From 0f18bd0a6a9ce0e62fc9bcbc4339f63eee2855fc Mon Sep 17 00:00:00 2001 From: Klaus Schmidinger Date: Thu, 10 Sep 2015 13:20:21 +0200 Subject: [PATCH] Fixed a possible stack overflow in cListBase::Sort() --- CONTRIBUTORS | 1 + HISTORY | 1 + tools.c | 7 +++++-- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 91eccfbc..b4ac3415 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -714,6 +714,7 @@ Oliver Endriss to detect the frame type for suggesting to ignore channels with an RID that is not 0 when checking for obsolete channels + for fixing a possible stack overflow in cListBase::Sort() Reinhard Walter Buchner for adding some satellites to 'sources.conf' diff --git a/HISTORY b/HISTORY index fd5bfb43..33d8b08c 100644 --- a/HISTORY +++ b/HISTORY @@ -8813,3 +8813,4 @@ Video Disk Recorder Revision History to Thomas Reufer). - Skins can now implement cSkinDisplayMenu::MenuOrientation() to display horizontal menus (thanks to Stefan Braun). +- Fixed a possible stack overflow in cListBase::Sort() (thanks to Oliver Endriss). diff --git a/tools.c b/tools.c index 2d5ff5e2..adfff1c3 100644 --- a/tools.c +++ b/tools.c @@ -4,7 +4,7 @@ * See the main source file 'vdr.c' for copyright information and * how to reach the author. * - * $Id: tools.c 4.3 2015/09/06 10:47:05 kls Exp $ + * $Id: tools.c 4.4 2015/09/10 13:17:55 kls Exp $ */ #include "tools.h" @@ -2253,7 +2253,9 @@ static int CompareListObjects(const void *a, const void *b) void cListBase::Sort(void) { int n = Count(); - cListObject *a[n]; + cListObject **a = MALLOC(cListObject *, n); + if (a == NULL) + return; cListObject *object = objects; int i = 0; while (object && i < n) { @@ -2267,6 +2269,7 @@ void cListBase::Sort(void) count--; Add(a[i]); } + free(a); } // --- cHashBase -------------------------------------------------------------