[vlc-commits] [Git][videolan/vlc][3.0.x] 11 commits: actions: match the format string with the buffer size
Steve Lhomme (@robUx4)
gitlab at videolan.org
Sat Dec 13 09:53:47 UTC 2025
Steve Lhomme pushed to branch 3.0.x at VideoLAN / VLC
Commits:
41328807 by Steve Lhomme at 2025-12-13T09:30:17+00:00
actions: match the format string with the buffer size
(cherry picked from commit a1f42f8bdb04bd6b32413225009a13f2c594ddee)
- - - - -
1fc33b47 by Steve Lhomme at 2025-12-13T09:30:17+00:00
png: fix potential buffer overflow
This is the error we have:
../../../modules/codec/png.c:162:49: warning: '%zu' directive output may be truncated writing between 1 and 20 bytes into a region of size between 18 and 37 [-Wformat-truncation=]
162 | "block size %zu too small for %zu encoded bytes",
| ^~~
../../../modules/codec/png.c:162:19: note: directive argument in the range [1, 18446744073709551615]
162 | "block size %zu too small for %zu encoded bytes",
(cherry picked from commit 59894f24f431e717444bb49331f35624eedc64f7)
- - - - -
02e0b281 by Alexandre Janniaux at 2025-12-13T09:30:17+00:00
mpeg: fix format-overflow warning
psz_key can be NULL, which triggers a format-overflow warning.
Signed-off-by: Steve Lhomme <robux4 at ycbcr.xyz>
(cherry picked from commit 56452f2173d31dd970448c6dc2ed9904ad8b3a39)
- - - - -
a504757d by Marvin Scholz at 2025-12-13T09:30:17+00:00
access: cdda: avoid using sprintf
Use snprintf to avoid a deprecation warning about sprintf on Darwin platforms.
(cherry picked from commit 8fba6c29bc2bbe20835ba63e11bbef875b446ba7)
- - - - -
a498eaee by Thomas Guillem at 2025-12-13T09:30:17+00:00
cdda: fix format-truncation warning
(cherry picked from commit 5f24d66c06d6337eda485413bd6867d4572308fd)
- - - - -
db607fb0 by Marvin Scholz at 2025-12-13T09:30:17+00:00
http: avoid using sprintf
Use snprintf to avoid a deprecation warning about sprintf on Darwin platforms.
(cherry picked from commit b93f201c755284edf78f79fbe6c2709d832b5ed0)
- - - - -
49b5312b by Erwan Tulou at 2025-12-13T09:30:17+00:00
skins2: kill compilation warning
(cherry picked from commit bdefc284c09d651ff3007d10da9f4e6e3a30903f)
- - - - -
ce54ec75 by Alexandre Janniaux at 2025-12-13T09:30:17+00:00
mosaic_bridge: fix format-overflow warning
Signed-off-by: Thomas Guillem <thomas at gllm.fr>
(cherry picked from commit 865d5a931360fba22894ed9c0cecb93abe78de54) (edited)
- - - - -
b4de9310 by Steve Lhomme at 2025-12-13T09:30:17+00:00
access:http: change the scanf/printf format modifiers when using uintmax_t
PRI(uxd)MAX for printf and SCN(uxd)MAX for scanf are supported in C99 and even
in MSVC 2013, unlike the j modifier.
(cherry picked from commit 06d86ae4088fd49e69ff6e47c2f6f31e4530f975)
- - - - -
14e998cd by Steve Lhomme at 2025-12-13T09:30:17+00:00
ncurses: disable string format warning
gcc claims c can be NULL but it cannot.
gui/ncurses.c:401:17: error: '%s' directive argument is null [-Werror=format-overflow=]
401 | if (asprintf(&tmp, "%s%c ", c, last ? ' ' : '|') == -1)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- - - - -
baa78c39 by Steve Lhomme at 2025-12-13T09:30:17+00:00
access: http: fix status string size warning
The asserts checks that the status is below 1000 but if it's bigger
in a release build we should not limit the buffer size.
