From 6f0e9a863466bfcbd75ee15d4d8a6aad2a5126a4 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Tue, 16 Apr 2019 00:09:38 +0200
Subject: [PATCH] avutil/avstring: Fix bug and undefined behavior in
 av_strncasecmp()

The function in case of n=0 would read more bytes than 0.
The end pointer could be beyond the allocated space, which
is undefined.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavutil/avstring.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libavutil/avstring.c b/libavutil/avstring.c
index f03dd25141..4c068f5bc5 100644
--- a/libavutil/avstring.c
+++ b/libavutil/avstring.c
@@ -222,12 +222,13 @@ int av_strcasecmp(const char *a, const char *b)
 
 int av_strncasecmp(const char *a, const char *b, size_t n)
 {
-    const char *end = a + n;
     uint8_t c1, c2;
+    if (n <= 0)
+        return 0;
     do {
         c1 = av_tolower(*a++);
         c2 = av_tolower(*b++);
-    } while (a < end && c1 && c1 == c2);
+    } while (--n && c1 && c1 == c2);
     return c1 - c2;
 }