[vlc-devel] [PATCH 3/7] subsdec: fix potential unsigned overflow
Rémi Denis-Courmont
remi at remlab.net
Tue May 6 21:07:15 CEST 2014
Le mardi 6 mai 2014, 19:08:27 Felix Abecassis a écrit :
> ---
> modules/codec/subsdec.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/modules/codec/subsdec.c b/modules/codec/subsdec.c
> index 1b4276e..4faff70 100644
> --- a/modules/codec/subsdec.c
> +++ b/modules/codec/subsdec.c
> @@ -737,7 +737,7 @@ static char *CreateHtmlSubtitle( int *pi_align, char
> *psz_subtitle ) {
> bool b_match = false;
> bool b_ignore = false;
> - int i_len = (psz_tag ? strlen(psz_tag) : 0) - 1;
> + int i_len = (psz_tag ? (int)strlen(psz_tag) : 0) -
> 1;
This looks more like it's introducing undefined behaviour than removing it.
If: strlen(psz_tag) == (size_t)INT_MIN
Before the patch: i_len == INT_MAX
After the patch: undefined behaviour due to signed underflow.
If psz_tag is the empty string the result is unchanged.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list