[FFmpeg-devel] [PATCH] find_info_tag: Make sure the output buffer is null terminated
Ronald S. Bultje
rsbultje
Tue Oct 5 18:52:46 CEST 2010
Hi,
On Tue, Oct 5, 2010 at 9:24 AM, Martin Storsjo <martin at martin.st> wrote:
> Currently, a tag without a = character makes the function return 1
> but leaves the arg buffer untouched (and thus not null terminated).
> ---
> ?libavformat/utils.c | ? ?2 +-
> ?1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/libavformat/utils.c b/libavformat/utils.c
> index 5985511..a545a5d 100644
> --- a/libavformat/utils.c
> +++ b/libavformat/utils.c
> @@ -3361,8 +3361,8 @@ int find_info_tag(char *arg, int arg_size, const char *tag1, const char *info)
> ? ? ? ? ? ? ? ? }
> ? ? ? ? ? ? ? ? p++;
> ? ? ? ? ? ? }
> - ? ? ? ? ? ?*q = '\0';
> ? ? ? ? }
> + ? ? ? ?*q = '\0';
> ? ? ? ? if (!strcmp(tag, tag1))
> ? ? ? ? ? ? return 1;
> ? ? ? ? if (*p != '&')
[..]
*q = '\0'; <----------- !!!!!
q = arg;
if (*p == '=') {
p++;
while (*p != '&' && *p != '\0') {
if ((q - arg) < arg_size - 1) {
if (*p == '+')
*q++ = ' ';
else
*q++ = *p;
}
p++;
}
*q = '\0';
}
I don't think this is an actual issue... ?
Ronald
More information about the ffmpeg-devel
mailing list