xorg-x11-drv-v4l/SOURCES/0002-Ensure-the-device-name-is-null-terminated.patch
2021-10-08 17:44:49 +00:00

44 lines
1.3 KiB
Diff

From a020fda02fd0aca0c53b2368e6602bbd12002936 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon, 8 Oct 2018 12:55:57 +1000
Subject: [PATCH xf86-video-v4l 2/4] Ensure the device name is null-terminated
And expand the size to 18, because the stack array we copied this into is 18
bytes long. This covers us for up to 999 (kernel) v4l devices and that is
definitely not a reason to use the "640k ought to be enough" meme.
Found by - you guessed it - coverity!
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Dave Airlie <airlied@redhat.com>
---
src/v4l.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/v4l.c b/src/v4l.c
index 0f1058e..583c7b8 100644
--- a/src/v4l.c
+++ b/src/v4l.c
@@ -188,7 +188,7 @@ static const XF86AttributeRec FreqAttr =
static struct V4L_DEVICE {
int fd;
int useCount;
- char devName[16];
+ char devName[18];
} v4l_devices[MAX_V4L_DEVICES] = {
{ -1 },
{ -1 },
@@ -1157,7 +1157,8 @@ V4LInit(ScrnInfoPtr pScrn, XF86VideoAdaptorPtr **adaptors)
}
xf86Msg(X_INFO, "v4l: enabling overlay mode for %s.\n", dev);
- strncpy(V4L_NAME, dev, 16);
+ strncpy(V4L_NAME, dev, 18);
+ V4L_NAME[17] = '\0';
V4LBuildEncodings(pPPriv, fd);
if (NULL == pPPriv->enc)
return FALSE;
--
2.17.1