[MPlayer-dev-eng] [PATCH] Security - missing bits (related to svn r5369)

Matthias Hopf mat at mshopf.de
Tue Nov 21 18:38:21 CET 2006


r5369 fixed some potential security issues, but the return values of the
functions that were changed were never checked.

This patch changes this. Given that I don't know this code by heart
(actually I don't know it at all), please double check. Its changes are
trivial, though.

Note that I'm kindof busy ATM, so I don't read this ML regularly.

CU

Matthias

-- 
Matthias Hopf <mhopf at suse.de>       __        __   __
Maxfeldstr. 5 / 90409 Nuernberg    (_   | |  (_   |__         mat at mshopf.de
Phone +49-911-74053-715            __)  |_|  __)  |__  labs   www.mshopf.de
-------------- next part --------------
diff -urp a/libavcodec/alac.c b/libavcodec/alac.c
--- a/libavcodec/alac.c      2005-07-19 22:30:39.000000000 +0200
+++ b/libavcodec/alac.c      2006-11-21 17:18:01.000000000 +0100
@@ -448,7 +454,10 @@ static int alac_decode_frame(AVCodecCont
                 ALAC_EXTRADATA_SIZE);
             return input_buffer_size;
         }
-        alac_set_info(alac);
+        if (alac_set_info(alac)) {
+           av_log(NULL, AV_LOG_ERROR, "alac: set_info failed\n");
+           return input_buffer_size;
+       }
         alac->context_initialized = 1;
     }

diff -urp a/libavcodec/shorten.c b/libavcodec/shorten.c
--- a/libavcodec/shorten.c        2005-04-19 07:20:37.000000000 +0200
+++ b/libavcodec/shorten.c        2006-11-21 17:19:31.000000000 +0100
@@ -324,7 +334,8 @@ static int shorten_decode_frame(AVCodecC
         }
         s->nwrap = FFMAX(NWRAP, maxnlpc);

-        allocate_buffers(s);
+        if (allocate_buffers(s))
+           return -1;

         init_offset(s);



More information about the MPlayer-dev-eng mailing list