[FFmpeg-devel] [PATCH 1/3] avformat/ftp: Fix Out-of-Bounds Access and Information Leak in ftp.c:393
Michael Niedermayer
michael at niedermayer.cc
Wed Feb 13 11:31:32 EET 2019
From: Wenxiang Qian <leonwxqian at qq.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavformat/ftp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/ftp.c b/libavformat/ftp.c
index e072067480..3adc04ee1f 100644
--- a/libavformat/ftp.c
+++ b/libavformat/ftp.c
@@ -389,7 +389,7 @@ static int ftp_file_size(FTPContext *s)
static const int size_codes[] = {213, 0};
snprintf(command, sizeof(command), "SIZE %s\r\n", s->path);
- if (ftp_send_command(s, command, size_codes, &res) == 213 && res) {
+ if (ftp_send_command(s, command, size_codes, &res) == 213 && res && strlen(res) > 4) {
s->filesize = strtoll(&res[4], NULL, 10);
} else {
s->filesize = -1;
--
2.20.1
More information about the ffmpeg-devel
mailing list