[FFmpeg-devel] [PATCH] tests/checkasm: prevent a segmentation fault when calling strncmp()
Sean McGovern
gseanmcg at gmail.com
Thu Jan 16 22:58:10 EET 2025
Hi Martin,
On Thu, Jan 16, 2025 at 3:44 PM Martin Storsjö <martin at martin.st> wrote:
>
> On Thu, 16 Jan 2025, Sean McGovern wrote:
>
> > The POSIX specification for strncmp()[1] leaves this behaviour as
> > undefined if either pointer argument is NULL.
> >
> > Prevent a segmentation fault by ensuring 'arg' is non-NULL.
> >
> > [1] https://pubs.opengroup.org/onlinepubs/9799919799/functions/strncmp.html
> > ---
> > tests/checkasm/checkasm.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tests/checkasm/checkasm.c b/tests/checkasm/checkasm.c
> > index 14742081ca..4270ed170a 100644
> > --- a/tests/checkasm/checkasm.c
> > +++ b/tests/checkasm/checkasm.c
> > @@ -952,7 +952,7 @@ int main(int argc, char *argv[])
> > }
> >
> > for (i = 1; i < argc; i++) {
> > - const char *arg = argv[i];
> > + const char *arg = argv[i] != NULL ? argv[i] : "";
> > unsigned long l;
>
> This feels like less of an issue with strncmp, and more of an issue with
> the spec for main() and argc/argv; how do you do to end up with a NULL
> entry in argv[i] for 0 <= i < argc?
If 'checkasm' is run without arguments, argv[i] would be NULL since argc == 1.
It only really tripped up on GCC with Address Sanitizer enabled, but
the comment regarding
how POSIX does not require a length check on either argument means we should
be defensive.
In fact, even 'checkasm --test=blah' triggered the segmentation fault
under ASan.
-- Sean McGovern
More information about the ffmpeg-devel
mailing list