(cherry picked from commit dbd22036b067f7a161e2e19810e26a70784bc810)
- - - - -
10 changed files:
- modules/access/cdda.c
- modules/access/http/chunked.c
- modules/access/http/file.c
- modules/access/http/message.c
- modules/codec/png.c
- modules/demux/mpeg/ts_si.c
- modules/gui/ncurses.c
- modules/gui/skins2/utils/ustring.cpp
- modules/stream_out/mosaic_bridge.c
- src/misc/actions.c
Changes:
=====================================
modules/access/cdda.c
=====================================
@@ -408,9 +408,9 @@ static char * BuildMusicbrainzDiscID( const vcddev_toc_t *p_toc,
char buffer[16];
- sprintf( buffer, "%02X", i_first );
+ snprintf( buffer, ARRAY_SIZE(buffer), "%02X", i_first );
gcry_md_write( hd, buffer, 2 );
- sprintf( buffer, "%02X", i_last );
+ snprintf( buffer, ARRAY_SIZE(buffer), "%02X", i_last );
gcry_md_write( hd, buffer, 2 );
/* LEAD OUT sector info */
@@ -422,12 +422,12 @@ static char * BuildMusicbrainzDiscID( const vcddev_toc_t *p_toc,
else
i_last_track_end = LBAPregap(p_toc->p_sectors[p_toc->i_tracks].i_lba);
- sprintf( buffer, "%08X", i_last_track_end );
+ snprintf( buffer, ARRAY_SIZE(buffer), "%08X", i_last_track_end );
gcry_md_write( hd, buffer, 8 );
for( int i = 0; i<i_total; i++ ) /* skip LEAD OUT */
{
- sprintf( buffer, "%08X", LBAPregap(p_toc->p_sectors[i].i_lba) );
+ snprintf( buffer, ARRAY_SIZE(buffer), "%08X", LBAPregap(p_toc->p_sectors[i].i_lba) );
gcry_md_write( hd, buffer, 8 );
}
@@ -664,8 +664,9 @@ static void AccessGetMeta(stream_t *access, vlc_meta_t *meta)
{
char yearbuf[5];
- snprintf(yearbuf, sizeof (yearbuf), "%u", year);
- vlc_meta_SetDate(meta, yearbuf);
+ int ret = snprintf(yearbuf, sizeof (yearbuf), "%u", year);
+ if (ret >= 0 && (size_t) ret < sizeof (yearbuf))
+ vlc_meta_SetDate(meta, yearbuf);
}
/* Set artist only if identical across tracks */
=====================================
modules/access/http/chunked.c
=====================================
@@ -83,7 +83,7 @@ static block_t *vlc_chunked_read(struct vlc_http_stream *stream)
int end;
- if (sscanf(line, "%jx%n", &s->chunk_length, &end) < 1
+ if (sscanf(line, "%" SCNxMAX "%n", &s->chunk_length, &end) < 1
|| (line[end] != '\0' && line[end] != ';' /* ignore extension(s) */))
s->chunk_length = UINTMAX_MAX;
=====================================
modules/access/http/file.c
=====================================
@@ -69,7 +69,7 @@ static int vlc_http_file_req(const struct vlc_http_resource *res,
}
}
- if (vlc_http_msg_add_header(req, "Range", "bytes=%ju-", *offset)
+ if (vlc_http_msg_add_header(req, "Range", "bytes=%" PRIuMAX "-", *offset)
&& *offset != 0)
return -1;
return 0;
@@ -89,7 +89,7 @@ static int vlc_http_file_resp(const struct vlc_http_resource *res,
goto fail;
uintmax_t start, end;
- if (sscanf(str, "bytes %ju-%ju", &start, &end) != 2
+ if (sscanf(str, "bytes %" SCNuMAX "-%" SCNuMAX, &start, &end) != 2
|| start != *offset || start > end)
/* A single range response is what we asked for, but not at that
* start offset. */
@@ -140,7 +140,7 @@ static uintmax_t vlc_http_msg_get_file_size(const struct vlc_http_msg *resp)
uintmax_t end, total;
- switch (sscanf(range, "bytes %*u-%ju/%ju", &end, &total))
+ switch (sscanf(range, "bytes %*u-%" SCNuMAX "/%" SCNuMAX, &end, &total))
{
case 1:
if (unlikely(end == UINTMAX_MAX))
@@ -159,7 +159,7 @@ static uintmax_t vlc_http_msg_get_file_size(const struct vlc_http_msg *resp)
if (range == NULL)
return -1; /* valid but helpless response */
- if (sscanf(range, "bytes */%ju", &total) == 1)
+ if (sscanf(range, "bytes */%" SCNuMAX, &total) == 1)
return total; /* this occurs when seeking beyond EOF */
}
=====================================
modules/access/http/message.c
