Am 21.03.2018 um 20:33 schrieb Timo Rothenpieler:
av_strtok calls strspn on a non-NULL *saveptr, so not NULL initializing it is an issue.Fixes CID #1428568 --- libavformat/hlsenc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c index b7c6fbde6a..fa17776efe 100644 --- a/libavformat/hlsenc.c +++ b/libavformat/hlsenc.c @@ -1873,7 +1873,8 @@ static int parse_cc_stream_mapstring(AVFormatContext *s) { HLSContext *hls = s->priv_data; int nb_ccstreams; - char *p, *q, *saveptr1, *saveptr2, *ccstr, *keyval; + char *p, *q, *ccstr, *keyval; + char *saveptr1 = NULL, *saveptr2 = NULL; const char *val; ClosedCaptionsStream *ccs;
Just realized, the more correct approach is probably to check the av_strdup below this for ENOMEM. Not sure about the exact semantics there, initializing these still seems like a good safety measure.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
