[vlc-devel] [PATCH] codec/svcdsub: fix potential null-dereference

Wed Mar 1 09:52:10 CET 2017

if block_ChainGather fails we would try to dereference a null-pointer,
these changes instead make sure that we discard the data in order to
advance forward.
---
 modules/codec/svcdsub.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/modules/codec/svcdsub.c b/modules/codec/svcdsub.c
index 7961d94923..807df03785 100644
--- a/modules/codec/svcdsub.c
+++ b/modules/codec/svcdsub.c
@@ -303,6 +303,16 @@ static block_t *Reassemble( decoder_t *p_dec, block_t *p_block )
     {
         block_t *p_spu = block_ChainGather( p_sys->p_spu );
 
+        if( unlikely( !p_spu ) )
+        {
+            block_ChainRelease( p_sys->p_spu );
+            p_sys->i_state = SUBTITLE_BLOCK_EMPTY;
+            p_sys->p_spu = NULL;
+
+            msg_Warn( p_dec, "unable to assemble blocks, discarding" );
+            return NULL;
+        }
+
         if( p_spu->i_buffer != p_sys->i_spu_size )
         {
             msg_Warn( p_dec, "subtitle packets size=%zu should be %zu",
-- 
2.12.0

