[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnash-commit] gnash ChangeLog server/parser/action_buffer.cpp...
From: |
Benjamin Wolsey |
Subject: |
[Gnash-commit] gnash ChangeLog server/parser/action_buffer.cpp... |
Date: |
Thu, 08 May 2008 08:00:38 +0000 |
CVSROOT: /sources/gnash
Module name: gnash
Changes by: Benjamin Wolsey <bwy> 08/05/08 08:00:37
Modified files:
. : ChangeLog
server/parser : action_buffer.cpp
server/swf : PlaceObject2Tag.cpp
Log message:
clean up stream.cpp, use ensureBytes in PlaceObejct2Tag.cpp.
Drop
assertion and rely on action_buffer being safe.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/gnash/ChangeLog?cvsroot=gnash&r1=1.6548&r2=1.6549
http://cvs.savannah.gnu.org/viewcvs/gnash/server/parser/action_buffer.cpp?cvsroot=gnash&r1=1.40&r2=1.41
http://cvs.savannah.gnu.org/viewcvs/gnash/server/swf/PlaceObject2Tag.cpp?cvsroot=gnash&r1=1.41&r2=1.42
Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/gnash/gnash/ChangeLog,v
retrieving revision 1.6548
retrieving revision 1.6549
diff -u -b -r1.6548 -r1.6549
--- ChangeLog 7 May 2008 20:59:28 -0000 1.6548
+++ ChangeLog 8 May 2008 08:00:35 -0000 1.6549
@@ -1,3 +1,10 @@
+2008-05-08 Benjamin Wolsey <address@hidden>
+
+ * server/stream.cpp: it's a vector, use push_back.
+ * server/swf/PlaceObject2Tag.cpp: use ensureBytes, drop
+ assertion, with comment: rely on action_buffer's safety.
+
+
2008-05-07 Russ Nelson <address@hidden>
* libamf/amf.cpp: eliminate "tmp used before initialization"
Index: server/parser/action_buffer.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/parser/action_buffer.cpp,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -b -r1.40 -r1.41
--- server/parser/action_buffer.cpp 7 May 2008 09:41:14 -0000 1.40
+++ server/parser/action_buffer.cpp 8 May 2008 08:00:37 -0000 1.41
@@ -100,8 +100,7 @@
{
// Add a null terminator so read_string won't read off
// the end of the buffer.
- m_buffer.resize(size + 1);
- m_buffer[size] = 0;
+ m_buffer.push_back(0x00);
IF_VERBOSE_MALFORMED_SWF(
log_swferror(_("Action buffer starting at offset %lu
doesn't end with an END tag"),
Index: server/swf/PlaceObject2Tag.cpp
===================================================================
RCS file: /sources/gnash/gnash/server/swf/PlaceObject2Tag.cpp,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -b -r1.41 -r1.42
--- server/swf/PlaceObject2Tag.cpp 30 Apr 2008 09:15:10 -0000 1.41
+++ server/swf/PlaceObject2Tag.cpp 8 May 2008 08:00:37 -0000 1.42
@@ -69,6 +69,7 @@
{
int movie_version = _movie_def.get_version();
+ in.ensureBytes(2);
boost::uint16_t reserved = in.read_u16();
IF_VERBOSE_MALFORMED_SWF (
if ( reserved != 0 ) // must be 0
@@ -78,7 +79,16 @@
);
// The logical 'or' of all the following handlers.
- all_event_flags = (movie_version >= 6) ? in.read_u32() : in.read_u16();
+ if (movie_version >= 6)
+ {
+ in.ensureBytes(4);
+ all_event_flags = in.read_u32();
+ }
+ else
+ {
+ in.ensureBytes(2);
+ all_event_flags = in.read_u16();
+ }
IF_VERBOSE_PARSE (
log_parse(_(" actions: flags = 0x%X"), all_event_flags);
@@ -90,13 +100,24 @@
// Read event.
in.align();
- boost::uint32_t flags = (movie_version >= 6) ? in.read_u32() :
in.read_u16();
+ boost::uint32_t flags;
+ if (movie_version >= 6)
+ {
+ in.ensureBytes(4);
+ flags = in.read_u32();
+ }
+ else
+ {
+ in.ensureBytes(2);
+ flags = in.read_u16();
+ }
if (flags == 0) // no other events
{
break;
}
+ in.ensureBytes(4);
boost::uint32_t event_length = in.read_u32();
if ( in.get_tag_end_position() - in.get_position() < event_length )
{
@@ -114,6 +135,7 @@
if (flags & (1 << 17)) // has KeyPress event
{
+ in.ensureBytes(1);
ch = in.read_u8();
event_length--;
}
@@ -123,7 +145,10 @@
_actionBuffers.push_back(action); // take ownership
action->read(in, in.get_position()+event_length);
- assert(action->size() == event_length);
+ // If there is no end tag, action_buffer appends a null-terminator,
+ // and fails this check. As action_buffer should check bounds, we
+ // can just continue here.
+ //assert (action->size() == event_length);
// 13 bits reserved, 19 bits used
const int total_known_events = 19;
- [Gnash-commit] gnash ChangeLog server/parser/action_buffer.cpp...,
Benjamin Wolsey <=