[vlc-devel] [PATCH] demux: stl: fix heap-buffer-overflow
Shaleen Jain
shaleen.jain95 at gmail.com
Tue Jul 4 09:16:41 CEST 2017
According to the spec calloc can return a NULL or a unique pointer
value if either of the arguments are 0 depending on the implementation.
Add a guard to prevent member access if we get a non-null pointer in
the above case.
---
modules/demux/stl.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/modules/demux/stl.c b/modules/demux/stl.c
index 9a0d5a131e..9d27a79458 100644
--- a/modules/demux/stl.c
+++ b/modules/demux/stl.c
@@ -243,6 +243,8 @@ static int Open(vlc_object_t *object)
const mtime_t program_start = ParseTextTimeCode(&header[256], fps);
const size_t tti_count = ParseInteger(&header[238], 5);
msg_Dbg(demux, "Detected EBU STL : CCT=%d TTI=%zu start=%8.8s %"PRId64, cct, tti_count, &header[256], program_start);
+ if(!tti_count)
+ return VLC_EGENERIC;
demux_sys_t *sys = malloc(sizeof(*sys));
if(!sys)
--
2.13.2
More information about the vlc-devel
mailing list