ffmpeg | branch: master | Adam Richter <adamricht...@gmail.com> | Sun May 12 05:03:25 2019 -0700| [b8ed4930618b170de57a9086e1e9892216454684] | committer: Michael Niedermayer
libswcale: Fix possible string overflow in test. In libswcale/tests/swcale.c, the function fileTest() calls sscanf in an argument of "%12s" on character srcStr[] and dstStr[], which are only 12 bytes. So, if the input string is 12 characters, a terminating null byte can be written past the end of these arrays. This bug was found by cppcheck. Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b8ed4930618b170de57a9086e1e9892216454684 --- libswscale/tests/swscale.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libswscale/tests/swscale.c b/libswscale/tests/swscale.c index e72c4c3306..cb731f6211 100644 --- a/libswscale/tests/swscale.c +++ b/libswscale/tests/swscale.c @@ -312,10 +312,10 @@ static int fileTest(const uint8_t * const ref[4], int refStride[4], while (fgets(buf, sizeof(buf), fp)) { struct Results r; enum AVPixelFormat srcFormat; - char srcStr[12]; + char srcStr[13]; int srcW = 0, srcH = 0; enum AVPixelFormat dstFormat; - char dstStr[12]; + char dstStr[13]; int dstW = 0, dstH = 0; int flags; int ret; _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
