[vlc-devel] [PATCH 1/2] HTTP: fix possible crash in vlc_http_res_get_redirect
Rémi Denis-Courmont
remi at remlab.net
Wed Sep 6 11:31:00 CEST 2017
Le 6 septembre 2017 02:08:29 GMT+03:00, Jean-Baptiste Kempf <jb at videolan.org> a écrit :
>If vlc_uri_resolve returns NULL, then strcspn will crash
>---
> modules/access/http/resource.c | 3 +++
> 1 file changed, 3 insertions(+)
>
>diff --git a/modules/access/http/resource.c
>b/modules/access/http/resource.c
>index ca55b49375..cc55ec5310 100644
>--- a/modules/access/http/resource.c
>+++ b/modules/access/http/resource.c
>@@ -298,6 +298,9 @@ char *vlc_http_res_get_redirect(struct
>vlc_http_resource *restrict res)
> free(fixed);
> free(base);
>
>+ if (unlikely(abs == NULL))
>+ return NULL;
>+
>/* NOTE: The anchor is discarded if it is present as VLC does not
>support
> * HTML anchors so far. */
> size_t len = strcspn(abs, "#");
>--
>2.14.1
>
>_______________________________________________
>vlc-devel mailing list
>To unsubscribe or modify your subscription options:
>https://mailman.videolan.org/listinfo/vlc-devel
Nitpicking: invert the condition and keep the factored return... better line coverage.
--
Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.
More information about the vlc-devel
mailing list