aboutsummaryrefslogtreecommitdiffstats
path: root/libswscale/tests
diff options
context:
space:
mode:
authorAdam Richter <adamrichter4@gmail.com>2019-05-12 05:03:25 -0700
committerMichael Niedermayer <michael@niedermayer.cc>2019-05-13 13:39:40 +0200
commitb8ed4930618b170de57a9086e1e9892216454684 (patch)
tree52ccf4316ccb95a6eb45f0eae14ba5fb52f1c487 /libswscale/tests
parentf1c9d6fe704c004b424d40d6d695beab8d6f9591 (diff)
downloadffmpeg-b8ed4930618b170de57a9086e1e9892216454684.tar.gz
libswcale: Fix possible string overflow in test.
In libswcale/tests/swcale.c, the function fileTest() calls sscanf in an argument of "%12s" on character srcStr[] and dstStr[], which are only 12 bytes. So, if the input string is 12 characters, a terminating null byte can be written past the end of these arrays. This bug was found by cppcheck. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libswscale/tests')
-rw-r--r--libswscale/tests/swscale.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/libswscale/tests/swscale.c b/libswscale/tests/swscale.c
index e72c4c3306..cb731f6211 100644
--- a/libswscale/tests/swscale.c
+++ b/libswscale/tests/swscale.c
@@ -312,10 +312,10 @@ static int fileTest(const uint8_t * const ref[4], int refStride[4],
while (fgets(buf, sizeof(buf), fp)) {
struct Results r;
enum AVPixelFormat srcFormat;
- char srcStr[12];
+ char srcStr[13];
int srcW = 0, srcH = 0;
enum AVPixelFormat dstFormat;
- char dstStr[12];
+ char dstStr[13];
int dstW = 0, dstH = 0;
int flags;
int ret;