Comments (5)
commented on May 27, 2024
Yeah, I also planned to do something about that. But for now it seems to be better to wait until all the other changes make it in.
from libass.
commented on May 27, 2024
If we do this, we should also treat integer overflows correctly.
E.g. I see stuff like: realloc(track->events, sizeof(ASS_Event) * track->max_events)
If the multiplication overflows, the allocation will be smaller than expected (but still "succeed"), and you'll have a problem.
from libass.
rcombs
commented on May 27, 2024
Yup.
from libass.
commented on May 27, 2024
Reminder that we really should do this (tm).
from libass.
commented on May 27, 2024
OK, here's a suggestion:
- replace all malloc() calls with a ass_xmalloc() macro, which abort()s on malloc failure
- code that actually checks for the malloc() result can still use malloc() proper
- run a fuzz tests that make malloc() return NULL randomly to verify that the malloc checks actually work
- add some helper macros to allocate arrays with avoiding integer overflows
from libass.
Related Issues (20)
- Why change \fsp behaviour on multi-codepoint graphemes? HOT 5
- Performance regression results in severe framedrops for typesetted subtitles HOT 8
- Memory leak in ass_font_provider_add_font HOT 28
- Rendering: wrong direction of lines HOT 5
- Request: GPU rendering backend HOT 1
- Investigate unexpected vsfilter behavior with \h on certain font HOT 15
- Font size differs from VSFilter for specific fonts HOT 4
- Try to parse script properties even if missing "[Script Info]" HOT 1
- Significant perf drop for specific, lower(!) resolution HOT 2
- Rendering: Unable to render some bitmap style fonts HOT 2
- Rendering: unexpected stretching HOT 3
- Rendering: libass doesn't set a default name for the style when it is empty HOT 1
- How to handle auto wrap when burn chinese subtitle with ffmpeg HOT 1
- Rendering: The same Ass script using the \blur tag performs abnormally on the Android platform, but on iOS HOT 1
- Rendering: Drawing without m isn't rendered by VSFilter HOT 2
- Why is the macro definition 'PARSE_START if (0)' executed HOT 1
- image question HOT 4
- A subset font has ligatures applied in VSFilter even without complex scripts HOT 1
- Some questions about ASS File Format Guide HOT 7
- Rendering: English glyph for Segoe UI Variable Display is wrong from yesterday HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libass.