[vlc-devel] [PATCH] hds: fix memory leak and buffer probing
Tristan Matthews
le.businessman at gmail.com
Thu Jul 17 19:22:35 CEST 2014
The char * returned by FromCharset was not being freed, and
strstr was being called on a buffer that was not NULL terminated.
---
modules/stream_filter/hds/hds.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/modules/stream_filter/hds/hds.c b/modules/stream_filter/hds/hds.c
index 5119ba2..6104f7d 100644
--- a/modules/stream_filter/hds/hds.c
+++ b/modules/stream_filter/hds/hds.c
@@ -184,23 +184,33 @@ static bool isHDS( stream_t *s )
if( i_size < 200 )
return false;
- const char *str;
+ char *peeked = malloc( 512 );
+ if( unlikely( peeked == NULL ) )
+ return false;
+
+ memcpy( peeked, peek, i_size );
+ peeked[i_size - 1] = '\0';
+
+ char *str;
- if( !memcmp( peek, "\xFF\xFE", 2 ) )
+ if( !memcmp( peeked, "\xFF\xFE", 2 ) )
{
- str = FromCharset( "UTF-16LE", peek, 512 );
+ str = FromCharset( "UTF-16LE", peeked, 512 );
+ free( peeked );
}
- else if( !memcmp( peek, "\xFE\xFF", 2 ) )
+ else if( !memcmp( peeked, "\xFE\xFF", 2 ) )
{
- str = FromCharset( "UTF-16BE", peek, 512 );
+ str = FromCharset( "UTF-16BE", peeked, 512 );
+ free( peeked );
}
else
- str = peek;
+ str = peeked;
if( str == NULL )
return false;
bool ret = strstr( str, "<manifest" ) != NULL;
+ free( str );
return ret;
}
--
1.9.3
More information about the vlc-devel
mailing list