[Mplayer-cvslog] CVS: 0_90/libmpdemux http.c,1.17,1.18

Michael Niedermayer CVS syncmail at mplayerhq.hu
Tue Mar 30 13:22:50 CEST 2004


CVS change done by Michael Niedermayer CVS

Update of /cvsroot/mplayer/0_90/libmpdemux
In directory mail:/var2/tmp/cvs-serv25627

Modified Files:
	http.c 
Log Message:
remote exploitable heap overflow fix by ("blexim" <blexim at hush dot com>)


Index: http.c
===================================================================
RCS file: /cvsroot/mplayer/0_90/libmpdemux/http.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- http.c	13 Nov 2002 09:02:55 -0000	1.17
+++ http.c	30 Mar 2004 11:22:48 -0000	1.18
@@ -175,7 +175,7 @@
 	if( http_hdr->method==NULL ) http_set_method( http_hdr, "GET");
 	if( http_hdr->uri==NULL ) http_set_uri( http_hdr, "/");
 	else {
-		uri = (char*)malloc(strlen(http_hdr->uri)*2);
+		uri = (char*)malloc((strlen(http_hdr->uri)*3) + 1);
 		if( uri==NULL ) {
 			mp_msg(MSGT_NETWORK,MSGL_ERR,"Memory allocation failed\n");
 			return NULL;




More information about the MPlayer-cvslog mailing list