[FFmpeg-cvslog] http: fix potentially dangerous whitespace skipping code
wm4
git at videolan.org
Sun Mar 18 13:42:51 EET 2018
ffmpeg | branch: master | wm4 <nfxjfg at googlemail.com> | Thu Mar 8 04:52:36 2018 +0100| [b7d842c554b1fec051ca906f446f7311139c5725] | committer: wm4
http: fix potentially dangerous whitespace skipping code
If the string consists entirely of whitespace, this could in theory
continue to write '\0' before the start of the memory allocation. In
practice, it didn't really happen: the generic HTTP header parsing code
already skips leading whitespaces, so the string is either empty, or
consists a non-whitespace. (The generic code and the cookie code
actually have different ideas about what bytes are whitespace: the
former uses av_isspace(), the latter uses WHITESPACES. Fortunately,
av_isspace() is a super set of the http.c specific WHITESPACES, so
there's probably no case where the above assumption could have been
broken.)
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b7d842c554b1fec051ca906f446f7311139c5725
---
libavformat/http.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/http.c b/libavformat/http.c
index 59f90ac603..983034f083 100644
--- a/libavformat/http.c
+++ b/libavformat/http.c
@@ -760,6 +760,8 @@ static int parse_set_cookie(const char *set_cookie, AVDictionary **dict)
back = &cstr[strlen(cstr)-1];
while (strchr(WHITESPACES, *back)) {
*back='\0';
+ if (back == cstr)
+ break;
back--;
}
More information about the ffmpeg-cvslog
mailing list