1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00

libswcale: Fix possible string overflow in test.

In libswcale/tests/swcale.c, the function fileTest() calls sscanf in
an argument of "%12s" on character srcStr[] and dstStr[], which are
only 12 bytes.  So, if the input string is 12 characters, a
terminating null byte can be written past the end of these arrays.

This bug was found by cppcheck.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Adam Richter 2019-05-12 05:03:25 -07:00 committed by Michael Niedermayer
parent f1c9d6fe70
commit b8ed493061

View File

@ -312,10 +312,10 @@ static int fileTest(const uint8_t * const ref[4], int refStride[4],
while (fgets(buf, sizeof(buf), fp)) {
struct Results r;
enum AVPixelFormat srcFormat;
char srcStr[12];
char srcStr[13];
int srcW = 0, srcH = 0;
enum AVPixelFormat dstFormat;
char dstStr[12];
char dstStr[13];
int dstW = 0, dstH = 0;
int flags;
int ret;