[Spice-devel] [PATCH spice-server 3/3] reds: Fix one case parsing invalid codec string
Christophe Fergeau
cfergeau at redhat.com
Tue Jul 3 08:29:03 UTC 2018
Acked-by: Christophe Fergeau <cfergeau at redhat.com>
On Wed, Jun 27, 2018 at 08:00:37AM +0100, Frediano Ziglio wrote:
> In case we pass something like "spice:mjpeg$%*" the last part is
> ignore making the string parse correctly.
> A single pair should end by either string terminator or pair terminator.
>
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> ---
> server/reds.c | 10 +++++++---
> server/tests/test-codecs-parsing.c | 6 ++++++
> 2 files changed, 13 insertions(+), 3 deletions(-)
>
> Maybe for future extension we should support also syntaxes
> like "encoder:codec:whatsoever" ?
>
> diff --git a/server/reds.c b/server/reds.c
> index 4d343b25..03c2bfa1 100644
> --- a/server/reds.c
> +++ b/server/reds.c
> @@ -3555,10 +3555,14 @@ static const char* parse_video_codecs(const char *codecs, char **encoder,
> }
> int n;
> *encoder = *codec = NULL;
> - if (sscanf(codecs, "%m[0-9a-zA-Z_]:%m[0-9a-zA-Z_]%n", encoder, codec, &n) != 2) {
> - return codecs + strcspn(codecs, ";");
> + if (sscanf(codecs, "%m[0-9a-zA-Z_]:%m[0-9a-zA-Z_]%n", encoder, codec, &n) == 2) {
> + // this avoids accepting "encoder:codec" followed by garbage like "$%*"
> + if (codecs[n] != ';' && codecs[n] != '\0') {
> + free(*codec);
> + *codec = NULL;
> + }
> }
> - return codecs + n;
> + return codecs + strcspn(codecs, ";");
> }
>
> static void reds_set_video_codecs_from_string(RedsState *reds, const char *codecs)
> diff --git a/server/tests/test-codecs-parsing.c b/server/tests/test-codecs-parsing.c
> index 860a575e..7998501c 100644
> --- a/server/tests/test-codecs-parsing.c
> +++ b/server/tests/test-codecs-parsing.c
> @@ -115,6 +115,12 @@ static void codecs_bad(void)
> G_LOG_LEVEL_WARNING,
> "*spice: invalid encoder:codec value*",
> TRUE,
> + },{
> + // invalid character in codec
> + "spice:mjpeg&",
> + G_LOG_LEVEL_WARNING,
> + "*spice: invalid encoder:codec value*",
> + TRUE,
> },
> #if !defined(HAVE_GSTREAMER_1_0) && !defined(HAVE_GSTREAMER_0_10)
> {
> --
> 2.17.1
>
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/spice-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/spice-devel/attachments/20180703/22a103a9/attachment.sig>
More information about the Spice-devel
mailing list