[vlc-devel] [PATCH] vasprintf: stop HEAP exceptions
Rémi Denis-Courmont
rem at videolan.org
Mon Jan 5 15:10:25 CET 2009
Le lundi 5 janvier 2009, Ken Self a écrit :
> diff --git a/include/vlc_fixups.h b/include/vlc_fixups.h
> index b88a900..726bb9e 100644
> --- a/include/vlc_fixups.h
> +++ b/include/vlc_fixups.h
> @@ -50,7 +50,7 @@ static inline int vasprintf (char **strp, const
> char *fmt, va_list ap) if (res == NULL)
> return -1;
> *strp = res;
> - return vsprintf (res, fmt, ap);
> + return vsnprintf (res, len, fmt, ap);
What is this supposed to achieve? the buffer at <res> is exactly the
right length to start with. In case the earlier vsnprintf()
returned -1, this patch trades a heap overflow with an off-by-one
overflow and causes the function to return an incorrect value.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list