[FFmpeg-devel] [PATCH] Fix memory corruption in srt_to_ass (subtitle decoder)
alexandre at elgato.com
Thu Mar 24 17:17:56 CET 2011
The function srt_to_ass uses sscanf() with the conversion '%128' to parse srt data. The conversion '%128' requires a buffer that (in sscanf man page):
"must be a pointer to char, and there must be enough room for all the characters in the string, plus a terminating NUL character."
Currently the buffer can only contain 128 characters but the sscanf call requires 128 + 1 (NUL character) = 129 characters.
This sscanf call led in some cases to a memory corruption and can cause a crash. The proposed patch consists of increasing the size of the buffer.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 517 bytes
Desc: not available
More information about the ffmpeg-devel