CVE-2018-20760

author Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>

Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)

committer Reinhard Tartler <siretart@tauware.de>

Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)
author Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)
committer Reinhard Tartler <siretart@tauware.de>
Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)
diff --git a/src/media_tools/text_import.c b/src/media_tools/text_import.c

index 9f6fb10bb3908a885a2ddb4009394c05b311c99d..f111e05e5af49f0072c0dd3becc3aabafcf73841 100644 (file)
--- a/src/media_tools/text_import.c
+++ b/src/media_tools/text_import.c
@@ -292,6 +292,8 @@ char *gf_text_get_utf8_line(char *szLine, u32 lineSize, FILE *txt_in, s32 unicod
         }
         sptr = (u16 *)szLine;
         i = (u32) gf_utf8_wcstombs(szLineConv, 1024, (const unsigned short **) &sptr);
+       if (i >= (u32)ARRAY_LENGTH(szLineConv))
+               return NULL;
         szLineConv[i] = 0;
         strcpy(szLine, szLineConv);
         /*this is ugly indeed: since input is UTF16-LE, there are many chances the fgets never reads the \0 after a \n*/
author	Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
	Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)
committer	Reinhard Tartler <siretart@tauware.de>
	Sun, 7 Apr 2019 16:19:28 +0000 (12:19 -0400)