[Gnash-commit] gnash ChangeLog server/parser/action_buffer.cpp

Mon, 28 Jan 2008 11:43:35 -0800 

CVSROOT:        /sources/gnash
Module name:    gnash
Changes by:     Sandro Santilli <strk>  08/01/28 19:42:22

Modified files:
        .              : ChangeLog 
        server/parser  : action_buffer.cpp 

Log message:
        just log an swf error and return if the action buffer is 0 bytes long.
        Fixes bug #22148.

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.5511&r2=1.5512
http://cvs.savannah.gnu.org/viewcvs/gnash/server/parser/action_buffer.cpp?cvsroot=gnash&r1=1.33&r2=1.34

Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.5511
retrieving revision 1.5512
diff -u -b -r1.5511 -r1.5512
--- ChangeLog   28 Jan 2008 18:44:38 -0000      1.5511
+++ ChangeLog   28 Jan 2008 19:42:21 -0000      1.5512
@@ -1,5 +1,8 @@
 2008-01-28 Sandro Santilli <[EMAIL PROTECTED]>
 
+       * server/parser/action_buffer.cpp (read): just log an swf error
+         and return if the action buffer is 0 bytes long.
+         Fixes bug #22148.
        * server/text.cpp (text_glyph_record::read): robustness improvements.
          Fixes bug #22149.
 

Index: server/parser/action_buffer.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/parser/action_buffer.cpp,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -b -r1.33 -r1.34
--- server/parser/action_buffer.cpp     21 Jan 2008 20:56:00 -0000      1.33
+++ server/parser/action_buffer.cpp     28 Jan 2008 19:42:22 -0000      1.34
@@ -17,7 +17,7 @@
 // Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 //
 
-/* $Id: action_buffer.cpp,v 1.33 2008/01/21 20:56:00 rsavoye Exp $ */
+/* $Id: action_buffer.cpp,v 1.34 2008/01/28 19:42:22 strk Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "gnashconfig.h"
@@ -61,10 +61,17 @@
 action_buffer::read(stream& in, unsigned long endPos)
 {
        unsigned long startPos = in.get_position();
-       assert(endPos > startPos); // caller should check this
        assert(endPos <= in.get_tag_end_position());
        unsigned size = endPos-startPos;
 
+       if ( ! size )
+       {
+               IF_VERBOSE_MALFORMED_SWF(
+               log_swferror(_("Empty action buffer starting at offset %lu"), 
startPos);
+               );
+               return;
+       }
+
        // Allocate the buffer
        // 
        // NOTE: a .reserve would be fine here, except GLIBCPP_DEBUG will 
complain...


_______________________________________________
Gnash-commit mailing list
Gnash-commit@gnu.org
http://lists.gnu.org/mailman/listinfo/gnash-commit

Reply via email to