[FFmpeg-cvslog] avformat/dss: Check sscanf() return value in dss_read_metadata_date()

Michael Niedermayer git at videolan.org
Thu Feb 19 22:23:18 CET 2015


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Feb 19 22:10:47 2015 +0100| [b2bbe8298ba5416f26ffadb43f9e75997ec02f7f] | committer: Michael Niedermayer

avformat/dss: Check sscanf() return value in dss_read_metadata_date()

Fixes writing uninitialized values into metadata without error in case
parsing fails

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b2bbe8298ba5416f26ffadb43f9e75997ec02f7f
---

 libavformat/dss.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/dss.c b/libavformat/dss.c
index f4355f1..a353ee0 100644
--- a/libavformat/dss.c
+++ b/libavformat/dss.c
@@ -78,7 +78,8 @@ static int dss_read_metadata_date(AVFormatContext *s, unsigned int offset,
     if (ret < DSS_TIME_SIZE)
         return ret < 0 ? ret : AVERROR_EOF;
 
-    sscanf(string, "%2d%2d%2d%2d%2d%2d", &y, &month, &d, &h, &minute, &sec);
+    if (sscanf(string, "%2d%2d%2d%2d%2d%2d", &y, &month, &d, &h, &minute, &sec) != 6)
+        return AVERROR_INVALIDDATA;
     /* We deal with a two-digit year here, so set the default date to 2000
      * and hope it will never be used in the next century. */
     snprintf(datetime, sizeof(datetime), "%.4d-%.2d-%.2dT%.2d:%.2d:%.2d",



More information about the ffmpeg-cvslog mailing list