[vlc-commits] [Git][videolan/vlc][master] stream_out: dlna: replace sprintf by iostream

Jean-Baptiste Kempf (@jbk) gitlab at videolan.org
Fri Feb 17 09:24:32 UTC 2023 


Jean-Baptiste Kempf pushed to branch master at VideoLAN / VLC


Commits:
53ff91a5 by Alexandre Janniaux at 2023-02-17T09:09:38+00:00
stream_out: dlna: replace sprintf by iostream

Although the usage is fine in DLNA because the input is controlled and
sized, sprintf is considered dangerous and is now deprecated on MacOSX,
leading to warnings. In addition, this is C++ code which is already
using ostringstream to serialize the DLNA info, and it was only using
sprintf there for the sized part of the DLNA info.

The DLNA info must match with:
 - DNLA.ORG_OP is 2 character-wide 0-padded
 - DNLA.ORG_FLAGS is 32 character-wide 0-padded.

Use std::setfill and then set the appropriate width for each fields in
the info, directly into the DLNA ostringstream used to serialize the
whole string.

- - - - -


1 changed file:

- modules/stream_out/dlna/dlna.cpp


Changes:

=====================================
modules/stream_out/dlna/dlna.cpp
=====================================
@@ -30,6 +30,7 @@
 #include <vector>
 #include <string>
 #include <sstream>
+#include <iomanip>
 
 #include <vlc_cxx_helpers.hpp>
 #include <vlc_dialog.h>
@@ -106,7 +107,6 @@ static char *getServerIPAddress() {
 std::string dlna_write_protocol_info (const protocol_info_t info)
 {
     std::ostringstream protocol;
-    char dlna_info[448];
 
     if (info.transport == DLNA_TRANSPORT_PROTOCOL_HTTP)
         protocol << "http-get:*:";
@@ -121,11 +121,17 @@ std::string dlna_write_protocol_info (const protocol_info_t info)
                              DLNA_ORG_FLAG_BACKGROUND_TRANSFERT_MODE |
                              DLNA_ORG_FLAG_CONNECTION_STALL |
                              DLNA_ORG_FLAG_DLNA_V15;
-    sprintf (dlna_info, "%s=%.2x;%s=%d;%s=%.8x%.24x",
-               "DLNA.ORG_OP", DLNA_ORG_OPERATION_RANGE,
-               "DLNA.ORG_CI", info.ci,
-               "DLNA.ORG_FLAGS", flags, 0);
-    protocol << dlna_info;
+
+    protocol << std::setfill('0')
+        << "DLNA.ORG_OP="
+        << std::hex << std::setw(2)
+        << DLNA_ORG_OPERATION_RANGE
+        << ";DLNA.ORG_CI="
+        << std::dec << info.ci
+        << ";DLNA.ORG_FLAGS="
+        << std::hex
+        << std::setw(8) << flags
+        << std::setw(24) << 0;
 
     return protocol.str();
 }



View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/53ff91a53f5e8c53ea27ea22f6b196eac09b7490

-- 
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/53ff91a53f5e8c53ea27ea22f6b196eac09b7490
You're receiving this email because of your account on code.videolan.org.


VideoLAN code repository instance

More information about the vlc-commits mailing list