From 6b3bea4231f07631508272c14d4282189dbb0be9 Mon Sep 17 00:00:00 2001
From: shivajigandham <shivajigandham999@gmail.com>
Date: Sun, 22 Mar 2026 19:42:23 +0530
Subject: [PATCH 1/2] fix(lib_ccx): add NULL checks for strdup return values
 (#2194)

---
 src/lib_ccx/ccx_common_common.c    |  4 ++++
 src/lib_ccx/ccx_encoders_common.c  | 14 ++++++++++++--
 src/lib_ccx/ccx_encoders_helpers.c |  8 ++++++++
 src/lib_ccx/output.c               |  4 ++++
 src/lib_ccx/ts_functions.c         | 18 +++++++++---------
 5 files changed, 37 insertions(+), 11 deletions(-)

diff --git a/src/lib_ccx/ccx_common_common.c b/src/lib_ccx/ccx_common_common.c
index 0095ede51..f743d6fde 100644
--- a/src/lib_ccx/ccx_common_common.c
+++ b/src/lib_ccx/ccx_common_common.c
@@ -59,6 +59,10 @@ int add_cc_sub_text(struct cc_subtitle *sub, char *str, LLONG start_time,
 	sub->type = CC_TEXT;
 	sub->enc_type = e_type;
 	sub->data = strdup(str);
+	if (str && !sub->data)
+	{
+		return -1;
+	}
 	sub->datatype = CC_DATATYPE_GENERIC;
 	sub->nb_data = str ? strlen(str) : 0;
 	sub->start_time = start_time;
diff --git a/src/lib_ccx/ccx_encoders_common.c b/src/lib_ccx/ccx_encoders_common.c
index 8cb4b1f07..bccfbc1a2 100644
--- a/src/lib_ccx/ccx_encoders_common.c
+++ b/src/lib_ccx/ccx_encoders_common.c
@@ -607,7 +607,12 @@ static int init_output_ctx(struct encoder_ctx *ctx, struct encoder_cfg *cfg)
 				char *basefilename = get_basename(cfg->output_filename);
 				extension = get_file_extension(cfg->write_format);
 
-				ret = init_write(&ctx->out[0], strdup(cfg->output_filename), cfg->with_semaphore);
+				char *dup_filename = strdup(cfg->output_filename);
+				if (!dup_filename)
+				{
+					fatal(EXIT_NOT_ENOUGH_MEMORY, "In init_encoder: Out of memory duplicating output_filename.");
+				}
+				ret = init_write(&ctx->out[0], dup_filename, cfg->with_semaphore);
 				check_ret(cfg->output_filename);
 				ret = init_write(&ctx->out[1], create_outfilename(basefilename, "_2", extension), cfg->with_semaphore);
 				check_ret(ctx->out[1].filename);
@@ -615,7 +620,12 @@ static int init_output_ctx(struct encoder_ctx *ctx, struct encoder_cfg *cfg)
 			}
 			else
 			{
-				ret = init_write(ctx->out, strdup(cfg->output_filename), cfg->with_semaphore);
+				char *dup_filename = strdup(cfg->output_filename);
+				if (!dup_filename)
+				{
+					fatal(EXIT_NOT_ENOUGH_MEMORY, "In init_encoder: Out of memory duplicating output_filename.");
+				}
+				ret = init_write(ctx->out, dup_filename, cfg->with_semaphore);
 				check_ret(cfg->output_filename);
 			}
 		}
diff --git a/src/lib_ccx/ccx_encoders_helpers.c b/src/lib_ccx/ccx_encoders_helpers.c
index 277659930..22546f340 100644
--- a/src/lib_ccx/ccx_encoders_helpers.c
+++ b/src/lib_ccx/ccx_encoders_helpers.c
@@ -98,6 +98,10 @@ void call_function_if_match(unsigned char *line, struct word_list *list, void (*
 	    '{', '|', '}', '~', '\0'};
 
 	unsigned char *line_token = strdup(line);
+	if (!line_token)
+	{
+		return;
+	}
 	unsigned char *c = strtok(line_token, delim);
 
 	if (c != NULL)
@@ -127,6 +131,10 @@ void telx_correct_case(char *sub_line)
 	    '{', '|', '}', '~', '\0'};
 
