From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Subject: [FFmpeg-devel] [PATCH 3/7] avutil/channel_layout: Account for \0 in sizes
Date: Sun, 6 Aug 2023 12:13:19 +0200
Message-ID: <AS8P250MB07444BE9F9749BA419951D1F8F0FA@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <AS8P250MB074479F01FF411D108D29EC68F0FA@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
av_channel_name(), av_channel_description() and
av_channel_layout_describe() are supposed to return the size
of the needed buffer to allow the user to check for truncation;
the documentation ("If the returned value is bigger than buf_size,
then the string was truncated.") confirms that size does not
mean strlen.
Yet the AVBPrint API, i.e. AVBPrint.len, does not account for
the terminating '\0'. Therefore the returned length is off by one.
Furthermore, also check for whether the returned value actually
fits in an int (which is the return value of these functions).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
Missing lavu micro version bump.
libavutil/channel_layout.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/libavutil/channel_layout.c b/libavutil/channel_layout.c
index e2f7512254..9b581ae6b3 100644
--- a/libavutil/channel_layout.c
+++ b/libavutil/channel_layout.c
@@ -108,7 +108,9 @@ int av_channel_name(char *buf, size_t buf_size, enum AVChannel channel_id)
av_bprint_init_for_buffer(&bp, buf, buf_size);
av_channel_name_bprint(&bp, channel_id);
- return bp.len;
+ if (bp.len >= INT_MAX)
+ return AVERROR(ERANGE);
+ return bp.len + 1;
}
void av_channel_description_bprint(AVBPrint *bp, enum AVChannel channel_id)
@@ -135,7 +137,9 @@ int av_channel_description(char *buf, size_t buf_size, enum AVChannel channel_id
av_bprint_init_for_buffer(&bp, buf, buf_size);
av_channel_description_bprint(&bp, channel_id);
- return bp.len;
+ if (bp.len >= INT_MAX)
+ return AVERROR(ERANGE);
+ return bp.len + 1;
}
enum AVChannel av_channel_from_string(const char *str)
@@ -789,7 +793,9 @@ int av_channel_layout_describe(const AVChannelLayout *channel_layout,
if (ret < 0)
return ret;
- return bp.len;
+ if (bp.len >= INT_MAX)
+ return AVERROR(ERANGE);
+ return bp.len + 1;
}
enum AVChannel
--
2.34.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2023-08-06 10:12 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-06 10:10 [FFmpeg-devel] [PATCH 1/7] avutil/bprint: Don't use value of AV_BPRINT_SIZE_AUTOMATIC directly Andreas Rheinhardt
2023-08-06 10:13 ` [FFmpeg-devel] [PATCH 2/7] avutil/bprint: Allow size == 0 in av_bprint_init_for_buffer() Andreas Rheinhardt
2023-08-09 9:00 ` Andreas Rheinhardt
2023-08-09 10:08 ` Nicolas George
2023-08-09 11:32 ` James Almer
2023-08-09 12:58 ` Andreas Rheinhardt
2023-08-06 10:13 ` Andreas Rheinhardt [this message]
2023-08-06 10:13 ` [FFmpeg-devel] [PATCH 4/7] avutil/tests/channel_layout: Also test non-AVBPrint variants Andreas Rheinhardt
2023-08-06 10:13 ` [FFmpeg-devel] [PATCH 5/7] avutil/tests/channel_layout: Don't include lavu/channel_layout.c Andreas Rheinhardt
2023-08-06 10:13 ` [FFmpeg-devel] [PATCH 6/7] avutil/tests/channel_layout: Test av_channel_layout_copy() Andreas Rheinhardt
2023-08-06 10:13 ` [FFmpeg-devel] [PATCH 7/7] avcodec/amfenc: Fix declaration-after-statement warning Andreas Rheinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS8P250MB07444BE9F9749BA419951D1F8F0FA@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \
--to=andreas.rheinhardt@outlook.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git