[mythtv-commits] Ticket #13436: Potential crash in CC708 append_cc function.

MythTV noreply at mythtv.org
Wed Mar 27 09:39:15 UTC 2019


#13436: Potential crash in CC708 append_cc function.
--------------------------------+-------------------------------
 Reporter:  David Hampton       |          Owner:  David Hampton
     Type:  Bug Report - Crash  |         Status:  closed
 Priority:  minor               |      Milestone:  30.1
Component:  MythTV - Captions   |        Version:  Master Head
 Severity:  medium              |     Resolution:  fixed
 Keywords:                      |  Ticket locked:  0
--------------------------------+-------------------------------

Comment (by David Hampton <mythtv@…>):

 In [changeset:"ff4c7158f4fb241760e77fad7c2a8eef1a4eb5c3/mythtv"
 ff4c7158f/mythtv]:
 {{{
 #!CommitTicketReference repository="mythtv"
 revision="ff4c7158f4fb241760e77fad7c2a8eef1a4eb5c3"
 tidy: Fix rare null pointer dereference in cc707decoder.cpp.

 The clang-tidy "non-null parameter checker" pointed out to possibility
 of the cc708 decoder dereferencing through a null pointer.  This code
 starts with a default buffer size of 512 and then attempts to allocate
 a larger buffer when necessary (in this case, if a single subtitle is
 more than 512 characters.)  If the reallocation fails, the code would
 end up storing the nullptr error return into the buffer pointer, and
 then dereference it an an attempt to store the new characters.  Catch
 this rare condition and drop the characters that won't fit into the
 existing buffer.

 Fixes #13436.

 (cherry picked from commit d0356aba3c9394200a86dcab7d1cf17a558c5eab)
 }}}

-- 
Ticket URL: <https://code.mythtv.org/trac/ticket/13436#comment:2>
MythTV <http://www.mythtv.org>
MythTV Media Center


More information about the mythtv-commits mailing list