From 1b2795913a99e5df799b272528dcf57e8d6fce3f Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Mon, 17 Nov 2014 21:24:52 +0100
Subject: More malloc checking

Use strndup() instead of malloc+copy.

Make all code deal with the possibility that ASS_Drawing.text can be
NULL (which can happen on allocation failure).

Skip fix_collisions() on malloc failure - the lines will overlap, but at
least libass won't crash.
---
 libass/ass.c         | 4 +---
 libass/ass_drawing.c | 8 ++++----
 libass/ass_parse.c   | 4 +---
 libass/ass_render.c  | 5 ++++-
 4 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/libass/ass.c b/libass/ass.c
index 80f4e7a..75f646f 100644
--- a/libass/ass.c
+++ b/libass/ass.c
@@ -579,9 +579,7 @@ static int process_info_line(ASS_Track *track, char *str)
     } else if (!strncmp(str, "Language:", 9)) {
         char *p = str + 9;
         while (*p && isspace(*p)) p++;
-        track->Language = malloc(3);
-        strncpy(track->Language, p, 2);
-        track->Language[2] = 0;
+        track->Language = strndup(p, 2);
     }
     return 0;
 }
diff --git a/libass/ass_drawing.c b/libass/ass_drawing.c
index cc847af..88ec89c 100644
--- a/libass/ass_drawing.c
+++ b/libass/ass_drawing.c
@@ -146,7 +146,7 @@ static ASS_DrawingToken *drawing_tokenize(char *str)
 
     ASS_DrawingToken *root = NULL, *tail = NULL, *spline_start = NULL;
 
-    while (*p) {
+    while (p && *p) {
         if (*p == 'c' && spline_start) {
             // Close b-splines: add the first three points of the b-spline
             // back to the end
@@ -379,9 +379,7 @@ void ass_drawing_free(ASS_Drawing* drawing)
 void ass_drawing_set_text(ASS_Drawing* drawing, char *str, size_t len)
 {
     free(drawing->text);
-    drawing->text = malloc(len + 1);
-    memcpy(drawing->text, str, len);
-    drawing->text[len] = 0;
+    drawing->text = strndup(str, len);
 }
 
 /*
@@ -390,6 +388,8 @@ void ass_drawing_set_text(ASS_Drawing* drawing, char *str, size_t len)
  */
 void ass_drawing_hash(ASS_Drawing* drawing)
 {
+    if (!drawing->text)
+        return;
     drawing->hash = fnv_32a_str(drawing->text, FNV1_32A_INIT);
 }
 
diff --git a/libass/ass_parse.c b/libass/ass_parse.c
index 7a17b80..641d42c 100644
--- a/libass/ass_parse.c
+++ b/libass/ass_parse.c
@@ -538,9 +538,7 @@ char *parse_tag(ASS_Renderer *render_priv, char *p, char *end, double pwr)
         end = args->end;
         if (nargs && strncmp(start, "0", end - start)) {
             skip_spaces(&start);
-            family = malloc(end - start + 1);
-            strncpy(family, start, end - start);
-            family[end - start] = '\0';
+            family = strndup(start, end - start);
         } else
             family = strdup(render_priv->state.style->FontName);
         free(render_priv->state.family);
diff --git a/libass/ass_render.c b/libass/ass_render.c
index b88bf22..f6e3879 100644
--- a/libass/ass_render.c
+++ b/libass/ass_render.c
@@ -2837,10 +2837,13 @@ static int fit_segment(Segment *s, Segment *fixed, int *cnt, int dir)
 static void
 fix_collisions(ASS_Renderer *render_priv, EventImages *imgs, int cnt)
 {
-    Segment *used = malloc(cnt * sizeof(*used));
+    Segment *used = ass_realloc_array(NULL, cnt, sizeof(*used));
     int cnt_used = 0;
     int i, j;
 
+    if (!used)
+        return;
+
     // fill used[] with fixed events
     for (i = 0; i < cnt; ++i) {
         ASS_RenderPriv *priv;
-- 
cgit v1.2.3