On Mon, Apr 27, 2015 at 07:51:36AM +0000, Gupta, Maneesh wrote: > Hi, > > There was a potential buffer overflow during a strcpy operation in > cmdutils_opencl.c. This patch attempts to fix the same. > > Regards, > Maneesh
> cmdutils_opencl.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > b6d9e0b4f9efc1d0ae9d3f05b7802c81007999d7 > 0002-OpenCL-Replace-strcpy-with-strncpy-to-avoid-buffer-o.patch > From 026f4de0628c3e7e0211ee0f6c96e816ff757cd1 Mon Sep 17 00:00:00 2001 > From: Maneesh Gupta <maneesh.gu...@amd.com> > Date: Sat, 25 Apr 2015 11:17:05 +0530 > Subject: [PATCH 2/2] OpenCL: Replace strcpy with strncpy to avoid buffer > overflows > > Signed-off-by: Maneesh Gupta <maneesh.gu...@amd.com> > --- > cmdutils_opencl.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/cmdutils_opencl.c b/cmdutils_opencl.c > index 3dfd156..73cab98 100644 > --- a/cmdutils_opencl.c > +++ b/cmdutils_opencl.c > @@ -238,7 +238,7 @@ int opt_opencl_bench(void *optctx, const char *opt, const > char *arg) > devices[count].platform_idx = i; > devices[count].device_idx = j; > devices[count].runtime = score; > - strcpy(devices[count].device_name, device_node->device_name); > + strncpy(devices[count].device_name, > device_node->device_name, 64); this should be sizeof(devices[count].device_name) and av_strlcpy() [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB No human being will ever know the Truth, for even if they happen to say it by chance, they would not even known they had done so. -- Xenophanes
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
