[vlc-devel] [PATCH] demux: stl: fix heap-buffer-overflow
Shaleen Jain
shaleen.jain95 at gmail.com
Tue Jul 4 14:48:54 CEST 2017
According to the spec calloc can return a NULL or a unique pointer
value if either of the arguments are 0 depending on the implementation.
Add a guard to prevent allocation by returning an error in the above case.
---
modules/demux/stl.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/modules/demux/stl.c b/modules/demux/stl.c
index 9a0d5a131e..463cab36ca 100644
--- a/modules/demux/stl.c
+++ b/modules/demux/stl.c
@@ -242,6 +242,8 @@ static int Open(vlc_object_t *object)
const int cct = ParseInteger(&header[12], 2);
const mtime_t program_start = ParseTextTimeCode(&header[256], fps);
const size_t tti_count = ParseInteger(&header[238], 5);
+ if(!tti_count)
+ return VLC_EGENERIC;
msg_Dbg(demux, "Detected EBU STL : CCT=%d TTI=%zu start=%8.8s %"PRId64, cct, tti_count, &header[256], program_start);
demux_sys_t *sys = malloc(sizeof(*sys));
--
2.13.2
More information about the vlc-devel
mailing list