[vlc-devel] [PATCH 2/2] video_filter/blendbench: fix out-of-bound reads on ill-formed parameters
Filip Roséen
filip at atch.se
Wed Mar 22 04:40:08 CET 2017
Prevent out-of-bounds access if --blendbench-base-chroma or
--blendbench-blend-chroma is ill-formed.
refs: #18116
fixes: #18146
---
modules/video_filter/blendbench.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/modules/video_filter/blendbench.c b/modules/video_filter/blendbench.c
index 5f42436124..d33fc3cb87 100644
--- a/modules/video_filter/blendbench.c
+++ b/modules/video_filter/blendbench.c
@@ -177,8 +177,8 @@ static int Create( vlc_object_t *p_this )
CFG_PREFIX "alpha" );
psz_temp = var_CreateGetStringCommand( p_filter, CFG_PREFIX "base-chroma" );
- p_sys->i_base_chroma = VLC_FOURCC( psz_temp[0], psz_temp[1],
- psz_temp[2], psz_temp[3] );
+ p_sys->i_base_chroma = !psz_temp || strlen( psz_temp ) != 4 ? 0 :
+ VLC_FOURCC( psz_temp[0], psz_temp[1], psz_temp[2], psz_temp[3] );
psz_cmd = var_CreateGetStringCommand( p_filter, CFG_PREFIX "base-image" );
i_ret = blendbench_LoadImage( p_this, &p_sys->p_base_image,
p_sys->i_base_chroma, psz_cmd, "Base" );
@@ -192,8 +192,8 @@ static int Create( vlc_object_t *p_this )
psz_temp = var_CreateGetStringCommand( p_filter,
CFG_PREFIX "blend-chroma" );
- p_sys->i_blend_chroma = VLC_FOURCC( psz_temp[0], psz_temp[1],
- psz_temp[2], psz_temp[3] );
+ p_sys->i_blend_chroma = !psz_temp || strlen( psz_temp ) != 4
+ ? 0 : VLC_FOURCC( psz_temp[0], psz_temp[1], psz_temp[2], psz_temp[3] );
psz_cmd = var_CreateGetStringCommand( p_filter, CFG_PREFIX "blend-image" );
i_ret = blendbench_LoadImage( p_this, &p_sys->p_blend_image, p_sys->i_blend_chroma,
psz_cmd, "Blend" );
--
2.12.0
More information about the vlc-devel
mailing list