Mercurial > mplayer.hg
changeset 21783:4511c04bc4a0
Fix potential buffer overflow in asm rules matching code
| author | rtogni |
|---|---|
| date | Sun, 31 Dec 2006 13:27:53 +0000 |
| parents | 99ab6c41eb1e |
| children | e7403deab378 |
| files | stream/realrtsp/asmrp.c stream/realrtsp/asmrp.h stream/realrtsp/real.c |
| diffstat | 3 files changed, 9 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/stream/realrtsp/asmrp.c Sun Dec 31 11:09:53 2006 +0000 +++ b/stream/realrtsp/asmrp.c Sun Dec 31 13:27:53 2006 +0000 @@ -41,6 +41,7 @@ #include <stdio.h> #include <string.h> #include "mp_msg.h" +#include "asmrp.h" /* #define LOG @@ -646,8 +647,11 @@ #ifdef LOG printf ("rule #%d is true\n", rule_num); #endif - matches[num_matches] = rule_num; - num_matches++; + if(num_matches < MAX_RULEMATCHES - 1) + matches[num_matches++] = rule_num; + else + mp_msg(MSGT_STREAM, MSGL_ERR, + "Ignoring matched asm rule %d, too many matched rules.\n", rule_num); } rule_num++;
--- a/stream/realrtsp/asmrp.h Sun Dec 31 11:09:53 2006 +0000 +++ b/stream/realrtsp/asmrp.h Sun Dec 31 13:27:53 2006 +0000 @@ -40,6 +40,8 @@ #ifndef HAVE_ASMRP_H #define HAVE_ASMRP_H +#define MAX_RULEMATCHES 16 + int asmrp_match (const char *rules, int bandwidth, int *matches) ; #endif
--- a/stream/realrtsp/real.c Sun Dec 31 11:09:53 2006 +0000 +++ b/stream/realrtsp/real.c Sun Dec 31 13:27:53 2006 +0000 @@ -275,7 +275,7 @@ int j=0; int n; char b[64]; - int rulematches[16]; + int rulematches[MAX_RULEMATCHES]; #ifdef LOG printf("calling asmrp_match with:\n%s\n%u\n", desc->stream[i]->asm_rule_book, bandwidth);