mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-27 12:11:13 +00:00
Code Issues 1 Projects Releases Wiki Activity

glsl: fix possible string overrun in gst_glsl_version_profile_from_string

Browse source 
given a NULL-terminated string, s.
s[i] = '\0';
i++;
does not guarentee that s[i] is NULL terminated and thus string operations
could read off the end of the array.

https://bugzilla.gnome.org/show_bug.cgi?id=758039
This commit is contained in:
Vineeth TM 2015-11-13 10:41:58 +09:00 committed by Tim-Philipp Müller
parent 148940c456
commit a0a8b8873b
1 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
gst-libs/gst/gl/gstglsl.c
View file

@ -245,8 +245,8 @@ gst_glsl_version_profile_from_string (const gchar * string,
GstGLSLVersion * version_ret, GstGLSLProfile * profile_ret) GstGLSLVersion * version_ret, GstGLSLProfile * profile_ret)
{ {
gchar *str, *version_s, *profile_s; gchar *str, *version_s, *profile_s;
GstGLSLVersion version; GstGLSLVersion version = GST_GLSL_VERSION_NONE;
GstGLSLProfile profile; GstGLSLProfile profile = GST_GLSL_PROFILE_NONE;
gint i; gint i;
if (!string) if (!string)
@ -275,12 +275,14 @@ gst_glsl_version_profile_from_string (const gchar * string,
goto error; goto error;
} }
version_s[i] = '\0'; if (version_s[i] != 0) {
i++; version_s[i] = '\0';
profile_s = &version_s[i]; i++;
profile_s = g_strstrip (profile_s); profile_s = &version_s[i];
profile_s = g_strstrip (profile_s);
profile = gst_glsl_profile_from_string (profile_s); profile = gst_glsl_profile_from_string (profile_s);
}
version = gst_glsl_version_from_string (version_s); version = gst_glsl_version_from_string (version_s);
g_free (str); g_free (str);