diff options
| author | rtogni <rtogni@b3059339-0415-0410-9bf9-f77b7e298cf2> | 2008-01-20 20:43:46 +0000 |
|---|---|---|
| committer | rtogni <rtogni@b3059339-0415-0410-9bf9-f77b7e298cf2> | 2008-01-20 20:43:46 +0000 |
| commit | 795973f7327c46a514e7416d6df1b85b8cce868c (patch) | |
| tree | 854e632e70dbfbb898e7a87721b6023aa740b96e | |
| parent | 3bbe897e247d128cf63f1fad665fdfc086bab5ab (diff) | |
| download | mpv-795973f7327c46a514e7416d6df1b85b8cce868c.tar.bz2 mpv-795973f7327c46a514e7416d6df1b85b8cce868c.tar.xz | |
Clear tmp between ip6 check and string escape to prevent reuse of the
buffer, in order to prevent a possible buffer overflow on malformed
urls.
Based on a patch by Adam Bozanich abozanich musecurity com
git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@25823 b3059339-0415-0410-9bf9-f77b7e298cf2
| -rw-r--r-- | stream/url.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/stream/url.c b/stream/url.c index 79a1eba19a..89d4eaaa7b 100644 --- a/stream/url.c +++ b/stream/url.c @@ -328,6 +328,7 @@ url_escape_string(char *outbuf, const char *inbuf) { } } + tmp = NULL; while(i < len) { // look for the next char that must be kept for (j=i;j<len;j++) { |