ffmpeg | branch: master | Ganesh Ajjanagadde <gajjanaga...@gmail.com> | Fri Nov 6 15:47:37 2015 -0500| [6c2dbff7f08ccbf69adb23ada48bb36ba796e772] | committer: Ganesh Ajjanagadde
ffserver: fix incorrect strlcpy usage Somewhat ironic that this "safe" interface is actually being used unsafely here. This fixes the usage preventing potential null pointer dereference, where the old code was doubly broken: ctime can return NULL, and ctime can return an arbitrarily long buffer. Reviewed-by: Mark Harris <mark....@gmail.com> Reviewed-by: Michael Niedermayer <mich...@niedermayer.cc> Signed-off-by: Ganesh Ajjanagadde <gajjanaga...@gmail.com> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c2dbff7f08ccbf69adb23ada48bb36ba796e772 --- ffserver.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ffserver.c b/ffserver.c index 526cbfc..577ca6f 100644 --- a/ffserver.c +++ b/ffserver.c @@ -305,15 +305,19 @@ static void ffm_set_write_index(AVFormatContext *s, int64_t pos, ffm->file_size = file_size; } -static char *ctime1(char *buf2, int buf_size) +static char *ctime1(char *buf2, size_t buf_size) { time_t ti; char *p; ti = time(NULL); p = ctime(&ti); + if (!p || !*p) { + *buf2 = '\0'; + return buf2; + } av_strlcpy(buf2, p, buf_size); - p = buf2 + strlen(p) - 1; + p = buf2 + strlen(buf2) - 1; if (*p == '\n') *p = '\0'; return buf2; _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
