[FFmpeg-devel] [PATCH] ffmpeg: avoid scanf in keyboard command parsing

Nicolas George george at nsup.org
Mon Aug 3 22:12:49 CEST 2015


Le sextidi 16 thermidor, an CCXXIII, Hendrik Leppkes a écrit :
> Mixing stdio and low-level IO on stdin is not safe.
> ---
>  ffmpeg.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/ffmpeg.c b/ffmpeg.c
> index 5575e2f..206b3dc 100644
> --- a/ffmpeg.c
> +++ b/ffmpeg.c
> @@ -3428,9 +3428,17 @@ static int check_keyboard_interaction(int64_t cur_time)
>              if(!debug) debug = 1;
>              while(debug & (FF_DEBUG_DCT_COEFF|FF_DEBUG_VIS_QP|FF_DEBUG_VIS_MB_TYPE)) //unsupported, would just crash
>                  debug += debug;
> -        }else
> -            if(scanf("%d", &debug)!=1)
> +        }else{
> +            char buf[32];

> +            int k = 0;
> +            i = 0;
> +            while ((k = read_key()) != '\n' && k != '\r' && i < sizeof(buf)-1)
> +                if (k > 0)
> +                    buf[i++] = k;
> +            buf[i] = 0;

This part could have been factored withe the previous code as read_line(),
but that is not very important.

> +            if (k <= 0 || sscanf(buf, "%d", &debug)!=1)
>                  fprintf(stderr,"error parsing debug value\n");
> +        }
>          for(i=0;i<nb_input_streams;i++) {
>              input_streams[i]->st->codec->debug = debug;
>          }

This is exactly what I had in mind. I suppose it fixes the 'd0\n?' case you
tested?

Regards,

-- 
  Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150803/6b101fa0/attachment.sig>


More information about the ffmpeg-devel mailing list