[FFmpeg-devel] [PATCH V2 1/7] libavdevice/v4l2.c: fix build warning for [-Wformat-truncation=]
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Sat Feb 27 15:55:07 EET 2021
> On 27 Feb 2021, at 06:37, Guo, Yejun <yejun.guo at intel.com> wrote:
>
>
>> -----Original Message-----
>> From: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> On Behalf Of Reimar
>> D?ffinger
>>>
>
> For the code in this function, max length of file name is fixed, see the code below.
> Anyway, it still increases the on-stack variable size which might have potential security
> issue.
>
> snprintf(device_name, sizeof(device_name), "/dev/%s", entry->d_name);
>
> 'man readdir' shows:
> struct dirent {
> ino_t d_ino; /* Inode number */
> off_t d_off; /* Not an offset; see below */
> unsigned short d_reclen; /* Length of this record */
> unsigned char d_type; /* Type of file; not supported
> by all filesystem types */
> char d_name[256]; /* Null-terminated filename */
> };
The size is not standardised.
E.g. the OSX manpage has:
struct dirent { /* when _DARWIN_FEATURE_64_BIT_INODE is defined */
ino_t d_fileno; /* file number of entry */
__uint64_t d_seekoff; /* seek offset (optional, used by servers)
*/
__uint16_t d_reclen; /* length of this record */
__uint16_t d_namlen; /* length of string in d_name */
__uint8_t d_type; /* file type, see below */
char d_name[1024]; /* name must be no longer than this */
};
More information about the ffmpeg-devel
mailing list