diff options
| author | wm4 <wm4@nowhere> | 2014-11-09 10:41:54 +0100 |
|---|---|---|
| committer | wm4 <wm4@nowhere> | 2014-11-09 10:41:54 +0100 |
| commit | 11300cd37fc0038f3004b0da5748091f5f763738 (patch) | |
| tree | 243fa115af89216ee2a4463edcef440c488f7448 /libass/ass.c | |
| parent | dc054a1fdb1e9145e905612f296bbafd5ba7b530 (diff) | |
| download | libass-11300cd37fc0038f3004b0da5748091f5f763738.tar.bz2 libass-11300cd37fc0038f3004b0da5748091f5f763738.tar.xz | |
Check more mallocs
This is just a start and gets most easy ones.
Diffstat (limited to 'libass/ass.c')
| -rw-r--r-- | libass/ass.c | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/libass/ass.c b/libass/ass.c index 63c31a6..80f4e7a 100644 --- a/libass/ass.c +++ b/libass/ass.c @@ -669,6 +669,8 @@ static int decode_font(ASS_Track *track) goto error_decode_font; } buf = malloc(size / 4 * 3 + 2); + if (!buf) + goto error_decode_font; q = buf; for (i = 0, p = (unsigned char *) track->parser_priv->fontdata; i < size / 4; i++, p += 4) { @@ -818,6 +820,8 @@ static int process_text(ASS_Track *track, char *str) void ass_process_data(ASS_Track *track, char *data, int size) { char *str = malloc(size + 1); + if (!str) + return; memcpy(str, data, size); str[size] = '\0'; @@ -878,6 +882,8 @@ void ass_process_chunk(ASS_Track *track, char *data, int size, } str = malloc(size + 1); + if (!str) + return; memcpy(str, data, size); str[size] = '\0'; ass_msg(track->library, MSGL_V, "Event at %" PRId64 ", +%" PRId64 ": %s", @@ -964,6 +970,9 @@ static char *sub_recode(ASS_Library *library, char *data, size_t size, #endif } + if (icdsc == (iconv_t) (-1)) + return NULL; + { size_t osize = size; size_t ileft = size; @@ -974,6 +983,8 @@ static char *sub_recode(ASS_Library *library, char *data, size_t size, int clear = 0; outbuf = malloc(osize); + if (!outbuf) + goto out; ip = data; op = outbuf; @@ -987,7 +998,12 @@ static char *sub_recode(ASS_Library *library, char *data, size_t size, if (rc == (size_t) (-1)) { if (errno == E2BIG) { size_t offset = op - outbuf; - outbuf = (char *) realloc(outbuf, osize + size); + char *nbuf = realloc(outbuf, osize + size); + if (!nbuf) { + free(outbuf); + outbuf = 0; + goto out; + } op = outbuf + offset; osize += size; oleft += size; @@ -1046,7 +1062,11 @@ static char *read_file(ASS_Library *library, char *fname, size_t *bufsize) ass_msg(library, MSGL_V, "File size: %ld", sz); - buf = malloc(sz + 1); + buf = sz < SIZE_MAX ? malloc(sz + 1) : NULL; + if (!buf) { + fclose(fp); + return NULL; + } assert(buf); bytes_read = 0; do { @@ -1271,9 +1291,15 @@ long long ass_step_sub(ASS_Track *track, long long now, int movement) ASS_Track *ass_new_track(ASS_Library *library) { ASS_Track *track = calloc(1, sizeof(ASS_Track)); + if (!track) + return NULL; track->library = library; track->ScaledBorderAndShadow = 1; track->parser_priv = calloc(1, sizeof(ASS_ParserPriv)); + if (!track->parser_priv) { + free(track); + return NULL; + } return track; } |