[vlc-devel] commit: Fixed potential stack overflow in asf demuxer. (Laurent Aimar )
git version control
git at videolan.org
Tue Sep 15 23:15:46 CEST 2009
vlc | branch: 1.0-bugfix | Laurent Aimar <fenrir at videolan.org> | Tue Sep 15 21:00:14 2009 +0200| [d191f0857158dfe81cafc063e918c49b2f3c4a57] | committer: Laurent Aimar
Fixed potential stack overflow in asf demuxer.
Reported by Sebastian Apelt, Siberas.
(cherry picked from commit dfe7084e8cc64e9b7a87cd37065b59cba2064823)
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=d191f0857158dfe81cafc063e918c49b2f3c4a57
---
modules/demux/asf/libasf.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/modules/demux/asf/libasf.c b/modules/demux/asf/libasf.c
index 46183cb..2b71999 100644
--- a/modules/demux/asf/libasf.c
+++ b/modules/demux/asf/libasf.c
@@ -1471,10 +1471,9 @@ static const struct
static void ASF_ObjectDumpDebug( vlc_object_t *p_obj,
- asf_object_common_t *p_node, int i_level )
+ asf_object_common_t *p_node, unsigned i_level )
{
- char str[1024];
- int i;
+ unsigned i;
union asf_object_u *p_child;
const char *psz_name;
@@ -1487,12 +1486,16 @@ static void ASF_ObjectDumpDebug( vlc_object_t *p_obj,
}
psz_name = ASF_ObjectDumpDebugInfo[i].psz_name;
+ char str[512];
+ if( i_level * 5 + 1 >= sizeof(str) )
+ return;
+
memset( str, ' ', sizeof( str ) );
for( i = 1; i < i_level; i++ )
{
str[i * 5] = '|';
}
- snprintf( str + 5*i_level, 1024,
+ snprintf( &str[5*i_level], sizeof(str) - 5*i_level,
"+ '%s' GUID "GUID_FMT" size:%"PRIu64"pos:%"PRIu64,
psz_name,
GUID_PRINT( p_node->i_object_id ),
More information about the vlc-devel
mailing list