From 97f8e017c4c141a01b5d0213590f1a923b6a359d Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Wed, 18 Nov 2009 19:55:38 +0100 Subject: [PATCH] decoder/flac: fixed NULL pointer dereference in CUE code The function flac_vtrack_tnum() was missing a strrchr()==NULL check. --- NEWS | 1 + src/decoder/_flac_common.c | 2 ++ 2 files changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 8bd2369d2..3c4c2e0d8 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,7 @@ ver 0.15.6 (2009/??/??) - ffmpeg: align the output buffer - oggflac: rewind stream after FLAC detection - flac: fixed CUE seeking range check + - flac: fixed NULL pointer dereference in CUE code * output_thread: check again if output is open on PAUSE * update: delete ignored symlinks from database * database: increased maximum line length to 32 kB diff --git a/src/decoder/_flac_common.c b/src/decoder/_flac_common.c index e096750f3..9338dc6ae 100644 --- a/src/decoder/_flac_common.c +++ b/src/decoder/_flac_common.c @@ -415,6 +415,8 @@ flac_vtrack_tnum(const char* fname) * another/better way would be to use tag struct */ char* ptr = strrchr(fname, '_'); + if (ptr == NULL) + return 0; // copy ascii tracknumber to int char vtrack[4];