oggdec_parse_config(): Add some sanity checks.
authorAndre Noll <maan@systemlinux.org>
Sun, 30 Nov 2008 14:23:46 +0000 (15:23 +0100)
committerAndre Noll <maan@systemlinux.org>
Sun, 30 Nov 2008 14:23:46 +0000 (15:23 +0100)
oggdec.c

index 6b96c50..e22ea1e 100644 (file)
--- a/oggdec.c
+++ b/oggdec.c
@@ -165,10 +165,24 @@ static ssize_t ogg_convert(char *inbuffer, size_t len, struct filter_node *fn)
 
 static void *oggdec_parse_config(int argc, char **argv)
 {
-       struct oggdec_filter_args_info *ret = para_calloc(sizeof(struct oggdec_filter_args_info));
-       if (!oggdec_cmdline_parser(argc, argv, ret))
-               return ret;
-       free(ret);
+       int ret;
+       struct oggdec_filter_args_info *ogg_conf;
+
+       ogg_conf = para_calloc(sizeof(*ogg_conf));
+       ret = oggdec_cmdline_parser(argc, argv, ogg_conf);
+       if (ret)
+               goto err;
+       if (ogg_conf->bufsize_arg < 0)
+               goto err;
+       if (ogg_conf->bufsize_arg >= INT_MAX / 1024)
+               goto err;
+       if (ogg_conf->initial_buffer_arg < 0)
+               goto err;
+       if (ogg_conf->initial_buffer_arg >= INT_MAX / 1024)
+               goto err;
+       return ogg_conf;
+err:
+       free(ogg_conf);
        return NULL;
 }