[vlc-devel] [PATCH 2/2] include: strings: Add size check to vlc_hex_encode_binary
Thomas Guillem
thomas at gllm.fr
Fri Apr 17 08:02:25 CEST 2020
On Fri, Apr 17, 2020, at 07:54, Steve Lhomme wrote:
> On 2020-04-16 20:58, Thomas Guillem wrote:
> >
> >
> > On Thu, Apr 16, 2020, at 16:05, Marvin Scholz wrote:
> >> ---
> >> include/vlc_hash.h | 16 ++++++++--------
> >> include/vlc_strings.h | 5 +++--
> >> src/text/strings.c | 6 ++++--
> >> 3 files changed, 15 insertions(+), 12 deletions(-)
> >>
> >> diff --git a/include/vlc_hash.h b/include/vlc_hash.h
> >> index 1e7757ac58..b5136677d2 100644
> >> --- a/include/vlc_hash.h
> >> +++ b/include/vlc_hash.h
> >> @@ -57,14 +57,14 @@
> >> * \param[out] output Output buffer to write the string to
> >> */
> >> #ifndef __cplusplus
> >> -#define vlc_hash_FinishHex(ctx, output, size) \
> >> - do { \
> >> - char out_tmp[_Generic((ctx), \
> >> - vlc_hash_md5_t *: VLC_HASH_MD5_DIGEST_SIZE)]; \
> >> - _Generic((ctx), \
> >> - vlc_hash_md5_t *: vlc_hash_md5_Finish) \
> >> - (ctx, out_tmp, sizeof(out_tmp)); \
> >> - vlc_hex_encode_binary(out_tmp, sizeof(out_tmp), output); \
> >> +#define vlc_hash_FinishHex(ctx, output, size) \
> >> + do { \
> >> + char out_tmp[_Generic((ctx), \
> >> + vlc_hash_md5_t *: VLC_HASH_MD5_DIGEST_SIZE)]; \
> >> + _Generic((ctx), \
> >> + vlc_hash_md5_t *: vlc_hash_md5_Finish) \
> >> + (ctx, out_tmp, sizeof(out_tmp)); \
> >> + vlc_hex_encode_binary(out_tmp, sizeof(out_tmp), output, size); \
> >> } while (0)
> >> #endif
> >>
> >> diff --git a/include/vlc_strings.h b/include/vlc_strings.h
> >> index 930d3347fb..5b4436141f 100644
> >> --- a/include/vlc_strings.h
> >> +++ b/include/vlc_strings.h
> >> @@ -125,10 +125,11 @@ VLC_API char *vlc_xml_encode(const char *str)
> >> VLC_MALLOC;
> >> * string in hexadecimal representation.
> >> *
> >> * \param input Input buffer
> >> - * \param size Input buffer size
> >> + * \param in_size Input buffer size
> >> * \param[out] output Output buffer to write the string to
> >> + * \param out_size Output buffer size
> >> */
> >> -VLC_API void vlc_hex_encode_binary(const void *input, size_t size,
> >> char *output);
> >> +VLC_API void vlc_hex_encode_binary(const void *input, size_t in_size,
> >> char *output, size_t out_size);
> >>
> >> /**
> >> * Base64 encoding.
> >> diff --git a/src/text/strings.c b/src/text/strings.c
> >> index 9676687aae..fc0babc7ce 100644
> >> --- a/src/text/strings.c
> >> +++ b/src/text/strings.c
> >> @@ -347,11 +347,13 @@ char *vlc_xml_encode (const char *str)
> >> }
> >>
> >> /* Hex encoding */
> >> -void vlc_hex_encode_binary(const void *input, size_t size, char *output)
> >> +void vlc_hex_encode_binary(const void *input, size_t in_size,
> >> + char *output, size_t out_size)
> >> {
> >> + assert(out_size >= in_size * 2 + 1); // 2 chars per byte + null
> >
> > Missing a (void) out_size; to clear warning on builds with NDEBUG.
>
> Can we just disable this warning ? We keep adding dummy code just to
> silence this warning. I don't think there are cases where it's useful to
> know we don't use a variable (apart when cleaning an API but then a grep
> is still needed to verify all the calls anyway).
Personally, this warning saved me more than one time. I would prefer to keep it.
>
> > Otherwise, LGTM for the set.
> >
> >> const unsigned char *buffer = input;
> >>
> >> - for (size_t i = 0; i < size; i++) {
> >> + for (size_t i = 0; i < in_size; i++) {
> >> sprintf(&output[i * 2], "%02hhx", buffer[i]);
> >> }
> >> }
> >> --
> >> 2.24.1 (Apple Git-126)
> >>
> >> _______________________________________________
> >> vlc-devel mailing list
> >> To unsubscribe or modify your subscription options:
> >> https://mailman.videolan.org/listinfo/vlc-devel
> > _______________________________________________
> > vlc-devel mailing list
> > To unsubscribe or modify your subscription options:
> > https://mailman.videolan.org/listinfo/vlc-devel
> >
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> https://mailman.videolan.org/listinfo/vlc-devel
More information about the vlc-devel
mailing list