[vlc-commits] demux: image: fix heap-use-after-free
Thomas Guillem
git at videolan.org
Fri Jun 23 16:54:35 CEST 2017
vlc | branch: master | Thomas Guillem <thomas at gllm.fr> | Fri Jun 23 16:40:29 2017 +0200| [1de4047a25cd336d1539ea0867c29180928dd230] | committer: Thomas Guillem
demux: image: fix heap-use-after-free
detect callbacks can call vlc_stream_Peek() and invalidate the current peek
buffer is re-allocation is needed.
An other way to solve this issue is to make sure that checks with a callback
are executed after checks with a marker/marker_size.
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=1de4047a25cd336d1539ea0867c29180928dd230
---
modules/demux/image.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/modules/demux/image.c b/modules/demux/image.c
index 8ec243f087..76a83cd652 100644
--- a/modules/demux/image.c
+++ b/modules/demux/image.c
@@ -637,6 +637,8 @@ static int Open(vlc_object_t *object)
if (img->detect) {
if (img->detect(demux->s))
break;
+ /* detect callbacks can invalidate the current peek buffer */
+ peek_size = 0;
} else {
if ((size_t) peek_size < img->marker_size)
{
More information about the vlc-commits
mailing list