[MPlayer-cvslog] r19618 - trunk/libass/ass.c
Evgeniy Stepanov
eugeni.stepanov at gmail.com
Fri Sep 1 15:45:45 CEST 2006
On Friday 01 September 2006 17:53, Rich Felker wrote:
> On Fri, Sep 01, 2006 at 12:45:21AM +0200, eugeni wrote:
> > Author: eugeni
> > Date: Fri Sep 1 00:45:20 2006
> > New Revision: 19618
> >
> > Modified:
> > trunk/libass/ass.c
> >
> > Log:
> > Bugfix: potential write of unallocated memory.
> >
> >
> > Modified: trunk/libass/ass.c
> > =========================================================================
> >===== --- trunk/libass/ass.c (original)
> > +++ trunk/libass/ass.c Fri Sep 1 00:45:20 2006
> > @@ -282,9 +282,11 @@
> > if (strcasecmp(tname, "Text") == 0) {
> > char* last;
> > event->Text = strdup(p);
> > - last = event->Text + strlen(event->Text) - 1;
> > - if (*last == '\r')
> > - *last = 0;
> > + if (*event->Text != 0) {
> > + last = event->Text + strlen(event->Text) - 1;
> > + if (last >= event->Text && *last == '\r')
> > + *last = 0;
> > + }
>
> huh??
> strlen(event->Text) will already have crashed if strdup failed.
It is possible that event->Text has zero length.
More information about the MPlayer-cvslog
mailing list