diff options
| author | Oneric <oneric@oneric.stub> | 2020-10-11 16:31:20 +0200 |
|---|---|---|
| committer | Oleg Oshmyan <chortos@inbox.lv> | 2020-10-27 01:03:04 +0200 |
| commit | 26855a4ad9e74449a80ac1acb99b605ff745eda3 (patch) | |
| tree | 507f97e122bf6fe662a071b05d2978c669bfca02 /libass | |
| parent | 24805c8b33615374b0cec85536a8e10d0f376860 (diff) | |
| download | libass-26855a4ad9e74449a80ac1acb99b605ff745eda3.tar.bz2 libass-26855a4ad9e74449a80ac1acb99b605ff745eda3.tar.xz | |
API: make ass_alloc_{style,event} alloc-fail safe
Also deal with potential overflows of style and event count.
Since these fields are ints part ofthe public API, but will be cast to
size_t in ASS_REALLOC_ARRAY use the smaller of both limits.
Diffstat (limited to 'libass')
| -rw-r--r-- | libass/ass.c | 26 | ||||
| -rw-r--r-- | libass/ass.h | 4 |
2 files changed, 16 insertions, 14 deletions
diff --git a/libass/ass.c b/libass/ass.c index 137b8ae..638d86c 100644 --- a/libass/ass.c +++ b/libass/ass.c @@ -96,7 +96,7 @@ void ass_free_track(ASS_Track *track) /// \brief Allocate a new style struct /// \param track track -/// \return style id +/// \return style id or negative value on failure int ass_alloc_style(ASS_Track *track) { int sid; @@ -104,11 +104,12 @@ int ass_alloc_style(ASS_Track *track) assert(track->n_styles <= track->max_styles); if (track->n_styles == track->max_styles) { - track->max_styles += ASS_STYLES_ALLOC; - track->styles = - (ASS_Style *) realloc(track->styles, - sizeof(ASS_Style) * - track->max_styles); + if (track->max_styles >= FFMIN(SIZE_MAX, INT_MAX) - ASS_STYLES_ALLOC) + return -1; + int new_max = track->max_styles + ASS_STYLES_ALLOC; + if (!ASS_REALLOC_ARRAY(track->styles, new_max)) + return -1; + track->max_styles = new_max; } sid = track->n_styles++; @@ -118,7 +119,7 @@ int ass_alloc_style(ASS_Track *track) /// \brief Allocate a new event struct /// \param track track -/// \return event id +/// \return event id or negative value on failure int ass_alloc_event(ASS_Track *track) { int eid; @@ -126,11 +127,12 @@ int ass_alloc_event(ASS_Track *track) assert(track->n_events <= track->max_events); if (track->n_events == track->max_events) { - track->max_events = track->max_events * 2 + 1; - track->events = - (ASS_Event *) realloc(track->events, - sizeof(ASS_Event) * - track->max_events); + if (track->max_events >= FFMIN(SIZE_MAX, INT_MAX) / 2) + return -1; + int new_max = track->max_events * 2 + 1; + if (!ASS_REALLOC_ARRAY(track->events, new_max)) + return -1; + track->max_events = new_max; } eid = track->n_events++; diff --git a/libass/ass.h b/libass/ass.h index 582af83..bd787f2 100644 --- a/libass/ass.h +++ b/libass/ass.h @@ -580,14 +580,14 @@ void ass_free_track(ASS_Track *track); /** * \brief Allocate new style. * \param track track - * \return newly allocated style id + * \return newly allocated style id >= 0, or a value < 0 on failure */ int ass_alloc_style(ASS_Track *track); /** * \brief Allocate new event. * \param track track - * \return newly allocated event id + * \return newly allocated event id >= 0, or a value < 0 on failure */ int ass_alloc_event(ASS_Track *track); |