[FFmpeg-devel] [PATCH 2/2] OpenCL: Avoid potential buffer overflow in cmdutils_opencl.c by using strncpy instead of strcpy

Gupta, Maneesh Maneesh.Gupta at amd.com
Tue Apr 28 09:43:51 CEST 2015


> -----Original Message-----
> From: ffmpeg-devel-bounces at ffmpeg.org [mailto:ffmpeg-devel-
> bounces at ffmpeg.org] On Behalf Of Michael Niedermayer
> Sent: Monday, April 27, 2015 4:49 PM
> To: FFmpeg development discussions and patches
> Subject: Re: [FFmpeg-devel] [PATCH 2/2] OpenCL: Avoid potential buffer
> overflow in cmdutils_opencl.c by using strncpy instead of strcpy
> 
> On Mon, Apr 27, 2015 at 07:51:36AM +0000, Gupta, Maneesh wrote:
> > Hi,
> >
> > There was a potential buffer overflow during a strcpy operation in
> cmdutils_opencl.c. This patch attempts to fix the same.
> >
> > Regards,
> > Maneesh
> 
> >  cmdutils_opencl.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > b6d9e0b4f9efc1d0ae9d3f05b7802c81007999d7
> > 0002-OpenCL-Replace-strcpy-with-strncpy-to-avoid-buffer-o.patch
> > From 026f4de0628c3e7e0211ee0f6c96e816ff757cd1 Mon Sep 17 00:00:00
> 2001
> > From: Maneesh Gupta <maneesh.gupta at amd.com>
> > Date: Sat, 25 Apr 2015 11:17:05 +0530
> > Subject: [PATCH 2/2] OpenCL: Replace strcpy with strncpy to avoid
> > buffer  overflows
> >
> > Signed-off-by: Maneesh Gupta <maneesh.gupta at amd.com>
> > ---
> >  cmdutils_opencl.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/cmdutils_opencl.c b/cmdutils_opencl.c index
> > 3dfd156..73cab98 100644
> > --- a/cmdutils_opencl.c
> > +++ b/cmdutils_opencl.c
> > @@ -238,7 +238,7 @@ int opt_opencl_bench(void *optctx, const char
> *opt, const char *arg)
> >                  devices[count].platform_idx = i;
> >                  devices[count].device_idx = j;
> >                  devices[count].runtime = score;
> > -                strcpy(devices[count].device_name, device_node-
> >device_name);
> > +                strncpy(devices[count].device_name,
> > + device_node->device_name, 64);
> this should be
> sizeof(devices[count].device_name)
> and av_strlcpy()
> 
[Gupta, Maneesh] Attached is the updated patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-OpenCL-Avoid-potential-buffer-overflow-in-cmdutils_o.patch
Type: application/octet-stream
Size: 1462 bytes
Desc: 0002-OpenCL-Avoid-potential-buffer-overflow-in-cmdutils_o.patch
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150428/b2863da7/attachment.obj>


More information about the ffmpeg-devel mailing list