[FFmpeg-devel] [PATCH] libswcale: Fix possible string overflow in test

Michael Niedermayer michael at niedermayer.cc
Mon May 13 14:39:08 EEST 2019


On Sun, May 12, 2019 at 05:40:00AM -0700, Adam Richter wrote:
> This is a possible fix for a string overflow in some sscanf calls in
> libswcale/tests/swscale.c, in the function fileTest(), found by
> cppcheck.  Please see the attachment for more discussion of this.
> 
> Thanks in advance for considering this patch.
> 
> Adam

>  swscale.c |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 337bfa52e3917c2d896ca5c7ba1b669d5970cdab  0002-libswcale-Fix-possible-string-overflow-in-test.patch
> From 8b5f994bcd2576588149f228695823b5cf8d3dc8 Mon Sep 17 00:00:00 2001
> From: Adam Richter <adamrichter4 at gmail.com>
> Date: Sun, 12 May 2019 05:03:25 -0700
> Subject: [PATCH] libswcale: Fix possible string overflow in test.
> 
> In libswcale/tests/swcale.c, the function fileTest() calls sscanf in
> an argument of "%12s" on character srcStr[] and dstStr[], which are
> only 12 bytes.  So, if the input string is 12 characters, a
> terminating null byte can be written past the end of these arrays.
> 
> This bug was found by cppcheck.
> 
> I am not an ffmpeg or libswcale developer, and I believe that this is
> the first patch I am submitting to ffmpeg, so please let me know if
> I am doing anything wrong in the patch submission process.
> 
> For the same reason, please examine this patch skeptically, especially
> considering that I have not tested this patch other than to see that
> it compiled without complaint and that "make fate" completed with a
> zero exit code.  I do not know if this program actually
> expects these input strings to be a maximum of 11 or 12 characters long.
> In this patch, I assume that they could be 12 characters long, so I have
> extended the array sizes, but perhaps a more correct fix might
> be to change the "%12s" instances to "%11s" instead.
> 
> Thanks in advance for considering this patch.

I actually think 13 is not long enough for the longest name.
Ill fix it, thanks for finding this


[...]


-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Rewriting code that is poorly written but fully understood is good.
Rewriting code that one doesnt understand is a sign that one is less smart
then the original author, trying to rewrite it will not make it better.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190513/ad4ee5f5/attachment.sig>


More information about the ffmpeg-devel mailing list