generic-library/openh264
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make WelsVsprintf use vsnprintf, to check the buffer size

Browse Source 
Otherwise builds on platforms other than MSVC might be
insecure.

Use vsnprintf_s with the _TRUNCATE flag instead of vsprintf_s
when using MSVC - this truncates the buffer instead of aborting
the whole process in case it's too small.
This commit is contained in:
Martin Storsjö 2014-01-26 14:33:08 +02:00
parent 33fe2b5883
commit e42e82aa1f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
codec/common/crt_util_safe_x.cpp
View File

@ -88,7 +88,7 @@ int32_t WelsStrnlen (const str_t* kpStr, int32_t iMaxlen) {
}
int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
return vsprintf_s (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr);
return vsnprintf_s (pBuffer, iSizeOfBuffer, _TRUNCATE, kpFormat, pArgPtr);
}
WelsFileHandle* WelsFopen (const str_t* kpFilename, const str_t* kpMode) {
@ -142,7 +142,7 @@ int32_t WelsStrnlen (const str_t* kpStr, int32_t iMaxlen) {
}
int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
return vsprintf (pBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
return vsnprintf (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
}
@ -210,7 +210,7 @@ int32_t WelsStrnlen (const str_t* kpString, int32_t iMaxlen) {
#endif
int32_t WelsVsprintf (str_t* pBuffer, int32_t iSizeOfBuffer, const str_t* kpFormat, va_list pArgPtr) {
return vsprintf (pBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
return vsnprintf (pBuffer, iSizeOfBuffer, kpFormat, pArgPtr); //confirmed_safe_unsafe_usage
}
WelsFileHandle* WelsFopen (const str_t* kpFilename, const str_t* kpMode) {