ssaparse: Don't use strstr() on strings that are potentially not NULL-terminated

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8036>
This commit is contained in:
Sebastian Dröge 2024-09-30 18:36:19 +03:00 committed by GStreamer Marge Bot
parent 15bb318416
commit 403b10eba0
2 changed files with 36 additions and 1 deletions
subprojects/gst-plugins-base

View file

@ -146,6 +146,35 @@ gst_ssa_parse_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
return res;
}
#ifndef HAVE_MEMMEM
// memmem() is a GNU extension so if it's not available we'll need
// our own implementation here. Thanks C.
static void *
my_memmem (const void *haystack, size_t haystacklen, const void *needle,
size_t needlelen)
{
const guint8 *cur, *end;
if (needlelen > haystacklen)
return NULL;
if (needlelen == 0)
return (void *) haystack;
cur = haystack;
end = cur + haystacklen - needlelen;
for (; cur <= end; cur++) {
if (memcmp (cur, needle, needlelen) == 0)
return (void *) cur;
}
return NULL;
}
#else
#define my_memmem memmem
#endif
static gboolean
gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
{
@ -154,6 +183,7 @@ gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
const GValue *val;
GstStructure *s;
const guchar bom_utf8[] = { 0xEF, 0xBB, 0xBF };
const guint8 header[] = "[Script Info]";
const gchar *end;
GstBuffer *priv;
GstMapInfo map;
@ -193,7 +223,7 @@ gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
left -= 3;
}
if (!strstr (ptr, "[Script Info]"))
if (!my_memmem (ptr, left, header, sizeof (header) - 1))
goto invalid_init;
if (!g_utf8_validate (ptr, left, &end)) {
@ -231,6 +261,10 @@ invalid_init:
}
}
#ifdef my_memmem
#undef my_memmem
#endif
static gboolean
gst_ssa_parse_remove_override_codes (GstSsaParse * parse, gchar * txt)
{

View file

@ -197,6 +197,7 @@ check_functions = [
['HAVE_LRINTF', 'lrintf', '#include<math.h>'],
['HAVE_MMAP', 'mmap', '#include<sys/mman.h>'],
['HAVE_LOG2', 'log2', '#include<math.h>'],
['HAVE_MEMMEM', 'memmem', '#include<string.h>'],
]
libm = cc.find_library('m', required : false)