Maarten Lankhorst : quartz: Check against a null dereference and don' t read beyond the end of file.
Alexandre Julliard
julliard at winehq.org
Mon Mar 31 09:15:24 CDT 2008
Module: wine
Branch: master
Commit: 714e807aa538681472719e038f2741f5bff69a7c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=714e807aa538681472719e038f2741f5bff69a7c
Author: Maarten Lankhorst <crumb at google.com>
Date: Fri Mar 28 13:10:20 2008 -0700
quartz: Check against a null dereference and don't read beyond the end of file.
---
dlls/quartz/mpegsplit.c | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/dlls/quartz/mpegsplit.c b/dlls/quartz/mpegsplit.c
index ab4d371..cb7528f 100644
--- a/dlls/quartz/mpegsplit.c
+++ b/dlls/quartz/mpegsplit.c
@@ -370,8 +370,12 @@ fail:
FIXME("Failed with hres: %08x!\n", hr);
This->skipbytes += This->remaining_bytes;
This->remaining_bytes = 0;
- IMediaSample_Release(This->pCurrentSample);
- This->pCurrentSample = NULL;
+ if (This->pCurrentSample)
+ {
+ IMediaSample_SetActualDataLength(This->pCurrentSample, 0);
+ IMediaSample_Release(This->pCurrentSample);
+ This->pCurrentSample = NULL;
+ }
}
if (BYTES_FROM_MEDIATIME(tStop) >= This->EndOfFile)
@@ -647,6 +651,7 @@ static HRESULT MPEGSplitter_pre_connect(IPin *iface, IPin *pConnectPin)
while (pos < This->EndOfFile && SUCCEEDED(hr))
{
LONGLONG length = 0;
+ hr = IAsyncReader_SyncRead(pPin->pReader, pos, 4, header);
while (parse_header(header, &length, &duration))
{
/* No valid header yet; shift by a byte and check again */
@@ -655,11 +660,8 @@ static HRESULT MPEGSplitter_pre_connect(IPin *iface, IPin *pConnectPin)
if (FAILED(hr))
break;
}
- if (SUCCEEDED(hr))
- {
- pos += length;
- hr = IAsyncReader_SyncRead(pPin->pReader, pos, 4, header);
- }
+ pos += length;
+ TRACE("Pos: %x%08x/%x%08x\n", (DWORD)(pos >> 32), (DWORD)pos, (DWORD)(This->EndOfFile>>32), (DWORD)This->EndOfFile);
}
hr = S_OK;
TRACE("Duration: %d seconds\n", (DWORD)(duration / 10000000));
More information about the wine-cvs
mailing list