free( buf );
if( ret != enclen )
{
- msg_Err( p_thread, errmsg );
+ msg_Err( p_thread, "%s", errmsg );
return 0;
}
return 1;
/* Build bytes read packet */
rtmp_body = rtmp_body_new( -1 );
- tmp_buffer = (uint8_t *) malloc( sizeof( uint32_t ) * sizeof( uint8_t ) );
+ tmp_buffer = (uint8_t *) malloc( sizeof( uint32_t ) );
if( !tmp_buffer ) return NULL;
reply = hton32( reply );
return rtmp_packet;
}
+/* This function must be cancellation-safe! */
rtmp_packet_t *
rtmp_read_net_packet( rtmp_control_thread_t *p_thread )
{
i++; /* Pass over AMF_DATATYPE_STRING */
string = amf_decode_string( &i );
+ if( !string )
+ {
+ msg_Err(p_thread,"Seriously broken stream");
+ return;
+ }
i++; /* Pass over AMF_DATATYPE_NUMBER */
number = amf_decode_number( &i );
}
else if( strcmp( "NetConnection.Connect.InvalidApp", string2 ) == 0 )
{
- p_thread->b_die = 1;
-
vlc_mutex_lock( &p_thread->lock );
vlc_cond_signal( &p_thread->wait );
vlc_mutex_unlock( &p_thread->lock );
length = ntoh16( *(uint16_t *) *buffer );
*buffer += sizeof( uint16_t );
+#error This size is wrong and breaks just about everything.
+ if( length > sizeof( *buffer ) / sizeof( uint8_t ))
+ return NULL;
+
out = (char *) malloc( length + 1 ); /* '\0' terminated */
if( !out ) return NULL;