[vlc-devel] [PATCH 09/13] /* WARNING: previous patch is wrong, please see this one! */

Filip Roséen filip at atch.se
Thu Feb 25 10:23:29 CET 2016


I just noticed how the previous patch (which this email is a reply to) is mad
wrong.

`ptr + strlen(ptr)` is (of course) bullshit if `ptr` is NULL. Please see this
modified patch instead, I am very sorry for the inconvenience.

/F

---
 modules/access/rtsp/rtsp.c | 34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/modules/access/rtsp/rtsp.c b/modules/access/rtsp/rtsp.c
index 44e397b..622cdf2 100644
--- a/modules/access/rtsp/rtsp.c
+++ b/modules/access/rtsp/rtsp.c
@@ -583,22 +583,30 @@ void rtsp_close( rtsp_client_t *rtsp )
 
 char *rtsp_search_answers( rtsp_client_t *rtsp, const char *tag )
 {
-    char **answer;
+    char **answers;
     char *ptr;
+    int i;
 
-    if( !rtsp->p_private->answers ) return NULL;
-    answer = rtsp->p_private->answers;
+    if(rtsp->p_private->answers == NULL || tag == NULL)
+      return NULL;
 
-    while(*answer)
-    {
-        if( !strncasecmp( *answer, tag, strlen(tag) ) )
-        {
-            ptr = strchr(*answer, ':');
-            ptr++;
-            while( *ptr == ' ' ) ptr++;
-            return ptr;
-        }
-        answer++;
+    answers = rtsp->p_private->answers;
+
+    for (i = 0; i < MAX_FIELDS; ++i) {
+      if (answers[i] == NULL)
+        break;
+
+      if (!strncasecmp(answers[i], tag, strlen(tag))){
+        ptr = strchr(answers[i], ':');
+
+        if (ptr == NULL)
+          return answers[i] + strlen(answers[i]); /* no payload => empty string */
+
+        for (++ptr; *ptr == ' '; ++ptr)
+          ;
+
+        return ptr;
+      }
     }
 
     return NULL;
-- 
2.7.1

------------------------------------------------------------------------------

On 16/02/25 10:12, Filip Roséen wrote:

> Changes:
>   - make sure we don't go out of bounds if the buffer is full
>   - make sure we don't dereference `NULL` if the matching value contains no payload
>   - added misc error-checking
> ---
>  modules/access/rtsp/rtsp.c | 34 +++++++++++++++++++++-------------
>  1 file changed, 21 insertions(+), 13 deletions(-)
> 
> diff --git a/modules/access/rtsp/rtsp.c b/modules/access/rtsp/rtsp.c
> index 44e397b..622cdf2 100644
> --- a/modules/access/rtsp/rtsp.c
> +++ b/modules/access/rtsp/rtsp.c
> @@ -583,22 +583,30 @@ void rtsp_close( rtsp_client_t *rtsp )
>  
>  char *rtsp_search_answers( rtsp_client_t *rtsp, const char *tag )
>  {
> -    char **answer;
> +    char **answers;
>      char *ptr;
> +    int i;
>  
> -    if( !rtsp->p_private->answers ) return NULL;
> -    answer = rtsp->p_private->answers;
> +    if(rtsp->p_private->answers == NULL || tag == NULL)
> +      return NULL;
>  
> -    while(*answer)
> -    {
> -        if( !strncasecmp( *answer, tag, strlen(tag) ) )
> -        {
> -            ptr = strchr(*answer, ':');
> -            ptr++;
> -            while( *ptr == ' ' ) ptr++;
> -            return ptr;
> -        }
> -        answer++;
> +    answers = rtsp->p_private->answers;
> +
> +    for (i = 0; i < MAX_FIELDS; ++i) {
> +      if (answers[i] == NULL)
> +        break;
> +
> +      if (!strncasecmp(answers[i], tag, strlen(tag))){
> +        ptr = strchr(answers[i], ':');
> +
> +        if (ptr == NULL)
> +          return ptr + strlen(ptr); /* no payload => empty string */
> +
> +        for (++ptr; *ptr == ' '; ++ptr)
> +          ;
> +
> +        return ptr;
> +      }
>      }
>  
>      return NULL;
> -- 
> 2.7.1
> 


More information about the vlc-devel mailing list