<html><head></head><body>Hi,<br><br>This adds a failure case for no reasons. There are no issues here since the VLA length is bound at run-time.<br><br>-1<br><br><div class="gmail_quote">Le 8 décembre 2020 16:19:05 GMT+02:00, "Hugo Beauzée-Luyssen" <hugo@beauzee.fr> a écrit :<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="k9mail"><hr> src/config/chain.c | 25 ++++++++++++++++++-------<br> 1 file changed, 18 insertions(+), 7 deletions(-)<br><br>diff --git a/src/config/chain.c b/src/config/chain.c<br>index 514a571ab7..6f26b7b4e0 100644<br>--- a/src/config/chain.c<br>+++ b/src/config/chain.c<br>@@ -271,7 +271,6 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> const char *const *ppsz_options, const config_chain_t *cfg )<br> {<br> if( psz_prefix == NULL ) psz_prefix = "";<br>- size_t plen = 1 + strlen( psz_prefix );<br> <br> /* First, var_Create all variables */<br> for( size_t i = 0; ppsz_options[i] != NULL; i++ )<br>@@ -280,11 +279,15 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> if (optname[0] == '*')<br> optname++;<br> <br>- char name[plen + strlen( optname )];<br>- snprintf( name, sizeof (name), "%s%s", psz_prefix, optname );<br>+ char* name;<br>+ if( asprintf(&name, "%s%s", psz_prefix, optname) < 0 )<br>+ return;<br> if( var_Create( p_this, name,<br> config_GetType( name ) | VLC_VAR_DOINHERIT ) )<br>+ {<br>+ free(name);<br> return /* VLC_xxx */;<br>+ }<br> <br> module_config_t* p_conf = config_FindConfig( name );<br> if( p_conf )<br>@@ -303,6 +306,7 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> break;<br> }<br> }<br>+ free(name);<br> }<br> <br> /* Now parse options and set value */<br>@@ -349,10 +353,11 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> }<br> <br> /* create name */<br>- char name[plen + strlen( ppsz_options[i] )];<br>- const char *psz_name = name;<br>- snprintf( name, sizeof (name), "%s%s", psz_prefix,<br>- b_once ? (ppsz_options[i] + 1) : ppsz_options[i] );<br>+ char *name;<br>+ if (asprintf(&name, "%s%s", psz_prefix,<br>+ b_once ? (ppsz_options[i] + 1) : ppsz_options[i]) < 0)<br>+ continue;<br>+ const char* psz_name = name;<br> <br> /* Check if the option is deprecated */<br> p_conf = config_FindConfig( name );<br>@@ -368,6 +373,7 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> /* TODO: this should return an error and end option parsing<br> * ... but doing this would change the VLC API and all the<br> * modules so i'll do it later */<br>+ free(name);<br> continue;<br> }<br> }<br>@@ -379,17 +385,20 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> {<br> msg_Warn( p_this, "unknown option %s (value=%s)",<br> cfg->psz_name, cfg->psz_value );<br>+ free(name);<br> continue;<br> }<br> <br> if( i_type != VLC_VAR_BOOL && cfg->psz_value == NULL )<br> {<br> msg_Warn( p_this, "missing value for option %s", cfg->psz_name );<br>+ free(name);<br> continue;<br> }<br> if( i_type != VLC_VAR_STRING && b_once )<br> {<br> msg_Warn( p_this, "*option_name need to be a string option" );<br>+ free(name);<br> continue;<br> }<br> <br>@@ -422,6 +431,7 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> {<br> free( val2.psz_string );<br> msg_Dbg( p_this, "ignoring option %s (not first occurrence)", psz_name );<br>+ free(name);<br> continue;<br> }<br> free( val2.psz_string );<br>@@ -429,6 +439,7 @@ void config_ChainParse( vlc_object_t *p_this, const char *psz_prefix,<br> var_Set( p_this, psz_name, val );<br> msg_Dbg( p_this, "set config option: %s to %s", psz_name,<br> cfg->psz_value ? cfg->psz_value : "(null)" );<br>+ free(name);<br> }<br> }<br> </pre></blockquote></div><br>-- <br>Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.</body></html>