[FFmpeg-devel] [PATCHv2] ffserver: fix incorrect strlcpy usage
Ganesh Ajjanagadde
gajjanagadde at gmail.com
Sat Nov 7 13:21:59 CET 2015
Somewhat ironic that this "safe" interface is actually being used
unsafely here. This fixes the usage preventing potential null pointer
dereference, where the old code was doubly broken: ctime can return
NULL, and ctime can return an arbitrarily long buffer.
Signed-off-by: Ganesh Ajjanagadde <gajjanagadde at gmail.com>
---
ffserver.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ffserver.c b/ffserver.c
index 526cbfc..c1746dc 100644
--- a/ffserver.c
+++ b/ffserver.c
@@ -305,15 +305,19 @@ static void ffm_set_write_index(AVFormatContext *s, int64_t pos,
ffm->file_size = file_size;
}
-static char *ctime1(char *buf2, int buf_size)
+static char *ctime1(char *buf2, size_t buf_size)
{
time_t ti;
char *p;
ti = time(NULL);
p = ctime(&ti);
+ if (!p || !strcmp(p, "")) {
+ *buf2 = '\0';
+ return buf2;
+ }
av_strlcpy(buf2, p, buf_size);
- p = buf2 + strlen(p) - 1;
+ p = buf2 + strlen(buf2) - 1;
if (*p == '\n')
*p = '\0';
return buf2;
--
2.6.2
More information about the ffmpeg-devel
mailing list