[vlc-devel] [PATCH] vlc_strftime: avoid infinite loop on windows when format string is invalid
rom at rom1v.com
Thu Jan 25 18:35:55 CET 2018
On Thu, Jan 25, 2018 at 06:43:42PM +0200, Rémi Denis-Courmont wrote:
> We can intrinsically not handle UB and therefore we do not handle UB, at least
> not post-facto. Where practical and useful, you can add post-facto assertions
> to aid in debugging - nothing else.
I agree with you, in theory we can just ignore UB.
But here, the current vlc_strftime() implementation may transform an
error (with errno set) to an infinite loop, which is not very
To always avoid an infinite loop, one possibility could be to double the
buffer size on each iteration (instead of increasing linearly), and
limit to, say, 10 iterations, failing with an error otherwise.
> > The issue can be seen on windows when changing the text of the marquee
> > filter.
> There are plenty of ways to crash VLC within valid input parameters. We just
> have to ensure that any such parameter is _not_ marked safe. Preventing UB is
> impossible and therefore out of scope.
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
More information about the vlc-devel