From a781fe14f729e0d3300e0e62aebbae1914d65cd4 Mon Sep 17 00:00:00 2001 From: wm4 Date: Sat, 20 Oct 2012 20:58:46 +0200 Subject: [PATCH] osd_libass: increase robustness when handling internal OSD escapes The \xFF escape is used internally to insert special OSD symbols (which need a font change to the internal OSD font). There was potential for breakage when \xFF was followed by \0, because then "in" would be advanced past the string's end. Normally this can't happen, as it would require invalid UTF-8 input data. But we don't check input for UTF-8 validness, so there's a potential issue here. Garbled output is ok on invalid UTF-8 input, but crashing is not. Make it more robust by checking for this. --- sub/osd_libass.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sub/osd_libass.c b/sub/osd_libass.c index 612bef2c56..29450535bc 100644 --- a/sub/osd_libass.c +++ b/sub/osd_libass.c @@ -234,7 +234,7 @@ static char *mangle_ass(const char *in) char *res = talloc_strdup(NULL, ""); while (*in) { // As used by osd_get_function_sym(). - if (in[0] == '\xFF') { + if (in[0] == '\xFF' && in[1]) { res = talloc_strdup_append_buffer(res, ASS_USE_OSD_FONT); res = append_utf8_buffer(res, OSD_CODEPOINTS + in[1]); res = talloc_strdup_append_buffer(res, "{\\r}");