(self.twoimg_creator) != hdr.creator_len:
+							log.warn('invalid 2mg creator: {} bytes '
+									'(expected {} bytes)'.format(
+										len(self.twoimg_creator),
+										hdr.creator_len))
+							self.twoimg_creator = None
+
 					self.twoimg_locked = bool(hdr.flags & 0x80000000)
+
 					self.twoimg = hdr
 				else:
 					log.warn('2mg header length: {} (expected 64 '