Permalink
Browse files

Patch for zero length malloc and check for malloc success

There is a feasible code path such that the string will
have a length of zero.  Malloc of a zero length has a
implementation dependent result (i.e. possible invalid
memory pointer).  Add one to the requested length to
eliminate the abiguity.  In addition, check the return
from malloc to insure it was successful.
(cherry picked from commit 28a77c3)

Signed-off-by: Stuart Morgan <smorgan@mythtv.org>

Fixes #11570
  • Loading branch information...
garybuhrmaster authored and stuartm committed May 30, 2013
1 parent f770669 commit b44f38e8487d521685521a8a50b12119d23e1cb8
Showing with 6 additions and 1 deletion.
  1. +6 −1 mythtv/libs/libmythfreemheg/ParseBinary.cpp
@@ -64,7 +64,12 @@ void MHParseBinary::ParseString(int endStr, MHOctetString &str)
}
int nLength = endStr - m_p;
unsigned char *stringValue = (unsigned char *)malloc(endStr - m_p);
unsigned char *stringValue = (unsigned char *)malloc(nLength + 1);
if (stringValue == NULL)
{
MHERROR("Out of memory");
}
unsigned char *p = stringValue;
while (m_p < endStr)

0 comments on commit b44f38e

Please sign in to comment.