[MPlayer-dev-eng] [BUG][PATCH] uninitialized memory access in subreader.c
Evgeniy Stepanov
eugeni.stepanov at gmail.com
Tue Jun 13 15:55:30 CEST 2006
On Tuesday 13 June 2006 16:22, Ivan Kalvachev wrote:
> I don't mind the second one, but I think it is useless ATM.
> The filename is guranteed to be more than 4 chars, this means 5 chars
> at least, wihout counting the additinal zero byte. So even in the case
> of the 6 char ".utf-8" the strcmp should work.
With filename like "1.sub", filename+(l - strlen(exts[k])) points 1 byte
_before_ the filename. That address could easily be unallocated.
More information about the MPlayer-dev-eng
mailing list