On Sat, Nov 07, 2015 at 07:21:59AM -0500, Ganesh Ajjanagadde wrote:
> Somewhat ironic that this "safe" interface is actually being used
> unsafely here. This fixes the usage preventing potential null pointer
> dereference, where the old code was doubly broken: ctime can return
> NULL, and ctime can return an arbitrarily long buffer.
>
> Signed-off-by: Ganesh Ajjanagadde <gajjanaga...@gmail.com>
> ---
> ffserver.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/ffserver.c b/ffserver.c
> index 526cbfc..c1746dc 100644
> --- a/ffserver.c
> +++ b/ffserver.c
> @@ -305,15 +305,19 @@ static void ffm_set_write_index(AVFormatContext *s,
> int64_t pos,
> ffm->file_size = file_size;
> }
>
> -static char *ctime1(char *buf2, int buf_size)
> +static char *ctime1(char *buf2, size_t buf_size)
> {
> time_t ti;
> char *p;
>
> ti = time(NULL);
> p = ctime(&ti);
> + if (!p || !strcmp(p, "")) {can be simplified to !p || !*p otherwise LGTM [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Let us carefully observe those good qualities wherein our enemies excel us and endeavor to excel them, by avoiding what is faulty, and imitating what is excellent in them. -- Plutarch
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
