diff options
| author | Tim-Philipp Müller <tim@centricular.com> | 2017-01-15 14:52:44 +0300 |
|---|---|---|
| committer | Tim-Philipp Müller <tim@centricular.com> | 2017-01-15 14:54:13 +0300 |
| commit | 9398b7f1a75b38844ae7050b5a7967e4cdebe24f (patch) | |
| tree | c91fc2a9197918aa27a6dda90f2245eb45e5104c | |
| parent | 67e9f15944f7662a17eb0ac76159ed9134d93505 (diff) | |
datetime: fix potential out-of-bound read on malformed datetime string
https://bugzilla.gnome.org/show_bug.cgi?id=777263
| -rw-r--r-- | gst/gstdatetime.c | 2 | ||||
| -rw-r--r-- | tests/check/gst/gstdatetime.c | 8 |
2 files changed, 9 insertions, 1 deletions
diff --git a/gst/gstdatetime.c b/gst/gstdatetime.c index 2d99594955..67cdd6cf2a 100644 --- a/gst/gstdatetime.c +++ b/gst/gstdatetime.c @@ -865,7 +865,7 @@ gst_date_time_new_from_iso8601_string (const gchar * string) else if (neg_pos) pos = neg_pos + 1; - if (pos) { + if (pos && strlen (pos) >= 3) { gint ret_tz; if (pos[2] == ':') ret_tz = sscanf (pos, "%d:%d", &gmt_offset_hour, &gmt_offset_min); diff --git a/tests/check/gst/gstdatetime.c b/tests/check/gst/gstdatetime.c index ae15dc55bc..7bbc5bd41d 100644 --- a/tests/check/gst/gstdatetime.c +++ b/tests/check/gst/gstdatetime.c @@ -701,6 +701,14 @@ GST_START_TEST (test_GstDateTime_iso8601) fail_unless (!gst_date_time_has_second (dt)); gst_date_time_unref (dt); + /* some bogus ones, make copy to detect out of bound read in valgrind/asan */ + { + gchar *s = g_strdup ("0002000000T00000:00+0"); + dt = gst_date_time_new_from_iso8601_string (s); + gst_date_time_unref (dt); + g_free (s); + } + g_date_time_unref (gdt2); } |