From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 1C2114D08C for ; Fri, 7 Nov 2025 09:54:03 +0000 (UTC) Authentication-Results: ffbox; dkim=fail (body hash mismatch (got b'ebhMzLlhixBOg9cDygDi2PehUo7MtH/qamgwyrAmB2I=', expected b'5e/3ObFNki5f4OAXXgGcJZEjMAA6ipaLQDybIwii71s=')) header.d=ffmpeg.org header.i=@ffmpeg.org header.a=rsa-sha256 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1762509236; h=mime-version : to : date : message-id : reply-to : subject : list-id : list-archive : list-archive : list-help : list-owner : list-post : list-subscribe : list-unsubscribe : from : cc : content-type : content-transfer-encoding : from; bh=ebhMzLlhixBOg9cDygDi2PehUo7MtH/qamgwyrAmB2I=; b=VW1j6yzN/9i7yMqBaU+biEvvRdlVqJ2je/KHID+WVYUgE0XZrC4wiM0Q3XRgF0ASWRMDO gjWLey7Wof0ByawyUshas90UjxQv8N+ZwBGMIgTfuUKjOkDJIz/L4iKIWao6BwczCZms0Wg ab044kTmh6r1vnSVSnWRaY9//shCfmOPKcfJ1nleMBFpeq3ovQl9+iyzyHgjtZY2jpJWVFh T6RWU2qlLDtiUHAlhxPMJ04oToM2HSLRhoEs80zMgpQYpdAyupUNOvIT276eHTBcGpQqYNA ZDVWVEGu1GJD2ENeFq19p//F0YderLDdouESII4mLLpPWvIbBkEbONzIO5Qg== Received: from [172.19.0.2] (unknown [172.19.0.2]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 41B6368FB23; Fri, 7 Nov 2025 11:53:56 +0200 (EET) ARC-Seal: i=1; cv=none; a=rsa-sha256; d=ffmpeg.org; s=arc; t=1762509226; b=QW7G9MKfMTRFlHya6CeUehMauhXf4JfwCNUZA8X5+oorq62QJ9peaDEaSb2lU3Q+2aOJw v+EhJtTDSis9dLvJpuhrAOQ4ZqAFnOEAgoIHsKQTLtQoyAd2hicblJqncDYMh3omp2u6cq1 VZ4pY4EL0M1gydswLplbFeFNfdJZyYpcVT915LEdApC8uMhtxetIfjmuzEaNZnY5WIpg51A F/c9dk2IUSrauSCn87YzfrzzdcSyERypVy/dMNBDLGdOUebMgyBQ0kLaQUAdvRc6CdAmoQy 1JuU1mVO5+c80BIUFtYMGY5jJq5q+/IrvUSeZ5k5DKZvZ3NUS4RdpDtqcyxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=ffmpeg.org; s=arc; t=1762509226; h=from : sender : reply-to : subject : date : message-id : to : cc : mime-version : content-type : content-transfer-encoding : content-id : content-description : resent-date : resent-from : resent-sender : resent-to : resent-cc : resent-message-id : in-reply-to : references : list-id : list-help : list-unsubscribe : list-subscribe : list-post : list-owner : list-archive; bh=4OZVdGJunIKhsgOUEdndyLIuQI1GDFy2Hw7YKvHvXl8=; b=b/yw8aVXb4fNjhQG/gAHqL1MawKpvnOMNZlZnEaijjCqUGUzC70Fk598FhMMFAqVNjZiU hG+6UMHXx4d8qaMNEe3VOpp1ayMjx1fFJMW6GWtbaTBDxyUDRRcWSoSW01KP/scz7maBZWA IcRY7Bfx7bSg3Qv45kKyN8DbOImYajNhrdzf1V29ewAZUgPYun6Rr+M9MNZqBqsrpowavS0 YPAFOz8hYwswXE/FplRrrLCqPZXvIo8QEhuCJSLae7tdJrrxxN3mChccMml4Z/VXFd+K3F3 hGcnwwI6/Ds68c2iGmdBPDKqEKbytKHspJoQA8IhrFIsYDT4hOyBn9M9DCBw== ARC-Authentication-Results: i=1; ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none; dmarc=pass header.from=ffmpeg.org policy.dmarc=quarantine Authentication-Results: ffmpeg.org; dkim=pass header.d=ffmpeg.org header.i=@ffmpeg.org; arc=none (Message is not ARC signed); dmarc=pass (Used From Domain Record) header.from=ffmpeg.org policy.dmarc=quarantine DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org; i=@ffmpeg.org; q=dns/txt; s=mail; t=1762509218; h=content-type : mime-version : content-transfer-encoding : from : to : reply-to : subject : date : from; bh=5e/3ObFNki5f4OAXXgGcJZEjMAA6ipaLQDybIwii71s=; b=ipWMidheONRMVF2PpRp80cR3ntuw7wWBEn55DScR0XAGNaPh3vRUd0fAd31Biv5fT3u0e /wVwNhKWOwSj7eRvYCO4CfrE3u7p5rj5qxYynyHw28p7MUTwUnVWG4H49wmatBRww1CQA8A n/oB8lBh75hwoEvh/lJ4PkkSWFSZkG0IzsjXsnbAjiXH0OmhyZxMXe7j389Clz6ithYBLhH