[FFmpeg-cvslog] avformat/nistspheredec: check sscanf() success before using the result

Michael Niedermayer git at videolan.org
Fri Dec 20 01:33:33 CET 2013


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Dec 19 20:48:51 2013 +0100| [8fe06e7ae8ffde7d4b5eef04a20c9faa45f61439] | committer: Michael Niedermayer

avformat/nistspheredec: check sscanf() success before using the result

Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f935c3c6c1a_7413_nist_pcms8.nist
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8fe06e7ae8ffde7d4b5eef04a20c9faa45f61439
---

 libavformat/nistspheredec.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c
index c09df9c..76f65ec 100644
--- a/libavformat/nistspheredec.c
+++ b/libavformat/nistspheredec.c
@@ -108,8 +108,11 @@ static int nist_read_header(AVFormatContext *s)
             sscanf(buffer, "%*s %*s %"SCNd32, &st->codec->bits_per_coded_sample);
         } else {
             char key[32], value[32];
-            sscanf(buffer, "%31s %*s %31s", key, value);
-            av_dict_set(&s->metadata, key, value, AV_DICT_APPEND);
+            if (sscanf(buffer, "%31s %*s %31s", key, value) == 3) {
+                av_dict_set(&s->metadata, key, value, AV_DICT_APPEND);
+            } else {
+                av_log(s, AV_LOG_ERROR, "Failed to parse '%s' as metadata\n", buffer);
+            }
         }
     }
 



More information about the ffmpeg-cvslog mailing list