claunia/flac
1
0
Fork 0
mirror of https://github.com/claunia/flac.git synced 2025-12-16 18:54:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

extra checking on memory allocation sizes to prevent a class of overflow attacks

Browse Source
This commit is contained in:
Josh Coalson
2007-09-11 04:49:56 +00:00
parent 0221d87c89
commit 0f008d2e9e
26 changed files with 234 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/share/grabbag/picture.c
View File

@@ -20,6 +20,7 @@
# include <config.h>
#endif
#include "share/alloc.h"
#include "share/grabbag.h"
#include "FLAC/assert.h"
#include <stdio.h>
@@ -29,7 +30,7 @@
/* slightly different that strndup(): this always copies 'size' bytes starting from s into a NUL-terminated string. */
static char *local__strndup_(const char *s, size_t size)
{
char *x = (char*)malloc(size+1);
char *x = (char*)safe_malloc_add_2op_(size, /*+*/1);
if(x) {
memcpy(x, s, size);
x[size] = '\0';
@@ -357,7 +358,7 @@ FLAC__StreamMetadata *grabbag__picture_parse_specification(const char *spec, con
if(size < 0)
*error_message = error_messages[5];
else {
FLAC__byte *buffer = (FLAC__byte*)malloc(size);
FLAC__byte *buffer = (FLAC__byte*)safe_malloc_(size);
if(0 == buffer)
*error_message = error_messages[0];
else {