diff options
| -rw-r--r-- | CONTRIBUTORS | 1 | ||||
| -rw-r--r-- | HISTORY | 1 | ||||
| -rw-r--r-- | font.c | 4 |
3 files changed, 4 insertions, 2 deletions
diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 1fa08903..3e57f866 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -1265,6 +1265,7 @@ Reinhard Nissl <rnissl@gmx.de> debugging, and an implementation of the AlphaBlend() function. for storing the original display size when handling DVB subtitles for reporting a problem with horizontal scaling of subtitles + for fixing a buffer overflow in cFont::Bidi() Richard Robson <richard_robson@beeb.net> for reporting freezing replay if a timer starts while in Transfer Mode from the @@ -6592,3 +6592,4 @@ Video Disk Recorder Revision History - Added Cancel(3) to ~cTrueColorDemo() in the "osddemo" plugin (thanks to Reinhard Nissl). - Added a missing font deletion in cTrueColorDemo::Action() in the "osddemo" plugin (thanks to Reinhard Nissl). +- Fixed a buffer overflow in cFont::Bidi() (thanks to Reinhard Nissl). @@ -6,7 +6,7 @@ * * BiDi support by Osama Alrawab <alrawab@hotmail.com> @2008 Tripoli-Libya. * - * $Id: font.c 2.7 2011/02/26 12:09:18 kls Exp $ + * $Id: font.c 2.8 2011/03/28 16:29:51 kls Exp $ */ #include "font.h" @@ -520,7 +520,7 @@ cString cFont::Bidi(const char *Ltr) bool ok = fribidi_log2vis(Logical, RtlLen, &Base, Visual, NULL, NULL, NULL); if (ok) { fribidi_remove_bidi_marks(Visual, RtlLen, NULL, NULL, NULL); - Rtl = MALLOC(char, RtlLen * 4); + Rtl = MALLOC(char, RtlLen * 4 + 1); fribidi_unicode_to_charset(fribidiCharset, Visual, RtlLen, Rtl); } free(Logical); |