[PR #1805] [MERGED] fix(encoders): replace sprintf/strcpy with bounds-checked versions #2545

New Issue

Open

opened 2026-01-29 17:22:43 +00:00 by claunia · 0 comments

claunia commented 2026-01-29 17:22:43 +00:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/CCExtractor/ccextractor/pull/1805
Author: @cfsmp3
Created: 12/13/2025
Status: ✅ Merged
Merged: 12/13/2025
Merged by: @cfsmp3

Base: master ← Head: fix/phase3-buffer-safety-sami-srt-mp4-webvtt

---

📝 Commits (1)

• a43cb99 fix(encoders): replace sprintf/strcpy with bounds-checked versions

📊 Changes

4 files changed (+61 additions, -48 deletions)

View changed files

📝 src/lib_ccx/ccx_encoders_sami.c (+17 -17)
📝 src/lib_ccx/ccx_encoders_srt.c (+9 -9)
📝 src/lib_ccx/ccx_encoders_webvtt.c (+27 -13)
📝 src/lib_ccx/mp4.c (+8 -9)

📄 Description

Summary

This PR continues the Phase 3 buffer safety work from the bug analysis plan, replacing unsafe string functions with bounds-checked alternatives:

• ccx_encoders_sami.c: 10 sprintf → snprintf conversions
• ccx_encoders_srt.c: 6 sprintf → snprintf conversions
• mp4.c: 6 fixes including:
  • sprintf/strcpy/strcat → snprintf
  • Critical fix: Buffer overflow in format_duration() where 20-byte buffer was too small for long duration strings (e.g., "365 Days, 23:59:59.999" = 22+ chars)
  • Added size parameter to format_duration() function
• ccx_encoders_webvtt.c: 6 sprintf → snprintf conversions, plus:
  • Fixed malloc size bug (+4 instead of +5 for null terminator)
  • Added OOM checks for css_file_name and outline_css_file
  • Fixed memory leaks (allocated strings were not freed)

Test plan

• Build completes successfully
• Test with SAMI output format
• Test with SRT output format
• Test with WebVTT output format (including CSS generation)
• Test with MP4 files containing chapters

🤖 Generated with Claude Code

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/CCExtractor/ccextractor/pull/1805 **Author:** [@cfsmp3](https://github.com/cfsmp3) **Created:** 12/13/2025 **Status:** ✅ Merged **Merged:** 12/13/2025 **Merged by:** [@cfsmp3](https://github.com/cfsmp3) **Base:** `master` ← **Head:** `fix/phase3-buffer-safety-sami-srt-mp4-webvtt` --- ### 📝 Commits (1) - [`a43cb99`](https://github.com/CCExtractor/ccextractor/commit/a43cb9979dcf29b2465b128457e3f15a824dddc3) fix(encoders): replace sprintf/strcpy with bounds-checked versions ### 📊 Changes **4 files changed** (+61 additions, -48 deletions) <details> <summary>View changed files</summary> 📝 `src/lib_ccx/ccx_encoders_sami.c` (+17 -17) 📝 `src/lib_ccx/ccx_encoders_srt.c` (+9 -9) 📝 `src/lib_ccx/ccx_encoders_webvtt.c` (+27 -13) 📝 `src/lib_ccx/mp4.c` (+8 -9) </details> ### 📄 Description ## Summary This PR continues the Phase 3 buffer safety work from the bug analysis plan, replacing unsafe string functions with bounds-checked alternatives: - **ccx_encoders_sami.c**: 10 `sprintf` → `snprintf` conversions - **ccx_encoders_srt.c**: 6 `sprintf` → `snprintf` conversions - **mp4.c**: 6 fixes including: - `sprintf`/`strcpy`/`strcat` → `snprintf` - **Critical fix**: Buffer overflow in `format_duration()` where 20-byte buffer was too small for long duration strings (e.g., "365 Days, 23:59:59.999" = 22+ chars) - Added size parameter to `format_duration()` function - **ccx_encoders_webvtt.c**: 6 `sprintf` → `snprintf` conversions, plus: - Fixed malloc size bug (`+4` instead of `+5` for null terminator) - Added OOM checks for `css_file_name` and `outline_css_file` - Fixed memory leaks (allocated strings were not freed) ## Test plan - [x] Build completes successfully - [ ] Test with SAMI output format - [ ] Test with SRT output format - [ ] Test with WebVTT output format (including CSS generation) - [ ] Test with MP4 files containing chapters 🤖 Generated with [Claude Code](https://claude.com/claude-code) --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

claunia added the pull-request label 2026-01-29 17:22:43 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

fix/input-scc-option

fix/palette-crate-fedora

pr-1782

fix/flutter-gui-v0.7.0-files

docs/changelog-upcoming

fix/goptime-and-startcredits-bugs

fix/bindgen-upgrade-1608

fix/tesseract-version-check-future-proof

fix/ccx-encoders-spupng-memory-safety

fix/freebsd-remarks

compatibility/xp

v0.96.5

v0.96.4

v0.96.3

v0.96.2

v0.96.1

v0.96

v0.94

v0.93

v0.92

v0.91

v0.90

v0.89

v0.88

v0.87

v0.86

v0.85b

v0.85

v0.84

v0.83

v0.82

v0.81

v0.80

v0.79

v0.78

v0.77

v0.76

v0.75

v0.74

v0.73

v0.72

v0.71

v0.70

Labels

Clear labels

bug

CEA-708

difficulty: easy

difficulty: hard

difficulty: medium

DTMB

DVB

enhancement

enhancement

Flutter GUI

GCI19

good-first-task

GSoC 2021

GSOC-2023

GSOC-2023

GSOC-2023

GSoC-related

Hacktoberfest

HardsubX

help wanted

invalid

JokerTV

Mac / OSX

more-info-needed

needs-commercial-sponsor

needs-commercial-sponsor

needs-commercial-sponsor

needs-confirmation-of-being-broken

OCR

pull-request

Mirrored from GitHub Pull Request

Python

regression

Rust

teletext

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claunia

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ccextractor#2545