[FFmpeg-devel] [PATCH v2] avformat/tls_openssl: fix warnings when openssl is lower version

Sun Jun 15 18:18:32 EEST 2025


> On Jun 15, 2025, at 11:38, Andreas Rheinhardt <andreas.rheinhardt at outlook.com> wrote:
> 
> Jack Lau via ffmpeg-devel:
>> api doc: https://docs.openssl.org/1.0.2/man3/BIO_s_mem
>> 
>> In higher versions (openssl 1.0.2 and higher),
>> the function signature is BIO *BIO_new_mem_buf(const void *buf, int len),
>> so passing a const string doesn't cause an warnings.
>> However, in lower versions of OpenSSL,
>> the function signature becomes BIO *BIO_new_mem_buf(void *buf, int len),
>> which leads to warnings.
>> 
>> OpenSSL guarantees that it will not modify the string,
>> so it's safe to cast the pem_str to (void *) to avoid this warning.
>> 
>> Signed-off-by: Jack Lau <jacklau1222 at qq.com>
>> ---
>> libavformat/tls_openssl.c | 14 ++++++++++++--
>> 1 file changed, 12 insertions(+), 2 deletions(-)
>> 
>> diff --git a/libavformat/tls_openssl.c b/libavformat/tls_openssl.c
>> index 86e8935fee..0a6e5680f4 100644
>> --- a/libavformat/tls_openssl.c
>> +++ b/libavformat/tls_openssl.c
>> @@ -415,7 +415,12 @@ error:
>>  */
>> static EVP_PKEY *pkey_from_pem_string(const char *pem_str, int is_priv)
>> {
>> -    BIO *mem = BIO_new_mem_buf(pem_str, -1);
>> +    BIO *mem = NULL;
>> +#if OPENSSL_VERSION_NUMBER < 0x10002000L /* OpenSSL 1.0.2 */
>> +    mem = BIO_new_mem_buf((void *)pem_str, -1);
>> +#else
>> +    mem = BIO_new_mem_buf(pem_str, -1);
>> +#endif
>>     if (!mem) {
>>         av_log(NULL, AV_LOG_ERROR, "BIO_new_mem_buf failed\n");
>>         return NULL;
>> @@ -445,7 +450,12 @@ static EVP_PKEY *pkey_from_pem_string(const char *pem_str, int is_priv)
>>  */
>> static X509 *cert_from_pem_string(const char *pem_str)
>> {
>> -    BIO *mem = BIO_new_mem_buf(pem_str, -1);
>> +    BIO *mem = NULL;
>> +#if OPENSSL_VERSION_NUMBER < 0x10002000L /* OpenSSL 1.0.2 */
>> +    mem = BIO_new_mem_buf((void *)pem_str, -1);
>> +#else
>> +    mem = BIO_new_mem_buf(pem_str, -1);
>> +#endif
> 
> #if OPENSSL_VERSION_NUMBER < 0x10002000L /* OpenSSL 1.0.2 */
>    BIO *mem = BIO_new_mem_buf((void *)pem_str, -1);
> #else
>    BIO *mem = BIO_new_mem_buf(pem_str, -1);
> #endif
> 
> would have the advantage that it avoids the useless initialization and
> that the old code can be cleanly removed when we drop support for old
> versions of openssl. Same for above.
Thanks for your reply, I’ve sent the latest v3 patch refer to your reviews.
> 
>>     if (!mem) {
>>         av_log(NULL, AV_LOG_ERROR, "BIO_new_mem_buf failed\n");
>>         return NULL;
> 
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org <mailto:ffmpeg-devel at ffmpeg.org>
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> 
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org <mailto:ffmpeg-devel-request at ffmpeg.org> with subject "unsubscribe".