[vlc-devel] commit: Really fix the real overflow ( Rémi Denis-Courmont )
git version control
git at videolan.org
Mon Dec 1 20:47:24 CET 2008
vlc | branch: master | Rémi Denis-Courmont <rdenis at simphalempin.com> | Mon Dec 1 21:45:23 2008 +0200| [94e765fa48ebc24d153973e7f9bd0bd8c654a5dc] | committer: Rémi Denis-Courmont
Really fix the real overflow
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=94e765fa48ebc24d153973e7f9bd0bd8c654a5dc
---
modules/demux/real.c | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/modules/demux/real.c b/modules/demux/real.c
index e35d46c..ef3a816 100644
--- a/modules/demux/real.c
+++ b/modules/demux/real.c
@@ -921,14 +921,14 @@ static void ReadRealIndex( demux_t *p_demux )
msg_Dbg( p_demux, "Real Index : num : %d ", i_index_count );
- if( i_index_count == 0 )
+ if( i_index_count > ( 0xffffffff / sizeof( rm_index_t ) ) )
return;
if( GetDWBE( &buffer[16] ) > 0 )
msg_Dbg( p_demux, "Real Index: Does next index exist? %d ",
GetDWBE( &buffer[16] ) );
- p_sys->p_index = calloc( i_index_count + 1, sizeof( rm_index_t ) );
+ p_sys->p_index = malloc( ( i_index_count + 1 ) * sizeof( rm_index_t ) );
if( p_sys->p_index == NULL )
return;
@@ -947,12 +947,13 @@ static void ReadRealIndex( demux_t *p_demux )
p_sys->p_index[i].time_offset = GetDWBE( &buffer[2] );
p_sys->p_index[i].file_offset = GetDWBE( &buffer[6] );
p_sys->p_index[i].frame_index = GetDWBE( &buffer[10] );
- msg_Dbg( p_demux, "Real Index: time %d file %d frame %d ",
- p_sys->p_index[i].time_offset,
- p_sys->p_index[i].file_offset,
- p_sys->p_index[i].frame_index );
-
+ msg_Dbg( p_demux,
+ "Real Index: time %"PRIu32" file %"PRIu32" frame %"PRIu32,
+ p_sys->p_index[i].time_offset,
+ p_sys->p_index[i].file_offset,
+ p_sys->p_index[i].frame_index );
}
+ memset( p_sys->p_index + i_index_count, 0, sizeof( rm_index_t ) );
}
/*****************************************************************************
More information about the vlc-devel
mailing list