[FFmpeg-devel] [PATCH 1/9] avdevice/xcbgrab: Check sscanf() return
Michael Niedermayer
michael at niedermayer.cc
Mon Jun 3 05:15:18 EEST 2024
Alot more input checking can be performed, this is only checking the obvious missing case
Fixes: CID1598562 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavdevice/xcbgrab.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavdevice/xcbgrab.c b/libavdevice/xcbgrab.c
index 2e6b118d8c0..c736ec0cbcb 100644
--- a/libavdevice/xcbgrab.c
+++ b/libavdevice/xcbgrab.c
@@ -828,7 +828,10 @@ static av_cold int xcbgrab_read_header(AVFormatContext *s)
if (!sscanf(s->url, "%[^+]+%d,%d", display_name, &c->x, &c->y)) {
*display_name = 0;
- sscanf(s->url, "+%d,%d", &c->x, &c->y);
+ if(sscanf(s->url, "+%d,%d", &c->x, &c->y) != 2) {
+ if (*s->url)
+ av_log(s, AV_LOG_WARNING, "Ambigous URL: %s\n", s->url);
+ }
}
c->conn = xcb_connect(display_name[0] ? display_name : NULL, &screen_num);
--
2.45.1
More information about the ffmpeg-devel
mailing list