Andreas Rheinhardt: > The AVBPrint API guarantees that the string buffer is always > zero-terminated; in order to honour this guarantee, there > obviously must be a string buffer at all and it must have > a size >= 1. Therefore av_bprint_init_for_buffer() treats > passing a NULL buffer or size == 0 as invalid data that > leads to undefined behaviour, namely NPD in case NULL is provided > or a write to a buffer of size 0 in case size == 0. > > But it would be easy to support this, namely by using the internal > buffer with AV_BPRINT_SIZE_COUNT_ONLY in case size == 0. > > There is a reason to allow this: Several functions like > av_channel_(description|name) are actually wrappers > around corresponding AVBPrint functions. They accept user > provided buffers and are supposed to return the required > size of the buffer, which would allow the user to call > it once to get the required buffer size and call it once > more after having allocated the buffer. > If av_bprint_init_for_buffer() treats size == 0 as invalid, > all these users would need to check for this themselves > and basically add the same codeblock that this patch > adds to av_bprint_init_for_buffer(). > > This change is in line with e.g. snprintf() which also allows > the pointer to be NULL in case size is zero. > > This fixes Coverity issues #1503074, #1503076 and #1503082; > all of these issues are about providing NULL to the channel-layout > functions that are wrappers around AVBPrint versions. > > Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com> > --- > Missing lavu minor version bump. > > libavutil/bprint.c | 5 +++++ > libavutil/bprint.h | 3 +++ > 2 files changed, 8 insertions(+) > > diff --git a/libavutil/bprint.c b/libavutil/bprint.c > index 23998a8b02..4e9571715c 100644 > --- a/libavutil/bprint.c > +++ b/libavutil/bprint.c > @@ -84,6 +84,11 @@ void av_bprint_init(AVBPrint *buf, unsigned size_init, > unsigned size_max) > > void av_bprint_init_for_buffer(AVBPrint *buf, char *buffer, unsigned size) > { > + if (size == 0) { > + av_bprint_init(buf, 0, AV_BPRINT_SIZE_COUNT_ONLY); > + return; > + } > + > buf->str = buffer; > buf->len = 0; > buf->size = size; > diff --git a/libavutil/bprint.h b/libavutil/bprint.h > index f27d30f723..8559745478 100644 > --- a/libavutil/bprint.h > +++ b/libavutil/bprint.h > @@ -144,6 +144,9 @@ void av_bprint_init(AVBPrint *buf, unsigned size_init, > unsigned size_max); > * Init a print buffer using a pre-existing buffer. > * > * The buffer will not be reallocated. > + * In case size equals zero, the AVBPrint will be initialized to use > + * the internal buffer as if using AV_BPRINT_SIZE_COUNT_ONLY with > + * av_bprint_init(). > * > * @param buf buffer structure to init > * @param buffer byte buffer to use for the string data
Ping for this patch (and the rest of this patchset). Will apply patches 2-5 in two days unless there are objections; will apply the rest today. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".