[FFmpeg-cvslog] avformat/ftp: Fix Out-of-Bounds Access and Information Leak in ftp.c:393

Wenxiang Qian git at videolan.org
Thu Mar 14 02:05:51 EET 2019


ffmpeg | branch: release/4.1 | Wenxiang Qian <leonwxqian at qq.com> | Wed Feb 13 08:47:20 2019 +0100| [11375cd1014766c50fb6f36344096f3714569fb3] | committer: Michael Niedermayer

avformat/ftp: Fix Out-of-Bounds Access and Information Leak in ftp.c:393

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a142ffdcaec06fcbf7d4b00dbb0e5ddfb9e3344d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=11375cd1014766c50fb6f36344096f3714569fb3
---

 libavformat/ftp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/ftp.c b/libavformat/ftp.c
index e072067480..3adc04ee1f 100644
--- a/libavformat/ftp.c
+++ b/libavformat/ftp.c
@@ -389,7 +389,7 @@ static int ftp_file_size(FTPContext *s)
     static const int size_codes[] = {213, 0};
 
     snprintf(command, sizeof(command), "SIZE %s\r\n", s->path);
-    if (ftp_send_command(s, command, size_codes, &res) == 213 && res) {
+    if (ftp_send_command(s, command, size_codes, &res) == 213 && res && strlen(res) > 4) {
         s->filesize = strtoll(&res[4], NULL, 10);
     } else {
         s->filesize = -1;



More information about the ffmpeg-cvslog mailing list