OSIXnFWFFKL7PgnvhpcQ0eJ04EwMOU2AUYtGZA6ez8U2MW32QkjOuGRIHjvJ7eXXnbbkKfZ nlmJ7QrrTkOmeE9A6q/InBUEu8ObyY3IT6lZk1e2vENz1v1X4CWZFzpsl5XQ== Received: from 188d6d40ca7a (code.ffmpeg.org [188.245.149.3]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 74D7768F74E for ; Fri, 7 Nov 2025 11:53:38 +0200 (EET) MIME-Version: 1.0 To: ffmpeg-devel@ffmpeg.org Date: Fri, 07 Nov 2025 09:53:38 -0000 Message-ID: <176250921863.25.8881870659662621560@2cb04c0e5124> Message-ID-Hash: QG2VFD4QLAS6B2MAFOBCBMUMZZRINUIL X-Message-ID-Hash: QG2VFD4QLAS6B2MAFOBCBMUMZZRINUIL X-MailFrom: code@ffmpeg.org X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-ffmpeg-devel.ffmpeg.org-0; header-match-ffmpeg-devel.ffmpeg.org-1; header-match-ffmpeg-devel.ffmpeg.org-2; header-match-ffmpeg-devel.ffmpeg.org-3; emergency; member-moderation X-Mailman-Version: 3.3.10 Precedence: list Reply-To: FFmpeg development discussions and patches Subject: [FFmpeg-devel] [PATCH] libavformat/vorbiscomment: fix potential buffer truncation (PR #20858) List-Id: FFmpeg development discussions and patches Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: caifan via ffmpeg-devel Cc: caifan Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Archived-At: List-Archive: List-Post: PR #20858 opened by caifan URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20858 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20858.patch add av_assert0() for chapter_time and chapter_number, ensure buffer size is sufficient to hold formatted strings, eliminate -Wformat-truncation warning. Signed-off-by: caifan3 >>From c2b190a950d22693a890b16ef8ec23f0d5078723 Mon Sep 17 00:00:00 2001 From: caifan3 Date: Fri, 7 Nov 2025 17:48:09 +0800 Subject: [PATCH] libavformat/vorbiscomment: fix potential buffer truncation add av_assert0() for chapter_time and chapter_number, ensure buffer size is sufficient to hold formatted strings, eliminate -Wformat-truncation warning. Signed-off-by: caifan3 --- libavformat/vorbiscomment.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/libavformat/vorbiscomment.c b/libavformat/vorbiscomment.c index abe12fd586..9a755d8704 100644 --- a/libavformat/vorbiscomment.c +++ b/libavformat/vorbiscomment.c @@ -24,6 +24,7 @@ #include "metadata.h" #include "vorbiscomment.h" #include "libavutil/dict.h" +#include "libavutil/avassert.h" /** * VorbisComment metadata conversion mapping. @@ -100,8 +101,10 @@ int ff_vorbiscomment_write(AVIOContext *pb, const AVDictionary *m, m = (s / 60) % 60; ms = av_rescale_q(chp->start, chp->time_base, av_make_q( 1, 1000)) % 1000; s = s % 60; - snprintf(chapter_number, sizeof(chapter_number), "%03d", i); - snprintf(chapter_time, sizeof(chapter_time), "%02d:%02d:%02d.%03d", h, m, s, ms); + int len_num = snprintf(chapter_number, sizeof(chapter_number), "%03d", i); + av_assert0(len_num >= 0 && len_num < sizeof(chapter_number)); + int len_time = snprintf(chapter_time, sizeof(chapter_time), "%02d:%02d:%02d.%03d", h, m, s, ms); + av_assert0(len_time >= 0 && len_time < sizeof(chapter_time)); avio_wl32(pb, 10 + 1 + 12); avio_write(pb, "CHAPTER", 7); avio_write(pb, chapter_number, 3); -- 2.49.1 _______________________________________________ ffmpeg-devel mailing list -- ffmpeg-devel@ffmpeg.org To unsubscribe send an email to ffmpeg-devel-leave@ffmpeg.org