[vlc-commits] [Git][videolan/vlc][3.0.x] 2 commits: codec: webvtt: catch CSS lexer alloc failures

Fri, 16 Jan 2026 08:07:55 -0800 


Steve Lhomme pushed to branch 3.0.x at VideoLAN / VLC


Commits:
0ce82f02 by François Cartegnie at 2026-01-16T15:28:36+00:00
codec: webvtt: catch CSS lexer alloc failures

(cherry picked from commit 6c4bd72d37e7d2d8d589042f567ecc2b30a633b4)

- - - - -
34751538 by François Cartegnie at 2026-01-16T15:28:36+00:00
codec: webvtt: handle invalid values as specific type

refs #29533

This reverts commit 7f16b5681f11071d9a2847f2df53f0c81910213e.

(cherry picked from commit f2f449a2ed9576c8ee741b950e9676125ffb2662)

- - - - -


3 changed files:

- modules/codec/webvtt/CSSGrammar.y
- modules/codec/webvtt/CSSLexer.l
- modules/codec/webvtt/css_parser.h


Changes:

=====================================
modules/codec/webvtt/CSSGrammar.y
=====================================
@@ -86,6 +86,7 @@ static void yyerror(yyscan_t scanner, vlc_css_parser_t *p, 
const char *msg)
 
 %token WHITESPACE SGML_CD
 %token TOKEN_EOF 0
+%token MEMERROR
 
 %token INCLUDES
 %token DASHMATCH
@@ -178,6 +179,9 @@ static void yyerror(yyscan_t scanner, vlc_css_parser_t *p, 
const char *msg)
 
 stylesheet:
     maybe_space maybe_charset maybe_sgml rule_list
+    | MEMERROR { // catch alloc failures from lexer
+        YYNOMEM;
+    }
   ;
 
 maybe_space:
@@ -772,7 +776,7 @@ term:
   | UNICODERANGE maybe_space { $$.type = TYPE_UNICODERANGE; $$.psz = $1; }
   | IDSEL maybe_space { $$.type = TYPE_HEXCOLOR; $$.psz = $1; }
   | HASH maybe_space { $$.type = TYPE_HEXCOLOR; $$.psz = $1; }
-  | '#' maybe_space { $$.type = TYPE_HEXCOLOR; $$.psz = NULL; } /* Handle 
error case: "color: #;" */
+  | '#' maybe_space { $$.type = TYPE_INVALID; } /* Handle error case: "color: 
#;" */
   /* FIXME: according to the specs a function can have a unary_operator in 
front. I know no case where this makes sense */
   | function {
       $$ = $1;


=====================================
modules/codec/webvtt/CSSLexer.l
=====================================
@@ -71,9 +71,9 @@ range         
\?{1,6}|{h}(\?{0,5}|{h}(\?{0,4}|{h}(\?{0,3}|{h}(\?{0,2}|{h}(\??|{h})))))
 "$="                   {return ENDSWITH;}
 "*="                   {return CONTAINS;}
 
-{string}               { yylval->string = vlc_css_unquotedunescaped(yytext); 
return STRING;}
+{string}               { return (yylval->string = 
vlc_css_unquotedunescaped(yytext)) ? STRING : MEMERROR; }
 
-{ident}                        { yylval->string = vlc_css_unescaped(yytext); 
return IDENT;}
+{ident}                        { return (yylval->string = 
vlc_css_unquotedunescaped(yytext)) ? IDENT : MEMERROR; }
 
 "@font-face"           {return FONT_FACE_SYM;}
 
@@ -98,14 +98,14 @@ range               
\?{1,6}|{h}(\?{0,5}|{h}(\?{0,4}|{h}(\?{0,3}|{h}(\?{0,2}|{h}(\??|{h})))))
 {num}%                 { VAL( atoi(yytext), PERCENT ); return PERCENTAGE;}
 {num}                  { VAL( us_strtof(yytext, &d), NONE ); return NUMBER;}
 
-"url("{w}{string}{w}")"        { yylval->string = 
vlc_css_unquotedunescaped(yytext); return URI;}
-"url("{w}{url}{w}")"   { yylval->string = vlc_css_unquotedunescaped(yytext); 
return URI;}
-{ident}"("             { yylval->string = vlc_css_unescaped(yytext); return 
FUNCTION;}
-"#"{ident}      {yylval->string = vlc_css_unescaped(yytext); return IDSEL;}
-"#"{name}       {yylval->string = vlc_css_unescaped(yytext); return HASH;}
+"url("{w}{string}{w}")"        { return (yylval->string = 
vlc_css_unquotedunescaped(yytext)) ? URI : MEMERROR; }
+"url("{w}{url}{w}")"   { return (yylval->string = 
vlc_css_unquotedunescaped(yytext)) ? URI : MEMERROR; }
+{ident}"("             { return (yylval->string = 
vlc_css_unquotedunescaped(yytext)) ? FUNCTION : MEMERROR; }
+"#"{ident}      { return (yylval->string = vlc_css_unquotedunescaped(yytext)) 
? IDSEL : MEMERROR; }
+"#"{name}       { return (yylval->string = vlc_css_unquotedunescaped(yytext)) 
? HASH : MEMERROR; }
 
-U\+{range}             { yylval->string = strdup(yytext); return UNICODERANGE;}
-U\+{h}{1,6}-{h}{1,6}   { yylval->string = strdup(yytext); return UNICODERANGE;}
+U\+{range}             { return (yylval->string = strdup(yytext)) ? 
UNICODERANGE : MEMERROR; }
+U\+{h}{1,6}-{h}{1,6}   { return (yylval->string = strdup(yytext)) ? 
UNICODERANGE : MEMERROR; }
 
 .                      {return *yytext;}
 


=====================================
modules/codec/webvtt/css_parser.h
=====================================
@@ -37,6 +37,7 @@ typedef struct
     vlc_css_expr_t *function;
     enum
     {
+        TYPE_INVALID,
         TYPE_NONE = 0,
         TYPE_EMS,
         TYPE_EXS,



View it on GitLab: 
https://code.videolan.org/videolan/vlc/-/compare/84bc1197088570417ef505e99f7e7e2b380a854d...34751538a0ba4ac6e03d8178684918ce92022241

-- 
View it on GitLab: 
https://code.videolan.org/videolan/vlc/-/compare/84bc1197088570417ef505e99f7e7e2b380a854d...34751538a0ba4ac6e03d8178684918ce92022241
You're receiving this email because of your account on code.videolan.org.


VideoLAN code repository instance
_______________________________________________
vlc-commits mailing list
[email protected]
https://mailman.videolan.org/listinfo/vlc-commits

Reply via email to