[FFmpeg-devel] [PATCH 4/9] lavd/v4l2: detect device name truncation
Anton Khirnov
anton at khirnov.net
Thu Nov 25 17:04:55 EET 2021
Silences the following warning with gcc 10:
src/libavdevice/v4l2.c: In function ‘v4l2_get_device_list’:
src/libavdevice/v4l2.c:1042:64: warning: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 251 [-Wformat-truncation=]
1042 | ret = snprintf(device_name, sizeof(device_name), "/dev/%s", entry->d_name);
| ^~
src/libavdevice/v4l2.c:1042:15: note: ‘snprintf’ output between 6 and 261 bytes into a destination of size 256
1042 | ret = snprintf(device_name, sizeof(device_name), "/dev/%s", entry->d_name);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Previous patches intending to silence it have proposed increasing the
buffer size, but doing that correctly seems to be tricky. Failing on
truncation is simpler and just as effective (as excessively long device
names are unlikely).
---
libavdevice/v4l2.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/libavdevice/v4l2.c b/libavdevice/v4l2.c
index c286b31c69..80efc88203 100644
--- a/libavdevice/v4l2.c
+++ b/libavdevice/v4l2.c
@@ -1033,13 +1033,19 @@ static int v4l2_get_device_list(AVFormatContext *ctx, AVDeviceInfoList *device_l
while ((entry = readdir(dir))) {
AVDeviceInfo *device = NULL;
struct v4l2_capability cap;
- int fd = -1;
+ int fd = -1, size;
char device_name[256];
if (!v4l2_is_v4l_dev(entry->d_name))
continue;
- snprintf(device_name, sizeof(device_name), "/dev/%s", entry->d_name);
+ size = snprintf(device_name, sizeof(device_name), "/dev/%s", entry->d_name);
+ if (size >= sizeof(device_name)) {
+ av_log(ctx, AV_LOG_ERROR, "Device name too long.\n");
+ ret = AVERROR(ENOSYS);
+ goto fail;
+ }
+
if ((fd = device_open(ctx, device_name)) < 0)
continue;
--
2.33.0
More information about the ffmpeg-devel
mailing list