[vlc-devel] [PATCH] hds: fix memory leak and buffer probing
Rémi Denis-Courmont
remi at remlab.net
Fri Aug 1 12:03:46 CEST 2014
Le 2014-08-01 08:32, Tristan Matthews a écrit :
> Only 200 bytes are peeked but FromCharset was being called with 512.
> The char * returned by FromCharset was not being freed, and
> strstr was being called on a buffer that was not NULL terminated.
I don't think that's true. FromCharset() should always nul-terminate
the string.
Otherwise, seems fine.
> ---
> modules/stream_filter/hds/hds.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/modules/stream_filter/hds/hds.c
> b/modules/stream_filter/hds/hds.c
> index edf6159..af3181d 100644
> --- a/modules/stream_filter/hds/hds.c
> +++ b/modules/stream_filter/hds/hds.c
> @@ -186,23 +186,24 @@ static bool isHDS( stream_t *s )
> if( i_size < 200 )
> return false;
>
> - const char *str;
> + char *str;
>
> if( !memcmp( peek, "\xFF\xFE", 2 ) )
> {
> - str = FromCharset( "UTF-16LE", peek, 512 );
> + str = FromCharset( "UTF-16LE", peek, i_size );
> }
> else if( !memcmp( peek, "\xFE\xFF", 2 ) )
> {
> - str = FromCharset( "UTF-16BE", peek, 512 );
> + str = FromCharset( "UTF-16BE", peek, i_size );
> }
> else
> - str = peek;
> + str = strndup( peek, i_size );
>
> if( str == NULL )
> return false;
>
> bool ret = strstr( str, "<manifest" ) != NULL;
> + free( str );
> return ret;
> }
--
Rémi Denis-Courmont
More information about the vlc-devel
mailing list