ref: ffd8837b861f7a9853adead235204b6623cc5742
parent: 15bd4c16b1ba2307a0fd535d8db493da05ea1975
author: Ulrich Klauer <ulrich@chirlu.de>
date: Sat Dec 15 17:21:44 EST 2012
Fix bug in lsx_parsesamples As pointed out by nu774 in issue 3596296, lsx_parsesamples could overread past the NUL terminator, leading to erroneous behaviour or a crash.
--- a/src/effects_i.c
+++ b/src/effects_i.c
@@ -227,9 +227,9 @@
*samples - samples_part : 0;
break;
}
- if (strchr("+-", *str))+ combine = '\0';
+ if (*str && strchr("+-", *str))combine = *str++;
- else combine = '\0';
} while (combine);
return str;
}
@@ -305,6 +305,8 @@
TEST("1e6s-10", 900000, 7) TEST("10-2:00", 0, 7) TEST("123-45+12s+2:00-3e3s@foo", 1977012, 20)+
+ TEST("1\0" "2", 10000, 1)return 0;
}