id,summary,reporter,owner,description,type,status,priority,component,version,resolution,keywords,cc,blockedby,blocking,reproduced,analyzed
1780,"potential buffer overflow, based on wrong fscanf format indentifier",ettl.martin,,"Please take a look at following source snippet from {{{ffmpeg/ffserver.c}}}, lines 2034 - 2041:
{{{
                        char cpuperc[10];
                        char cpuused[64];

                        if (fscanf(pid_stat, ""%10s %64s"", cpuperc,
                                   cpuused) == 2) {
                            avio_printf(pb, ""Currently using %s%% of the cpu. Total time used %s.\n"",
                                         cpuperc, cpuused);
                        }
}}}

Here the fscanf format string width is wrong. This means, in order to prevent them from overflowing, please change them to {{{%9s %63s}}, because of the trailing nullterminating string ('\0') at the end.

Best regards and many thanks

Martin Ettl
",defect,closed,normal,FFserver,git-master,fixed,,,,,0,0