From patchwork Thu Nov 25 15:04:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Anton Khirnov X-Patchwork-Id: 31665 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a6b:d206:0:0:0:0:0 with SMTP id q6csp849254iob; Thu, 25 Nov 2021 07:06:18 -0800 (PST) X-Google-Smtp-Source: ABdhPJxnp8e8uhoUfF5ZfIJUpfs4OYdktELBHK1ZaHucpohv+WNWGAOM0KKgNp+DSQREQhLbDH28 X-Received: by 2002:a17:907:7d86:: with SMTP id oz6mr31861666ejc.312.1637852777911; Thu, 25 Nov 2021 07:06:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637852777; cv=none; d=google.com; s=arc-20160816; b=f2MVYhkiE+Db7BWX0mXpUbEW1qquRibzFKaGCPyYeSN3uEOGWiMxKV2XhKsN3qXeA1 D81UPaxFzHsfrpLbXX084VINcq00cT0wtwjhfTw6N6LySsc+qMAyQ56xwvN8tXZzPM7m kYV9aSyQ70RAEIu94Kr0s0Dtiggs39I8egSIl2onkifkTfoWG48Giac+qs3PY6e0euGn aAfQoU6QRrSH/cEC93gK/E6Yv6olBwv+LrN1yrUkHVNOuQZJNIrxIFf58s1HLlYj8B5E f2c5OGo2AyTpYTmRvSeGeZehf1TLkLRuqjJP77fF7mck1hX80uEjt9Qt0Wy7sJRn3ovr 8bIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:delivered-to; bh=bg8Ner++alsyCZQan3UUrVeSB89IdDlQabw7hF712no=; b=ofZBRc/lyJy8dWxBXZaFsO5xIbh52dgnSfWXYylKPsMZIlB3gri4UWeO9bpoINK0Xv tiXwBcGP/KLANgx3ffZgs1n1H3XzLAAMVaeous48NX8liujb/bWFNYmK243eShTp2hAf O9igxfxZDWdAM3flRvGHsJ9zrvVBwEYBOtKmfYpwMFe768Kc3nP44CD1KmGLpm7pWba5 sDLm+nZgZWdyWh/wANoVJqAwKGgbsJIvlDPSuGilIscbxq6Go7INdBRy0IwqQxb1gfKa +bTo3rV7T57GoInp4dK8vEzHDW4xiEJ1yfj/rUsvEoMh8KaDYLH/aTs8dLPfWmMr3x8G PL+w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id r13si6497009edv.421.2021.11.25.07.06.16; Thu, 25 Nov 2021 07:06:17 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 834DB68AEA6; Thu, 25 Nov 2021 17:05:20 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail0.khirnov.net (red.khirnov.net [176.97.15.12]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id A581968ADDE for ; Thu, 25 Nov 2021 17:05:09 +0200 (EET) Received: from localhost (localhost [IPv6:::1]) by mail0.khirnov.net (Postfix) with ESMTP id 420C224017E for ; Thu, 25 Nov 2021 16:05:09 +0100 (CET) Received: from mail0.khirnov.net ([IPv6:::1]) by localhost (mail0.khirnov.net [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id kRXe1Bp8y98e for ; Thu, 25 Nov 2021 16:05:08 +0100 (CET) Received: from libav.khirnov.net (libav.khirnov.net [IPv6:2a00:c500:561:201::7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "libav.khirnov.net", Issuer "smtp.khirnov.net SMTP CA" (verified OK)) by mail0.khirnov.net (Postfix) with ESMTPS id A7865240506 for ; Thu, 25 Nov 2021 16:05:06 +0100 (CET) Received: by libav.khirnov.net (Postfix, from userid 1000) id BAE9F3A0769; Thu, 25 Nov 2021 16:05:05 +0100 (CET) From: Anton Khirnov To: ffmpeg-devel@ffmpeg.org Date: Thu, 25 Nov 2021 16:04:57 +0100 Message-Id: <20211125150500.25040-6-anton@khirnov.net> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211125150500.25040-1-anton@khirnov.net> References: <20211125150500.25040-1-anton@khirnov.net> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 6/9] lavf/ftp: check for truncation in snprintf X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: cGzQW7a54+8i Silences e.g. the following warning in gcc 10: src/libavformat/ftp.c: In function ‘ftp_move’: src/libavformat/ftp.c:1122:46: warning: ‘%s’ directive output may be truncated writing up to 4095 bytes into a region of size 4091 [-Wformat-truncation=] 1122 | snprintf(command, sizeof(command), "RNTO %s\r\n", path); | ^~ ~~~~ src/libavformat/ftp.c:1122:5: note: ‘snprintf’ output between 8 and 4103 bytes into a destination of size 4096 1122 | snprintf(command, sizeof(command), "RNTO %s\r\n", path); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- libavformat/ftp.c | 64 ++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 52 insertions(+), 12 deletions(-) diff --git a/libavformat/ftp.c b/libavformat/ftp.c index 69caa7670c..883668b37b 100644 --- a/libavformat/ftp.c +++ b/libavformat/ftp.c @@ -250,13 +250,19 @@ static int ftp_auth(FTPContext *s) if (strpbrk(s->user, "\r\n")) return AVERROR(EINVAL); - snprintf(buf, sizeof(buf), "USER %s\r\n", s->user); + err = snprintf(buf, sizeof(buf), "USER %s\r\n", s->user); + if (err >= sizeof(buf)) + return AVERROR(ENOSYS); + err = ftp_send_command(s, buf, user_codes, NULL); if (err == 331) { if (s->password) { if (strpbrk(s->password, "\r\n")) return AVERROR(EINVAL); - snprintf(buf, sizeof(buf), "PASS %s\r\n", s->password); + err = snprintf(buf, sizeof(buf), "PASS %s\r\n", s->password); + if (err >= sizeof(buf)) + return AVERROR(ENOSYS); + err = ftp_send_command(s, buf, pass_codes, NULL); } else return AVERROR(EACCES); @@ -397,9 +403,13 @@ static int ftp_file_size(FTPContext *s) { char command[CONTROL_BUFFER_SIZE]; char *res = NULL; + int ret; static const int size_codes[] = {213, 0}; - snprintf(command, sizeof(command), "SIZE %s\r\n", s->path); + ret = snprintf(command, sizeof(command), "SIZE %s\r\n", s->path); + if (ret >= sizeof(command)) + return AVERROR(ENOSYS); + if (ftp_send_command(s, command, size_codes, &res) == 213 && res && strlen(res) > 4) { s->filesize = strtoll(&res[4], NULL, 10); } else { @@ -416,9 +426,12 @@ static int ftp_retrieve(FTPContext *s) { char command[CONTROL_BUFFER_SIZE]; static const int retr_codes[] = {150, 125, 0}; - int resp_code; + int resp_code, ret; + + ret = snprintf(command, sizeof(command), "RETR %s\r\n", s->path); + if (ret >= sizeof(command)) + return AVERROR(ENOSYS); - snprintf(command, sizeof(command), "RETR %s\r\n", s->path); resp_code = ftp_send_command(s, command, retr_codes, NULL); if (resp_code != 125 && resp_code != 150) return AVERROR(EIO); @@ -432,9 +445,12 @@ static int ftp_store(FTPContext *s) { char command[CONTROL_BUFFER_SIZE]; static const int stor_codes[] = {150, 125, 0}; - int resp_code; + int resp_code, ret; + + ret = snprintf(command, sizeof(command), "STOR %s\r\n", s->path); + if (ret >= sizeof(command)) + return AVERROR(ENOSYS); - snprintf(command, sizeof(command), "STOR %s\r\n", s->path); resp_code = ftp_send_command(s, command, stor_codes, NULL); if (resp_code != 125 && resp_code != 150) return AVERROR(EIO); @@ -471,8 +487,12 @@ static int ftp_set_dir(FTPContext *s) { static const int cwd_codes[] = {250, 550, 0}; /* 550 is incorrect code */ char command[MAX_URL_SIZE]; + int ret; + + ret = snprintf(command, sizeof(command), "CWD %s\r\n", s->path); + if (ret >= sizeof(command)) + return AVERROR(ENOSYS); - snprintf(command, sizeof(command), "CWD %s\r\n", s->path); if (ftp_send_command(s, command, cwd_codes, NULL) != 250) return AVERROR(EIO); return 0; @@ -1082,13 +1102,23 @@ static int ftp_delete(URLContext *h) if ((ret = ftp_connect(h, h->filename)) < 0) goto cleanup; - snprintf(command, sizeof(command), "DELE %s\r\n", s->path); + ret = snprintf(command, sizeof(command), "DELE %s\r\n", s->path); + if (ret >= sizeof(command)) { + ret = AVERROR(ENOSYS); + goto cleanup; + } + if (ftp_send_command(s, command, del_codes, NULL) == 250) { ret = 0; goto cleanup; } - snprintf(command, sizeof(command), "RMD %s\r\n", s->path); + ret = snprintf(command, sizeof(command), "RMD %s\r\n", s->path); + if (ret >= sizeof(command)) { + ret = AVERROR(ENOSYS); + goto cleanup; + } + if (ftp_send_command(s, command, rmd_codes, NULL) == 250) ret = 0; else @@ -1110,7 +1140,12 @@ static int ftp_move(URLContext *h_src, URLContext *h_dst) if ((ret = ftp_connect(h_src, h_src->filename)) < 0) goto cleanup; - snprintf(command, sizeof(command), "RNFR %s\r\n", s->path); + ret = snprintf(command, sizeof(command), "RNFR %s\r\n", s->path); + if (ret >= sizeof(command)) { + ret = AVERROR(ENOSYS); + goto cleanup; + } + if (ftp_send_command(s, command, rnfr_codes, NULL) != 350) { ret = AVERROR(EIO); goto cleanup; @@ -1119,7 +1154,12 @@ static int ftp_move(URLContext *h_src, URLContext *h_dst) av_url_split(0, 0, 0, 0, 0, 0, 0, path, sizeof(path), h_dst->filename); - snprintf(command, sizeof(command), "RNTO %s\r\n", path); + ret = snprintf(command, sizeof(command), "RNTO %s\r\n", path); + if (ret >= sizeof(command)) { + ret = AVERROR(ENOSYS); + goto cleanup; + } + if (ftp_send_command(s, command, rnto_codes, NULL) == 250) ret = 0; else