Re: [Gnash-dev] static source code analysis

gnash-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] static source code analysis

From:	strk
Subject:	Re: [Gnash-dev] static source code analysis
Date:	Mon, 8 Sep 2008 22:01:52 +0200

On Sun, Sep 07, 2008 at 12:15:32PM -0700, Bastiaan Jacques wrote:

> [libcore/SWFStream.cpp:326]: Array index out of bounds
> [libcore/SWFStream.cpp:327]: Array index out of bounds
> [libcore/SWFStream.cpp:328]: Array index out of bounds
> [libcore/SWFStream.cpp:329]: Array index out of bounds

I was curious and took a look at this one:

    const unsigned short dataLength = 8;
    unsigned char buf[dataLength];

    // Should align:
    if (read(reinterpret_cast<char*>(buf), dataLength) < dataLength)
    {
        throw ParserException(_("Unexpected end of stream while reading"));
    }

    uint64_t low = buf[0];
    low |= buf[1] << 8;
    low |= buf[2] << 16;
    low |= buf[3] << 24;

    uint64_t hi = buf[4];   <---- line 326
    hi |= buf[5] << 8;
    hi |= buf[6] << 16;
    hi |= buf[7] << 24;

I don't see the out of bounds access...

--strk;

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnash-dev] static source code analysis, Bastiaan Jacques, 2008/09/07
- Re: [Gnash-dev] static source code analysis, strk <=

Prev by Date: Re: [Gnash-dev] Where should new actionscript classes go?
Next by Date: [Gnash-dev] 0.8.3 - Problem with "configure" and "make" on PS3 Yellowdog ver 6
Previous by thread: [Gnash-dev] static source code analysis
Next by thread: [Gnash-dev] 0.8.3 - Problem with "configure" and "make" on PS3 Yellowdog ver 6
Index(es):
- Date
- Thread