summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrtogni <rtogni@b3059339-0415-0410-9bf9-f77b7e298cf2>2008-01-20 20:43:46 +0000
committerrtogni <rtogni@b3059339-0415-0410-9bf9-f77b7e298cf2>2008-01-20 20:43:46 +0000
commit795973f7327c46a514e7416d6df1b85b8cce868c (patch)
tree854e632e70dbfbb898e7a87721b6023aa740b96e
parent3bbe897e247d128cf63f1fad665fdfc086bab5ab (diff)
downloadmpv-795973f7327c46a514e7416d6df1b85b8cce868c.tar.bz2
mpv-795973f7327c46a514e7416d6df1b85b8cce868c.tar.xz
Clear tmp between ip6 check and string escape to prevent reuse of the
buffer, in order to prevent a possible buffer overflow on malformed urls. Based on a patch by Adam Bozanich abozanich musecurity com git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@25823 b3059339-0415-0410-9bf9-f77b7e298cf2
-rw-r--r--stream/url.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/stream/url.c b/stream/url.c
index 79a1eba19a..89d4eaaa7b 100644
--- a/stream/url.c
+++ b/stream/url.c
@@ -328,6 +328,7 @@ url_escape_string(char *outbuf, const char *inbuf) {
}
}
+ tmp = NULL;
while(i < len) {
// look for the next char that must be kept
for (j=i;j<len;j++) {