Mercurial > mplayer.hg

changeset 26267:430da0c9fcce

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix possible integer overflow in malloc by using calloc instead. Should fix CVE-2008-0073 as far as MPlayer is affected by this problem.
author reimar
date Sat, 29 Mar 2008 11:35:29 +0000
parents 9f588f9959d6
children 2f5886f0d307
files stream/realrtsp/sdpplin.c
diffstat 1 files changed, 2 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/stream/realrtsp/sdpplin.c	Fri Mar 28 14:02:53 2008 +0000
+++ b/stream/realrtsp/sdpplin.c	Sat Mar 29 11:35:29 2008 +0000
@@ -330,7 +330,8 @@
     
     if(filter(data,"a=StreamCount:integer;",&buf)) {
       desc->stream_count=(unsigned int)atoi(buf);
-      desc->stream=malloc(sizeof(sdpplin_stream_t*)*desc->stream_count);
+      desc->stream=calloc(desc->stream_count, sizeof(sdpplin_stream_t*));
+      if (!desc->stream) desc->stream_count = 0;
       handled=1;
       data=nl(data);
     }