[FFmpeg-devel] [PATCH] tools/zmqsend: Avoid mem copy past the end of input buffer
Michael Niedermayer
michael at niedermayer.cc
Sat Aug 10 00:52:11 EEST 2019
On Thu, Aug 08, 2019 at 05:19:54PM +0200, Paul B Mahol wrote:
> On Thu, Aug 8, 2019 at 4:44 PM Andriy Gelman <andriy.gelman at gmail.com>
> wrote:
>
> > From: Andriy Gelman <andriy.gelman at gmail.com>
> >
> > This patch avoids a read past the end of the input buffer in memcpy since
> > the size
> > of the received zmq message is recv_buf_size - 1.
> > ---
> > tools/zmqsend.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/zmqsend.c b/tools/zmqsend.c
> > index 7bd7fe4199..f26fa9c1c2 100644
> > --- a/tools/zmqsend.c
> > +++ b/tools/zmqsend.c
> > @@ -155,7 +155,7 @@ int main(int argc, char **argv)
> > ret = 1;
> > goto end;
> > }
> > - memcpy(recv_buf, zmq_msg_data(&msg), recv_buf_size);
> > + memcpy(recv_buf, zmq_msg_data(&msg), recv_buf_size - 1);
> > recv_buf[recv_buf_size-1] = 0;
> > printf("%s\n", recv_buf);
> > zmq_msg_close(&msg);
> > --
> > 2.22.0
> >
> >
> LGTM
will apply
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Dictatorship naturally arises out of democracy, and the most aggravated
form of tyranny and slavery out of the most extreme liberty. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190809/6b689937/attachment.sig>
More information about the ffmpeg-devel
mailing list