nginx-rtmp-module icon indicating copy to clipboard operation
nginx-rtmp-module copied to clipboard
verified publisher icon arut

Fixing unchecked value

Open Fahnenfluchtige opened this issue 7 months ago • 0 comments

The Svace static analysis tool identified a potential issue in the function ngx_rtmp_init_event_handlers(), where the return value of ngx_array_init is not checked properly:

 ngx_array_init(&cmcf->amf_arrays, cf->pool, 1, sizeof(ngx_hash_key_t));

The function сan return NGX_ERROR. However, no error handling is performed.

So, the solution is to add error checking:

diff --git a/ngx_rtmp.c b/ngx_rtmp.c
index cde7432..fc0ef24 100644
--- a/ngx_rtmp.c
+++ b/ngx_rtmp.c
@@ -449,7 +449,9 @@ ngx_rtmp_init_event_handlers(ngx_conf_t *cf, ngx_rtmp_core_main_conf_t *cmcf)
     *eh = ngx_rtmp_aggregate_message_handler;
 
     /* init amf callbacks */
-    ngx_array_init(&cmcf->amf_arrays, cf->pool, 1, sizeof(ngx_hash_key_t));
+    if (ngx_array_init(&cmcf->amf_arrays, cf->pool, 1, sizeof(ngx_hash_key_t)) != NGX_OK) {
+        return NGX_ERROR;
+    }

Fahnenfluchtige avatar May 15 '25 12:05 Fahnenfluchtige