[MPlayer-cvslog] r25823 - trunk/stream/url.c

rtogni subversion at mplayerhq.hu
Sun Jan 20 21:43:46 CET 2008


Author: rtogni
Date: Sun Jan 20 21:43:46 2008
New Revision: 25823

Log:
Clear tmp between ip6 check and string escape to prevent reuse of the 
buffer, in order to prevent a possible buffer overflow on malformed 
urls.

Based on a patch by Adam Bozanich abozanich musecurity com


Modified:
   trunk/stream/url.c

Modified: trunk/stream/url.c
==============================================================================
--- trunk/stream/url.c	(original)
+++ trunk/stream/url.c	Sun Jan 20 21:43:46 2008
@@ -328,6 +328,7 @@ url_escape_string(char *outbuf, const ch
 		}
 	}
 	
+	tmp = NULL;
 	while(i < len) {
 		// look for the next char that must be kept
 		for  (j=i;j<len;j++) {



More information about the MPlayer-cvslog mailing list