Details
-
Bug
-
Resolution: Done
-
P2: Important
-
5.9.1
-
None
Description
qgstutils.cpp:645 uses Linux ioctl VIDIOC_S_INPUT wrongly: instead of passing a pointer to the integer, it passes the integer itself. This will likely lead to a segfault, once that input number is interpreted as a pointer and dereferenced.
TheĀ ioctl description clearly says "To select a video input applications store the number of the desired input in an integer and call the VIDIOC_S_INPUT ioctl with a pointer to this integer.", and that's also how everyone else seems to use it.
The ioctl use is also wrong for a different reason: If the call fails, the input is considered a usable camera. Now, the question is, why did this never cause problems? Presumably, because this ioctl isn't implemented in many drivers, so the return value is then the non-zero return value for not implemented ioctls.
The (guaranteed untested) patch might fix both problems: A camera is valid if the ioctl/VIDIOC_S_INPUT call either succeeded (i.e. returned zero) or indicated, that the function isn't implemented (ENOTTY, for historic reasons I've been told).