Mercurial > libavformat.hg

diff http.c @ 639:0b52743104ac libavformat

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
integer overflows, heap corruption possible arbitrary code execution cannot be ruled out in some cases precautionary checks
author michael
date Sat, 08 Jan 2005 14:21:33 +0000
parents 056991ab9f10
children 095009fc2f35
line wrap: on
line diff
--- a/http.c	Thu Jan 06 00:54:03 2005 +0000
+++ b/http.c	Sat Jan 08 14:21:33 2005 +0000
@@ -290,12 +290,16 @@
 static char *b64_encode( unsigned char *src )
 {
     static const char b64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-                                                                                
-    char *dst = av_malloc( strlen( src ) * 4 / 3 + 12 );
-    char *ret = dst;
+    unsigned int len= strlen(src);
+    char *ret, *dst;
     unsigned i_bits = 0;
     unsigned i_shift = 0;
-                                                                                
+
+    if(len < UINT_MAX/4){
+        ret=dst= av_malloc( len * 4 / 3 + 12 );
+    }else
+        return NULL;
+
     for( ;; )
     {
         if( *src )