[vlc-commits] subsdec: Fix potential out of bound read
Hugo Beauzée-Luyssen
git at videolan.org
Fri Apr 7 11:57:28 CEST 2017
vlc | branch: master | Hugo Beauzée-Luyssen <hugo at beauzee.fr> | Fri Apr 7 11:05:18 2017 +0200| [62be394b2c711328f083cb63f261c200ac89a4bb] | committer: Hugo Beauzée-Luyssen
subsdec: Fix potential out of bound read
Reported-by: Yannay Livneh <yannayl at checkpoint.com>
Omri Herscovici <omrih at checkpoint.com>
Omer Gull <omergu at checkpoint.com>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=62be394b2c711328f083cb63f261c200ac89a4bb
---
modules/codec/subsdec.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/modules/codec/subsdec.c b/modules/codec/subsdec.c
index e407c9a..fc0ad25 100644
--- a/modules/codec/subsdec.c
+++ b/modules/codec/subsdec.c
@@ -512,6 +512,8 @@ static char* ConsumeAttribute( const char** ppsz_subtitle, char** psz_attribute_
// Skip over to the attribute value
while ( *psz_subtitle && *psz_subtitle != '=' )
psz_subtitle++;
+ if ( !*psz_subtitle )
+ return psz_attribute_name;
// Skip the '=' sign
psz_subtitle++;
@@ -539,6 +541,8 @@ static char* ConsumeAttribute( const char** ppsz_subtitle, char** psz_attribute_
psz_subtitle++;
attr_len++;
}
+ if ( attr_len == 0 )
+ return psz_attribute_name;
if ( unlikely( !( *psz_attribute_value = malloc( attr_len + 1 ) ) ) )
{
free( psz_attribute_name );
More information about the vlc-commits
mailing list