[vlc-devel] [PATCH] hds: fix memory leak and buffer probing
Tristan Matthews
le.businessman at gmail.com
Thu Jul 17 20:07:17 CEST 2014
On Thu, Jul 17, 2014 at 1:42 PM, Rémi Denis-Courmont <remi at remlab.net> wrote:
> Le jeudi 17 juillet 2014, 13:22:35 Tristan Matthews a écrit :
>> The char * returned by FromCharset was not being freed, and
>> strstr was being called on a buffer that was not NULL terminated.
>> ---
>> modules/stream_filter/hds/hds.c | 22 ++++++++++++++++------
>> 1 file changed, 16 insertions(+), 6 deletions(-)
>>
>> diff --git a/modules/stream_filter/hds/hds.c
>> b/modules/stream_filter/hds/hds.c index 5119ba2..6104f7d 100644
>> --- a/modules/stream_filter/hds/hds.c
>> +++ b/modules/stream_filter/hds/hds.c
>> @@ -184,23 +184,33 @@ static bool isHDS( stream_t *s )
>> if( i_size < 200 )
>> return false;
>>
>> - const char *str;
>> + char *peeked = malloc( 512 );
>> + if( unlikely( peeked == NULL ) )
>> + return false;
>> +
>> + memcpy( peeked, peek, i_size );
>> + peeked[i_size - 1] = '\0';
>> +
>> + char *str;
>>
>> - if( !memcmp( peek, "\xFF\xFE", 2 ) )
>> + if( !memcmp( peeked, "\xFF\xFE", 2 ) )
>> {
>> - str = FromCharset( "UTF-16LE", peek, 512 );
>> + str = FromCharset( "UTF-16LE", peeked, 512 );
>> + free( peeked );
>> }
>> - else if( !memcmp( peek, "\xFE\xFF", 2 ) )
>> + else if( !memcmp( peeked, "\xFE\xFF", 2 ) )
>> {
>> - str = FromCharset( "UTF-16BE", peek, 512 );
>> + str = FromCharset( "UTF-16BE", peeked, 512 );
>> + free( peeked );
>> }
>> else
>> - str = peek;
>> + str = peeked;
>
> strndup() here would be simpler, minding that FromCharset() always insert a
> nul terminator.
Ok, will resend later.
Best,
Tristan
More information about the vlc-devel
mailing list