iridium/neko-custom
Archived
2
0
Fork 0
Code Pull Requests Activity

Fix buffer overflow in Gstreamer log function ()

Browse Source 
vsprintf() is dangerous, and can overflow easily, especially with small
buffers like the 100 byte one that was being used. This changes the
buffer size to a more sane 4KiB, and uses vsnprintf() to automatically
concatenate a large log message instead of overflowing and crashing.
This commit is contained in:
tt2468 2024-03-27 13:32:47 -07:00 committed by GitHub
parent db6f9c957e
commit 2b13220d63
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions

4
server/internal/capture/gst/gst.c

@ -3,8 +3,8 @@
static void gstreamer_pipeline_log(GstPipelineCtx *ctx, char* level, const char* format, ...) { static void gstreamer_pipeline_log(GstPipelineCtx *ctx, char* level, const char* format, ...) {
va_list argptr; va_list argptr;
va_start(argptr, format); va_start(argptr, format);
char buffer[100]; char buffer[4096];
vsprintf(buffer, format, argptr); vsnprintf(buffer, sizeof(buffer), format, argptr);
va_end(argptr); va_end(argptr);
goPipelineLog(level, buffer, ctx->pipelineId); goPipelineLog(level, buffer, ctx->pipelineId);
} }