From patchwork Tue Mar  3 04:20:06 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
X-Patchwork-Id: 18013
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
X-Original-To: patchwork@ffaux-bg.ffmpeg.org
Delivered-To: patchwork@ffaux-bg.ffmpeg.org
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by ffaux.localdomain (Postfix) with ESMTP id 7E78D44BB74
	for <patchwork@ffaux-bg.ffmpeg.org>; Tue,  3 Mar 2020 06:38:14 +0200 (EET)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 5E88668B59C;
	Tue,  3 Mar 2020 06:38:14 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com
 [209.85.221.66])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 288CD68B01D
 for <ffmpeg-devel@ffmpeg.org>; Tue,  3 Mar 2020 06:38:08 +0200 (EET)
Received: by mail-wr1-f66.google.com with SMTP id z11so2589220wro.9
 for <ffmpeg-devel@ffmpeg.org>; Mon, 02 Mar 2020 20:38:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=jSKmdaDznkzDW9Rs7oXXOG/IVUZEHwwBgDewqqe6E5w=;
 b=kun5eOLc55U3+ef0lLZlFDqOdtGeB3ilC9RUSAPMa4/tWURoafd3jiOBZHtLGFKePb
 8qIkrqLBGN+fjlpHfwNPPEX0CypDsSktRrgXUBBu0dfzPK0bFU1ExGmM9DWfd4YGzbhT
 NKyfDHY1AxFOsVop52dB+OuuTDF0vCOEamjgoAV9TX7qZrmvjxdDZzqGIy6EvBBFt5vn
 GSwTG6jnOXSbYI9n8dlxryNddinBvbo+2wRvAnkiHOnPHrDfDfaSEZ3MznTW7K0NBmkJ
 5sqnehh6zJeUWVcGf0FptdT1JNNhPj9wHUEot9sROdWFzFYjzrL7U7kXqu4KtKx2TgK0
 NDpw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=jSKmdaDznkzDW9Rs7oXXOG/IVUZEHwwBgDewqqe6E5w=;
 b=qYDgqq+8ckFi0mv7teUgDzNyligayzgu52axSztvfgqvIY2Gg5HnKqlWG1NI4OFrEp
 /Kvd6T29BujIXCzR9ryWDAX90q9/BPkrzJP/HTZJY5Xwxx7kmExibvdQiWdMUyx1rsy0
 apFECwmqQsM5DMuoVoWzvr0xxi88d/3+iA3lKOFD93goTZkCgyViNzUcb9GCadzYcgfp
 O8Hmg8NHbQK9aUs9e5fsK1NLuiOiSy70iMuW8rVOvzzx24S/srQfdCXUP4rSZj9bRG4m
 03G1M1LggTOK2rlv6K1caK5v9iu3Wwa2Pu61nv/N+A7APwaHIXCkUscRLWie/m7LIXyD
 mdYw==
X-Gm-Message-State: ANhLgQ2Kc0wW8SHQAYomVh4nTJv+FtzK+2/LQ/Zl42WpK5gl983306cn
 iZ0XJR1hX4ElrOupM69ZWkjr8yEs
X-Google-Smtp-Source: 
 ADFU+vtXW2s7JFq4uWCyldv3Ykl9/9oPd6R3iMpU5/PWA0j3rI6UJxLgXDSifCnS7vBgrGM0JWfhjQ==
X-Received: by 2002:a5d:4d48:: with SMTP id a8mr3063727wru.35.1583210287318;
 Mon, 02 Mar 2020 20:38:07 -0800 (PST)
Received: from sblaptop.fritz.box (ipbcc1ab4b.dynamic.kabel-deutschland.de.
 [188.193.171.75])
 by smtp.gmail.com with ESMTPSA id s12sm1733963wmj.39.2020.03.02.20.38.06
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 02 Mar 2020 20:38:06 -0800 (PST)
From: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Date: Tue,  3 Mar 2020 05:20:06 +0100
Message-Id: <20200303042006.6370-2-andreas.rheinhardt@gmail.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20200303042006.6370-1-andreas.rheinhardt@gmail.com>
References: <20200303042006.6370-1-andreas.rheinhardt@gmail.com>
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 2/2] avformat/hls: Don't strdup
	non-null-terminated string
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

If an URI indicated that the data protocol was in use, it would be
copied into a temporary buffer via strncpy(dst, src, strlen(src)),
thereby ensuring that the trailing \0 would not be copied, despite dst
being uninitialized. dst would then be av_strdup'ed, leading to
potential segfaults.

The solution to this is simple: Don't copy the URI in the temporary
buffer at all, instead av_strdup it directly.

This fixes a -Wstringop-truncation warning emitted by GCC 9.2.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
This is honestly untested, as this is not covered by FATE.

 libavformat/hls.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/libavformat/hls.c b/libavformat/hls.c
index 1f58e745a7..fc45719d1c 100644
--- a/libavformat/hls.c
+++ b/libavformat/hls.c
@@ -403,8 +403,7 @@ static struct segment *new_init_section(struct playlist *pls,
                                         const char *url_base)
 {
     struct segment *sec;
-    char *ptr;
-    char tmp_str[MAX_URL_SIZE];
+    char tmp_str[MAX_URL_SIZE], *ptr = tmp_str;
 
     if (!info->uri[0])
         return NULL;
@@ -414,11 +413,11 @@ static struct segment *new_init_section(struct playlist *pls,
         return NULL;
 
     if (!av_strncasecmp(info->uri, "data:", 5)) {
-        strncpy(tmp_str, info->uri, strlen(info->uri));
+        ptr = info->uri;
     } else {
         ff_make_absolute_url(tmp_str, sizeof(tmp_str), url_base, info->uri);
     }
-    sec->url = av_strdup(tmp_str);
+    sec->url = av_strdup(ptr);
     if (!sec->url) {
         av_free(sec);
         return NULL;