2011/6/12 Måns Rullgård <[email protected]>: > "Ronald S. Bultje" <[email protected]> writes: > >> Hi, >> >> On Tue, May 24, 2011 at 8:14 AM, Anton Khirnov <[email protected]> wrote: >>> From: Michael Niedermayer <[email protected]> >>> >>> This may be security relevant depending upon the used terminal. >>> >>> Signed-off-by: Michael Niedermayer <[email protected]> >>> Signed-off-by: Anton Khirnov <[email protected]> >>> --- >>> libavutil/log.c | 9 +++++++++ >>> 1 files changed, 9 insertions(+), 0 deletions(-) >>> >>> diff --git a/libavutil/log.c b/libavutil/log.c >>> index c44130c..fe9a54e 100644 >>> --- a/libavutil/log.c >>> +++ b/libavutil/log.c >>> @@ -80,6 +80,14 @@ const char* av_default_item_name(void* ptr){ >>> return (*(AVClass**)ptr)->class_name; >>> } >>> >>> +static void sanitize(uint8_t *line){ >>> + while(*line){ >>> + if(*line < 0x08 || (*line > 0x0D && *line < 0x20)) >>> + *line='?'; >>> + line++; >>> + } >>> +} >>> + >> >> What idiot (sorry) would av_log() such characters? Isn't this pebkac? > > The patch author presumably. > > I agree, this is pointless. Such characters can end up in av_log() > output in one of two ways: > > 1. They are part of the format string. > 2. They are part of a %s argument. > > Only a complete idiot would do 1. 2 could happen only if a buffer with > unknown content were passed as argument to %s. If the contents are not > known, it is probably not null-terminated either, and you have a much > bigger problem. In other words, only an idiot would that too. >
What about trying to print a fourcc or the like with "%.4s"? http://git.libav.org/?p=libav.git&a=search&h=HEAD&st=grep&s=%25.4s _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
