Re: [libav-devel] [PATCH 06/18] log: sanitize string of most control chars before printing.

Ronald S. Bultje Sun, 12 Jun 2011 13:53:09 -0700

Hi,

On Tue, May 24, 2011 at 8:14 AM, Anton Khirnov <[email protected]> wrote:
> From: Michael Niedermayer <[email protected]>
>
> This may be security relevant depending upon the used terminal.
>
> Signed-off-by: Michael Niedermayer <[email protected]>
> Signed-off-by: Anton Khirnov <[email protected]>
> ---
>  libavutil/log.c |    9 +++++++++
>  1 files changed, 9 insertions(+), 0 deletions(-)
>
> diff --git a/libavutil/log.c b/libavutil/log.c
> index c44130c..fe9a54e 100644
> --- a/libavutil/log.c
> +++ b/libavutil/log.c
> @@ -80,6 +80,14 @@ const char* av_default_item_name(void* ptr){
>     return (*(AVClass**)ptr)->class_name;
>  }
>
> +static void sanitize(uint8_t *line){
> +    while(*line){
> +        if(*line < 0x08 || (*line > 0x0D && *line < 0x20))
> +            *line='?';
> +        line++;
> +    }
> +}
> +


What idiot (sorry) would av_log() such characters? Isn't this pebkac?

Ronald
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel

Re: [libav-devel] [PATCH 06/18] log: sanitize string of most control chars before printing.

Reply via email to