[FFmpeg-devel] av_strlcpy() size parameter signedness

Michael Niedermayer michaelni
Sat Sep 29 01:37:48 CEST 2007


currently the buffer size parameter for av_strlcpy() (and friends) 
is unsigned this makes sense and is logic but it has a flaw
that is if a negative value is mistakely used something very bad happens

how can a negative value be assigned?

av_strlcpy(... FFMIN(buf_size, something))
with something being <0 and buf_size signed

i propose that we add a check to the functions so that they treat
sizes > INT_MAX like 0 (or a equivalent simpler solution)

comments welcome...

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

I hate to see young programmers poisoned by the kind of thinking
Ulrich Drepper puts forward since it is simply too narrow -- Roman Shaposhnik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070929/518bd302/attachment.pgp>

More information about the ffmpeg-devel mailing list