From 3e1e9f157b908af2bfd81dc4413c002a1caa3188 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= <rem@videolan.org>
Date: Sun, 14 Jan 2007 19:32:20 +0000
Subject: [PATCH] Fix out-of-bound read uncovered by sam

---
 modules/demux/avi/libavi.c | 40 +++++++++++++++++++-------------------
 src/misc/modules.c         |  2 +-
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/modules/demux/avi/libavi.c b/modules/demux/avi/libavi.c
index 5978484ac8..40ace553d0 100644
--- a/modules/demux/avi/libavi.c
+++ b/modules/demux/avi/libavi.c
@@ -210,38 +210,38 @@ static int AVI_ChunkRead_list( stream_t *s, avi_chunk_t *p_container )
     p_read += 8; \
     i_read -= 8
 
+#define AVI_READ( res, func, size ) \
+    if( i_read < size ) { \
+        free( p_buff); \
+        return VLC_EGENERIC; \
+    } \
+    i_read -= size; \
+    res = func( p_read ); \
+    p_read += size \
+
 #define AVI_READCHUNK_EXIT( code ) \
     free( p_buff ); \
-    if( i_read < 0 ) \
-    { \
-        msg_Warn( (vlc_object_t*)s, "not enough data" ); \
-    } \
     return code
 
+static inline uint8_t GetB( uint8_t *ptr )
+{
+    return *ptr;
+}
+
 #define AVI_READ1BYTE( i_byte ) \
-    i_byte = *p_read; \
-    p_read++; \
-    i_read--
+    AVI_READ( i_byte, GetB, 1 )
 
 #define AVI_READ2BYTES( i_word ) \
-    i_word = GetWLE( p_read ); \
-    p_read += 2; \
-    i_read -= 2
+    AVI_READ( i_word, GetWLE, 2 )
 
 #define AVI_READ4BYTES( i_dword ) \
-    i_dword = GetDWLE( p_read ); \
-    p_read += 4; \
-    i_read -= 4
+    AVI_READ( i_dword, GetDWLE, 4 )
 
-#define AVI_READ8BYTES( i_dword ) \
-    i_dword = GetQWLE( p_read ); \
-    p_read += 8; \
-    i_read -= 8
+#define AVI_READ8BYTES( i_qword ) \
+    AVI_READ( i_qword, GetQWLE, 8 )
 
 #define AVI_READFOURCC( i_dword ) \
-    i_dword = GetFOURCC( p_read ); \
-    p_read += 4; \
-    i_read -= 4
+    AVI_READ( i_dword, GetFOURCC, 4 )
 
 static int AVI_ChunkRead_avih( stream_t *s, avi_chunk_t *p_chk )
 {
diff --git a/src/misc/modules.c b/src/misc/modules.c
index 701463cff6..cf46740600 100644
--- a/src/misc/modules.c
+++ b/src/misc/modules.c
@@ -1447,7 +1447,7 @@ static void CloseModule( module_handle_t handle )
     FreeLibrary( handle );
 
 #elif defined(HAVE_DL_DLOPEN)
-    dlclose( handle );
+    //dlclose( handle );
 
 #elif defined(HAVE_DL_SHL_LOAD)
     shl_unload( handle );