[vlc-commits] [Git][videolan/vlc][master] 2 commits: preparser_serializer: fix potential palette write overflow

Jean-Baptiste Kempf (@jbk) gitlab at videolan.org
Tue May 19 07:49:37 UTC 2026 


Jean-Baptiste Kempf pushed to branch master at VideoLAN / VLC


Commits:
eca61c01 by Steve Lhomme at 2026-05-19T09:36:43+02:00
preparser_serializer: fix potential palette write overflow

If i was 255, it was OK to increment it to 256 and write in the palette
until we realize it's too big.

CID #1692752

- - - - -
d179ce4f by Steve Lhomme at 2026-05-19T09:36:43+02:00
preparser_serializer: fix potential NULL dereference

We call json_object_from_name() with ornull to true so we may keep the NULL value.

CID #1692718

- - - - -


1 changed file:

- modules/misc/preparser_serializer/json/fromjson.c


Changes:

=====================================
modules/misc/preparser_serializer/json/fromjson.c
=====================================
@@ -554,6 +554,10 @@ static void fromJSON_video_palette(struct serdes_sys *sys,
         if (v->type != JSON_ARRAY) {
             continue;
         }
+        if (i >= VIDEO_PALETTE_COLORS_MAX) {
+            err = true;
+            break;
+        }
         for (size_t j = 0; j < v->array.size; j++) {
             struct json_value *subv = &v->array.entries[j];
             if (subv->type != JSON_NUMBER || subv->number < 0 ||
@@ -563,10 +567,8 @@ static void fromJSON_video_palette(struct serdes_sys *sys,
             }
             p->palette[i][j] = subv->number;
         }
-        if (err || i >= VIDEO_PALETTE_COLORS_MAX) {
-            err = true;
+        if (err)
             break;
-        }
         i++;
     }
 
@@ -1134,7 +1136,7 @@ fromJSON_input_item_node(struct serdes_sys *sys,
 
     json_object_from_name(sys, obj, "p_item", &item, err, true,
                           fromJSON_input_item);
-    if (err) {
+    if (err || item == NULL) {
         *error = true;
         return;
     }



View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/bf8c5c423ea5f9f5bb7506549f4e035a1d328caf...d179ce4ffa63dbdee36a097ff502f2434ec54531

-- 
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/bf8c5c423ea5f9f5bb7506549f4e035a1d328caf...d179ce4ffa63dbdee36a097ff502f2434ec54531
You're receiving this email because of your account on code.videolan.org. Manage all notifications: https://code.videolan.org/-/profile/notifications | Help: https://code.videolan.org/help

More information about the vlc-commits mailing list