[vlc-devel] [PATCH] demux: ts: fix debug message of non-terminated string
Rémi Denis-Courmont
remi at remlab.net
Sat Apr 30 13:33:40 CEST 2016
On Saturday 30 April 2016 10:24:36 Hannes Domani wrote:
> Rémi Denis-Courmont <remi at remlab.net> schrieb am 19:39 Freitag, 29.April
2016:
> > On Friday 29 April 2016 19:11:49 Francois Cartegnie wrote:
> > > Le 29/04/2016 à 18:18, Hannes Domani a écrit :
> > > > + char reg[5];
> > > > + memcpy( reg, p_dr->p_data, 4 );
> > > > + reg[4] = 0;
> > > >
> > > > registration_type = regs[i].reg;
> > > >
> > > > - msg_Dbg( p_demux, PMT_DESC_INDENT "%4.4s
> > > > registration", p_dr->p_data ); + msg_Dbg(
> > > > p_demux,
> > > > PMT_DESC_INDENT "%4.4s registration", reg );
> > >
> > > Nope.
> > > Format string is sufficient.
> >
> > The format string deals with unterminated strings correctly indeed. But
> > the pointer type is wrong.
>
> I see, I didn't know that.
I have a feeling we have already had this discussion here.
ISO/IEC 9989:2011 section 7.21.6.1 §8 says that:
"(...) the argument shall be a pointer to the initial element of an array of
character type. (...) If the precision is specified, no more than that many
bytes are written. If the precision is not specified or is greater than the
size of the array, the array shall contain a null character."
So in this case, there is no need to have a null character if the array
contains at least 4 characters.
> But then there is a bug in mingw-w64, because strlen() was used in this
> case.
That would be security issue in your CRT.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list