mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-07-16 11:28:36 +00:00
Code Issues 1 Projects Releases Wiki Activity

glsl: fix possible string overrun in gst_glsl_version_profile_from_string

Browse source 
given a NULL-terminated string, s.
s[i] = '\0';
i++;
does not guarentee that s[i] is NULL terminated and thus string operations
could read off the end of the array.

https://bugzilla.gnome.org/show_bug.cgi?id=758039
This commit is contained in:
Vineeth TM 2015-11-13 10:41:58 +09:00 committed by Matthew Waters
parent babd066b89
commit 6eae0c7e18
1 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
gst-libs/gst/gl/gstglsl.c
View file

@ -245,8 +245,8 @@ gst_glsl_version_profile_from_string (const gchar * string,
GstGLSLVersion * version_ret, GstGLSLProfile * profile_ret)
{
gchar *str, *version_s, *profile_s;
GstGLSLVersion version;
GstGLSLProfile profile;
GstGLSLVersion version = GST_GLSL_VERSION_NONE;
GstGLSLProfile profile = GST_GLSL_PROFILE_NONE;
gint i;
if (!string)
@ -275,12 +275,14 @@ gst_glsl_version_profile_from_string (const gchar * string,
goto error;
}
version_s[i] = '\0';
i++;
profile_s = &version_s[i];
profile_s = g_strstrip (profile_s);
if (version_s[i] != 0) {
version_s[i] = '\0';
i++;
profile_s = &version_s[i];
profile_s = g_strstrip (profile_s);
profile = gst_glsl_profile_from_string (profile_s);
profile = gst_glsl_profile_from_string (profile_s);
}
version = gst_glsl_version_from_string (version_s);
g_free (str);