From 20f4bde1d6dd3e13671dbcba781fa386ee86d5b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Vasseur?= Date: Tue, 25 Jun 2024 17:40:50 +0200 Subject: [PATCH] uuri: fix undefined behaviour Allow calling uuri_unescape() with null buffer. --- lib/upipe/uuri.c | 12 +++++++----- tests/uuri_test.c | 5 +++-- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/lib/upipe/uuri.c b/lib/upipe/uuri.c index e214d98c2..2af020603 100644 --- a/lib/upipe/uuri.c +++ b/lib/upipe/uuri.c @@ -120,10 +120,13 @@ ssize_t uuri_unescape(const char *path, char *buffer, size_t size) while (!ustring_is_empty(str)) { struct ustring tmp = ustring_split_until(&str, "%"); - memcpy(buffer, tmp.at, tmp.len > size ? size : tmp.len); + size_t len = tmp.len > size ? size : tmp.len; + if (buffer) { + memcpy(buffer, tmp.at, len); + buffer += len; + } + size -= len; s += tmp.len; - buffer += tmp.len; - size -= size > tmp.len ? tmp.len : size; if (ustring_is_empty(str)) break; @@ -132,10 +135,9 @@ ssize_t uuri_unescape(const char *path, char *buffer, size_t size) if (ustring_is_empty(pct)) return -1; if (size) { - buffer[0] = uuri_pct_decode(pct); + *buffer++ = uuri_pct_decode(pct); size--; } - buffer++; s++; } if (size) diff --git a/tests/uuri_test.c b/tests/uuri_test.c index c3f74b556..fe5d32458 100644 --- a/tests/uuri_test.c +++ b/tests/uuri_test.c @@ -303,9 +303,10 @@ static void test_escape(void) assert(uuri_escape(paths[i], escape, sizeof (escape)) == len); printf("escaped path %s -> %s\n", paths[i], escape); - assert(uuri_unescape_len(escape) <= strlen(paths[i])); + len = uuri_unescape_len(escape); + assert(len >= 0 && len <= strlen(paths[i])); char unescape[strlen(paths[i]) + 1]; - assert(uuri_unescape(escape, unescape, sizeof (unescape)) >= 0); + assert(uuri_unescape(escape, unescape, sizeof (unescape)) == len); assert(!strcmp(paths[i], unescape)); } }