mirror of
https://github.com/FFmpeg/FFmpeg.git
synced 2025-03-17 20:17:55 +02:00
libswcale: Fix possible string overflow in test.
In libswcale/tests/swcale.c, the function fileTest() calls sscanf in an argument of "%12s" on character srcStr[] and dstStr[], which are only 12 bytes. So, if the input string is 12 characters, a terminating null byte can be written past the end of these arrays. This bug was found by cppcheck. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b8ed4930618b170de57a9086e1e9892216454684) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
parent
9f8d2716a6
commit
a0966c15b1
@ -308,10 +308,10 @@ static int fileTest(uint8_t *ref[4], int refStride[4], int w, int h, FILE *fp,
|
||||
while (fgets(buf, sizeof(buf), fp)) {
|
||||
struct Results r;
|
||||
enum AVPixelFormat srcFormat;
|
||||
char srcStr[12];
|
||||
char srcStr[13];
|
||||
int srcW = 0, srcH = 0;
|
||||
enum AVPixelFormat dstFormat;
|
||||
char dstStr[12];
|
||||
char dstStr[13];
|
||||
int dstW = 0, dstH = 0;
|
||||
int flags;
|
||||
int ret;
|
||||
|
Loading…
x
Reference in New Issue
Block a user