gstvalue: don't write to const char *

Our various deserializing functions require NULL terminators
to not over consume substrings (eg fields of an array). Instead
of writing a NULL terminator to the passed-in string, which may
result in segfaults, make a copy of the substring we're interested
in.

Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/446

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/672>

diff --git a/gst/gstvalue.c b/gst/gstvalue.c
index adc7d7e83699f4f16323595fca94264f547b5d62..a6ddfca642911f9292333e73dd86df371e16711c 100644 (file)
--- a/gst/gstvalue.c
+++ b/gst/gstvalue.c
@@ -2717,8 +2717,7 @@ _priv_gst_value_parse_value (gchar * str,
       if (G_UNLIKELY (!_priv_gst_value_parse_string (s, &value_end, &s, TRUE)))
         return FALSE;
       /* Set NULL terminator for deserialization */
-      c = *value_end;
-      *value_end = '\0';
+      value_s = g_strndup (value_s, value_end - value_s);
 
       for (i = 0; i < G_N_ELEMENTS (try_types); i++) {
         g_value_init (value, try_types[i]);
@@ -2734,14 +2733,13 @@ _priv_gst_value_parse_value (gchar * str,
                   (type != G_TYPE_STRING))))
         return FALSE;
       /* Set NULL terminator for deserialization */
-      c = *value_end;
-      *value_end = '\0';
+      value_s = g_strndup (value_s, value_end - value_s);
 
       ret = gst_value_deserialize_with_pspec (value, value_s, pspec);
       if (G_UNLIKELY (!ret))
         g_value_unset (value);
     }
-    *value_end = c;
+    g_free (value_s);
   }
 
   *after = s;