From 2b13220d6335a45ff3a75c01642f59fabd68179f Mon Sep 17 00:00:00 2001 From: tt2468 Date: Wed, 27 Mar 2024 13:32:47 -0700 Subject: [PATCH] Fix buffer overflow in Gstreamer log function (#382) vsprintf() is dangerous, and can overflow easily, especially with small buffers like the 100 byte one that was being used. This changes the buffer size to a more sane 4KiB, and uses vsnprintf() to automatically concatenate a large log message instead of overflowing and crashing. --- server/internal/capture/gst/gst.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/internal/capture/gst/gst.c b/server/internal/capture/gst/gst.c index e538f5d1..6f903234 100644 --- a/server/internal/capture/gst/gst.c +++ b/server/internal/capture/gst/gst.c @@ -3,8 +3,8 @@ static void gstreamer_pipeline_log(GstPipelineCtx *ctx, char* level, const char* format, ...) { va_list argptr; va_start(argptr, format); - char buffer[100]; - vsprintf(buffer, format, argptr); + char buffer[4096]; + vsnprintf(buffer, sizeof(buffer), format, argptr); va_end(argptr); goPipelineLog(level, buffer, ctx->pipelineId); }