avfilter/graphparser: Don't set pointer to one beyond '\0' of string

This happened in parse_link_name() if there was a '[' without matching
']'. While this is not undefined behaviour (pointer arithmetic one
beyond the end of an array works fine as long as there are no accesses),
it is potentially dangerous. It currently isn't (all callers of
parse_link_name() treat this as an error and don't access the string any
more), but making sure that this will never cause trouble in the future
seems nevertheless worthwhile.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>

1 files changed, 4 insertions, 2 deletions

diff --git a/libavfilter/graphparser.c b/libavfilter/graphparser.c
index dfb94788e1..e96b20418e 100644
--- a/libavfilter/graphparser.c
+++ b/libavfilter/graphparser.c
@@ -63,7 +63,7 @@ static char *parse_link_name(const char **buf, void *log_ctx)
 
     name = av_get_token(buf, "]");
     if (!name)
-        goto fail;
+        return NULL;
 
     if (!name[0]) {
         av_log(log_ctx, AV_LOG_ERROR,
@@ -71,12 +71,14 @@ static char *parse_link_name(const char **buf, void *log_ctx)
         goto fail;
     }
 
-    if (*(*buf)++ != ']') {
+    if (**buf != ']') {
         av_log(log_ctx, AV_LOG_ERROR,
                "Mismatched '[' found in the following: \"%s\".\n", start);
     fail:
         av_freep(&name);
+        return NULL;
     }
+    (*buf)++;
 
     return name;
 }