[MPlayer-cvslog] r25823 - trunk/stream/url.c
rtogni
subversion at mplayerhq.hu
Sun Jan 20 21:43:46 CET 2008
Author: rtogni
Date: Sun Jan 20 21:43:46 2008
New Revision: 25823
Log:
Clear tmp between ip6 check and string escape to prevent reuse of the
buffer, in order to prevent a possible buffer overflow on malformed
urls.
Based on a patch by Adam Bozanich abozanich musecurity com
Modified:
trunk/stream/url.c
Modified: trunk/stream/url.c
==============================================================================
--- trunk/stream/url.c (original)
+++ trunk/stream/url.c Sun Jan 20 21:43:46 2008
@@ -328,6 +328,7 @@ url_escape_string(char *outbuf, const ch
}
}
+ tmp = NULL;
while(i < len) {
// look for the next char that must be kept
for (j=i;j<len;j++) {
More information about the MPlayer-cvslog
mailing list