Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
gstreamer-doc
0001-datetime-fix-potential-out-of-bound-read-o...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-datetime-fix-potential-out-of-bound-read-on-malformed-datetime-string.patch of Package gstreamer-doc
From 9398b7f1a75b38844ae7050b5a7967e4cdebe24f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com> Date: Sun, 15 Jan 2017 11:52:44 +0000 Subject: [PATCH] datetime: fix potential out-of-bound read on malformed datetime string https://bugzilla.gnome.org/show_bug.cgi?id=777263 --- gst/gstdatetime.c | 2 +- tests/check/gst/gstdatetime.c | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/gst/gstdatetime.c b/gst/gstdatetime.c index 2d99594..67cdd6c 100644 --- a/gst/gstdatetime.c +++ b/gst/gstdatetime.c @@ -840,7 +840,7 @@ gst_date_time_new_from_iso8601_string (const gchar * string) else if (neg_pos) pos = neg_pos + 1; - if (pos) { + if (pos && strlen (pos) >= 3) { gint ret_tz; if (pos[2] == ':') ret_tz = sscanf (pos, "%d:%d", &gmt_offset_hour, &gmt_offset_min); diff --git a/tests/check/gst/gstdatetime.c b/tests/check/gst/gstdatetime.c index ae15dc5..7bbc5bd 100644 --- a/tests/check/gst/gstdatetime.c +++ b/tests/check/gst/gstdatetime.c @@ -632,6 +632,14 @@ GST_START_TEST (test_GstDateTime_iso8601) fail_unless (!gst_date_time_has_day (dt)); fail_unless (!gst_date_time_has_time (dt)); gst_date_time_unref (dt); + /* some bogus ones, make copy to detect out of bound read in valgrind/asan */ + { + gchar *s = g_strdup ("0002000000T00000:00+0"); + dt = gst_date_time_new_from_iso8601_string (s); + gst_date_time_unref (dt); + g_free (s); + } + } GST_END_TEST;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor