Mercurial > libdvdread4.hg

comparison ifo_read.c @ 91:23d412d59d62 src

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Abort when PTT search table has zero entries The static analyzer from LLVM/Clang 1:3.4~svn194079-1 reports a possible allocation of size 0 in `libdvdread/src/ifo_read.c`. $ scan-build -o scan-build make $ scan-view scan-build/2013-11-18-155601-16168-1 When `vts_ptt_srpt->nr_of_srpts` is zero the allocation size is zero. vts_ptt_srpt->title = malloc(vts_ptt_srpt->nr_of_srpts * sizeof(ttu_t)); The manual of the function `malloc` writes the following. If size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free(). So check for 0 and, if it is, abort by going to the label `fail`. Patch by Paul Menzel <paulepanter AT users DOT sourceforge DOT net>
author rathann
date Wed, 04 Dec 2013 22:40:17 +0000
parents 42d169fbee1d
children 7ab44001373e
comparison
equal deleted inserted replaced
90:9f5802d2767a 91:23d412d59d62
1184 1184
1185 if(vts_ptt_srpt->nr_of_srpts > info_length / sizeof(*data)) { 1185 if(vts_ptt_srpt->nr_of_srpts > info_length / sizeof(*data)) {
1186 fprintf(stderr, "libdvdread: PTT search table too small.\n"); 1186 fprintf(stderr, "libdvdread: PTT search table too small.\n");
1187 goto fail; 1187 goto fail;
1188 } 1188 }
1189
1190 if(vts_ptt_srpt->nr_of_srpts == 0) {
1191 fprintf(stderr, "libdvdread: Zero entries in PTT search table.\n");
1192 goto fail;
1193 }
1194
1189 for(i = 0; i < vts_ptt_srpt->nr_of_srpts; i++) { 1195 for(i = 0; i < vts_ptt_srpt->nr_of_srpts; i++) {
1190 /* Transformers 3 has PTT start bytes that point outside the SRPT PTT */ 1196 /* Transformers 3 has PTT start bytes that point outside the SRPT PTT */
1191 uint32_t start = data[i]; 1197 uint32_t start = data[i];
1192 B2N_32(start); 1198 B2N_32(start);
1193 if(start + sizeof(ptt_info_t) > vts_ptt_srpt->last_byte + 1) { 1199 if(start + sizeof(ptt_info_t) > vts_ptt_srpt->last_byte + 1) {