[vlc-devel] [vlc-commits] xiph demux: _correctly_ remove warning
Jean-Baptiste Kempf
jb at videolan.org
Tue Feb 22 17:47:40 CET 2011
On Tue, Feb 22, 2011 at 05:45:30PM +0100, Laurent Aimar wrote :
> > > + if ((uint8_t)(end - current) < size)
> > > return VLC_EGENERIC;
> > (uint8_t) seems *highly* suspicious (read: there is probably a security
> > issue where there was none...)
> Sorry misread. No security issue but I think valid headers are now
> rejected... (size can be higher than 255)
Well, to me, this is still wrong.
It should be checked for positivity and casted to (size_t) or
(unsigned).
Best Regards,
--
Jean-Baptiste Kempf
http://www.jbkempf.com/
+33 672 704 734
More information about the vlc-devel
mailing list