 	char *line = strdup(((char *)sub_line));
+	if (!line)
+	{
+		return;
+	}
 	char *oline = (char *)sub_line;
 	char *c = strtok(line, delim);
 	if (c == NULL)
diff --git a/src/lib_ccx/output.c b/src/lib_ccx/output.c
index 492c27141..af44c2a7d 100644
--- a/src/lib_ccx/output.c
+++ b/src/lib_ccx/output.c
@@ -70,6 +70,10 @@ int init_write(struct ccx_s_write *wb, char *filename, int with_semaphore)
 	wb->temporarily_closed = 0;
 	wb->filename = filename;
 	wb->original_filename = strdup(filename);
+	if (!wb->original_filename)
+	{
+		fatal(EXIT_NOT_ENOUGH_MEMORY, "In init_write: Out of memory duplicating filename.");
+	}
 
 	wb->with_semaphore = with_semaphore;
 	wb->append_mode = ccx_options.enc_cfg.append_mode;
diff --git a/src/lib_ccx/ts_functions.c b/src/lib_ccx/ts_functions.c
index 2f31b0f78..8c8503f51 100644
--- a/src/lib_ccx/ts_functions.c
+++ b/src/lib_ccx/ts_functions.c
@@ -27,39 +27,39 @@ uint64_t last_pts = 0;		// PTS of last PES packet (debug purposes)
 // Descriptions for ts ccx_stream_type
 const char *desc[256];
 
-char *get_buffer_type_str(struct cap_info *cinfo)
+const char *get_buffer_type_str(struct cap_info *cinfo)
 {
 	if (cinfo->stream == CCX_STREAM_TYPE_VIDEO_MPEG2)
 	{
-		return strdup("MPG");
+		return "MPG";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_VIDEO_H264)
 	{
-		return strdup("H.264");
+		return "H.264";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_VIDEO_HEVC)
 	{
-		return strdup("HEVC");
+		return "HEVC";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_PRIVATE_MPEG2 && cinfo->codec == CCX_CODEC_ISDB_CC)
 	{
-		return strdup("ISDB CC subtitle");
+		return "ISDB CC subtitle";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_PRIVATE_MPEG2 && cinfo->codec == CCX_CODEC_DVB)
 	{
-		return strdup("DVB subtitle");
+		return "DVB subtitle";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_UNKNOWNSTREAM && ccx_options.hauppauge_mode)
 	{
-		return strdup("Hauppage");
+		return "Hauppage";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_PRIVATE_MPEG2 && cinfo->codec == CCX_CODEC_TELETEXT)
 	{
-		return strdup("Teletext");
+		return "Teletext";
 	}
 	else if (cinfo->stream == CCX_STREAM_TYPE_PRIVATE_MPEG2 && cinfo->codec == CCX_CODEC_ATSC_CC)
 	{
-		return strdup("CC in private MPEG packet");
+		return "CC in private MPEG packet";
 	}
 	else
 	{

From 2af058e481769d05ef0b1cebdee346db02f8d2e5 Mon Sep 17 00:00:00 2001
From: shivajigandham <shivajigandham999@gmail.com>
Date: Sun, 22 Mar 2026 19:50:24 +0530
Subject: [PATCH 2/2] fix(lib_ccx): add NULL checks for fopen and
 alloc_demuxer_data in process_hex (#2201)

---
 src/lib_ccx/general_loop.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/lib_ccx/general_loop.c b/src/lib_ccx/general_loop.c
index d97e07f05..84f8fdcb3 100644
--- a/src/lib_ccx/general_loop.c
+++ b/src/lib_ccx/general_loop.c
@@ -368,10 +368,21 @@ void process_hex(struct lib_ccx_ctx *ctx, char *filename)
 	}
 	/* const char *mpeg_header="00 00 01 b2 43 43 01 f8 "; // Always present */
 	FILE *fr = fopen(filename, "rt");
+	if (!fr)
+	{
+		free(line);
+		fatal(EXIT_FAILURE, "In process_hex: Cannot open %s.", filename);
+	}
 	unsigned char *bytes = NULL;
 	unsigned byte_count = 0;
 	int warning_shown = 0;
 	struct demuxer_data *data = alloc_demuxer_data();
+	if (!data)
+	{
+		fclose(fr);
+		free(line);
+		fatal(EXIT_NOT_ENOUGH_MEMORY, "In process_hex: Out of memory allocating demuxer data.");
+	}
 	while (fgets(line, max - 1, fr) != NULL)
 	{
 		char *c1, *c2 = NULL; // Positions for first and second colons