=====================================
@@ -408,8 +408,8 @@ struct vlc_h2_frame *vlc_http_msg_h2_frame(const struct vlc_http_msg *m,
if (m->status >= 0)
{
- assert(m->status < 1000);
- sprintf(status, "%hd", m->status);
+ if (m->status >= 1000) vlc_assert_unreachable();
+ snprintf(status, ARRAY_SIZE(status), "%hd", m->status);
headers[i][0] = ":status";
headers[i][1] = status;
i++;
@@ -878,7 +878,7 @@ uintmax_t vlc_http_msg_get_size(const struct vlc_http_msg *m)
uintmax_t length;
- if (sscanf(str, "%ju", &length) == 1)
+ if (sscanf(str, "%" SCNuMAX, &length) == 1)
return length;
errno = EINVAL;
=====================================
modules/codec/png.c
=====================================
@@ -158,7 +158,7 @@ static void user_write( png_structp p_png, png_bytep data, png_size_t i_length )
{
block_t *p_block = (block_t *)png_get_io_ptr( p_png );
if( i_length > p_block->i_buffer ) {
- char err_str[64];
+ char err_str[128];
snprintf( err_str, sizeof(err_str),
"block size %zu too small for %zu encoded bytes",
p_block->i_buffer, i_length );
=====================================
modules/demux/mpeg/ts_si.c
=====================================
@@ -458,7 +458,8 @@ static void EITExtractDrDescItems( demux_t *p_demux, const dvbpsi_extended_event
continue;
}
- msg_Dbg( p_demux, " - desc='%s' item='%s'", psz_key, psz_itm );
+ msg_Dbg( p_demux, " - desc='%s' item='%s'",
+ psz_key ? psz_key : "(null)", psz_itm );
if( b_appending )
{
/* Continued items */
=====================================
modules/gui/ncurses.c
=====================================
@@ -396,6 +396,8 @@ static void PlaylistAddNode(intf_sys_t *sys, playlist_item_t *node,
if (p_child->i_children <= 0)
continue;
+ if (unlikely(!c)) vlc_assert_unreachable();
+
if (*c) {
char *tmp;
if (asprintf(&tmp, "%s%c ", c, last ? ' ' : '|') == -1)
=====================================
modules/gui/skins2/utils/ustring.cpp
=====================================
@@ -71,7 +71,7 @@ UString::UString( intf_thread_t *pIntf, const char *pString ):
}
if( !pCur || *pCur )
{
- msg_Err( pIntf, "invalid UTF8 string: %s", pString );
+ msg_Err( pIntf, "invalid UTF8 string: %s", pString ? pString : "nil" );
m_length = 0;
m_pString = NULL;
return;
=====================================
modules/stream_out/mosaic_bridge.c
=====================================
@@ -380,7 +380,7 @@ static sout_stream_id_sys_t * Add( sout_stream_t *p_stream, const es_format_t *p
/* Create user specified video filters */
psz_chain = var_GetNonEmptyString( p_stream, CFG_PREFIX "vfilter" );
- msg_Dbg( p_stream, "psz_chain: %s", psz_chain );
+ msg_Dbg( p_stream, "psz_chain: '%s'", psz_chain ? psz_chain : "");
if( psz_chain )
{
filter_owner_t owner = {
=====================================
src/misc/actions.c
=====================================
@@ -528,9 +528,11 @@ int libvlc_InternalActionsInit (libvlc_int_t *libvlc)
#endif
as->ppsz_keys[i] = s_names2actions[i].psz;
+#define STRINGIFY_(x) #x
+#define STRINGIFY(x) STRINGIFY_(x)
char name[12 + MAXACTION];
- snprintf (name, sizeof (name), "global-key-%s", s_names2actions[i].psz);
+ snprintf (name, sizeof (name), "global-key-%." STRINGIFY(MAXACTION) "s", s_names2actions[i].psz);
init_action (obj, &as->map, name + 7, s_names2actions[i].id);
init_action (obj, &as->global_map, name, s_names2actions[i].id);
}
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/c41cacc68ed1c8cfeb1c45696b90828d52d6e606...baa78c390d4ffc34b2131a64f3aaa86ad4ba65a5
--
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/c41cacc68ed1c8cfeb1c45696b90828d52d6e606...baa78c390d4ffc34b2131a64f3aaa86ad4ba65a5
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance
More information about the vlc-commits
mailing list