head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.24 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.22 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.20 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.18 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.16 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.14 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.12 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.10 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.8 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.6 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.4 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.2 pkgsrc-2007Q3-base:1.2; locks; strict; comment @# @; 1.2 date 2007.09.21.12.00.11; author abs; state dead; branches; next 1.1; 1.1 date 2007.09.19.15.39.13; author jlam; state Exp; branches; next ; desc @@ 1.2 log @patch-af was an extended version of patch-ae, merge - now builds again @ text @$NetBSD: patch-af,v 1.1 2007/09/19 15:39:13 jlam Exp $ --- src/player.c.orig Tue Dec 10 19:30:26 2002 +++ src/player.c @@@@ -43,6 +43,16 @@@@ #include "player/record.h" /* Provides: parameter mechanism */ #include "player/meta.h" /* Provides: record interpreters */ +#ifdef HAVE_STDINT_H +#include +#endif +#ifndef UINT32_MAX +#include +#endif +#ifndef UINT32_MAX +#define UINT32_MAX UINT_MAX +#endif + /** * @@internal */ @@@@ -132,8 +142,14 @@@@ wmf_error_t wmf_scan (wmfAPI* API,unsign } } -/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char)); - */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); + if (MAX_REC_SIZE(API) > UINT32_MAX/ 2) + { + API->err = wmf_E_InsMem; + WMF_DEBUG (API,"bailing..."); + return (API->err); + } + + P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); if (ERR (API)) { WMF_DEBUG (API,"bailing..."); @ 1.1 log @Some older platforms don't define UINT32_MAX, so use UINT_MAX as a last resort. @ text @d1 1 a1 1 $NetBSD$ @