Archived
2
0

Fix buffer overflow in Gstreamer log function (#382)

vsprintf() is dangerous, and can overflow easily, especially with small
buffers like the 100 byte one that was being used. This changes the
buffer size to a more sane 4KiB, and uses vsnprintf() to automatically
concatenate a large log message instead of overflowing and crashing.
This commit is contained in:
tt2468 2024-03-27 13:32:47 -07:00 committed by GitHub
parent db6f9c957e
commit 2b13220d63
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -3,8 +3,8 @@
static void gstreamer_pipeline_log(GstPipelineCtx *ctx, char* level, const char* format, ...) { static void gstreamer_pipeline_log(GstPipelineCtx *ctx, char* level, const char* format, ...) {
va_list argptr; va_list argptr;
va_start(argptr, format); va_start(argptr, format);
char buffer[100]; char buffer[4096];
vsprintf(buffer, format, argptr); vsnprintf(buffer, sizeof(buffer), format, argptr);
va_end(argptr); va_end(argptr);
goPipelineLog(level, buffer, ctx->pipelineId); goPipelineLog(level, buffer, ctx->pipelineId);
} }