From b2bbe8298ba5416f26ffadb43f9e75997ec02f7f Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 19 Feb 2015 22:10:47 +0100 Subject: avformat/dss: Check sscanf() return value in dss_read_metadata_date() Fixes writing uninitialized values into metadata without error in case parsing fails Signed-off-by: Michael Niedermayer --- libavformat/dss.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'libavformat') diff --git a/libavformat/dss.c b/libavformat/dss.c index f4355f1acb..a353ee02f9 100644 --- a/libavformat/dss.c +++ b/libavformat/dss.c @@ -78,7 +78,8 @@ static int dss_read_metadata_date(AVFormatContext *s, unsigned int offset, if (ret < DSS_TIME_SIZE) return ret < 0 ? ret : AVERROR_EOF; - sscanf(string, "%2d%2d%2d%2d%2d%2d", &y, &month, &d, &h, &minute, &sec); + if (sscanf(string, "%2d%2d%2d%2d%2d%2d", &y, &month, &d, &h, &minute, &sec) != 6) + return AVERROR_INVALIDDATA; /* We deal with a two-digit year here, so set the default date to 2000 * and hope it will never be used in the next century. */ snprintf(datetime, sizeof(datetime), "%.4d-%.2d-%.2dT%.2d:%.2d:%.2d", -- cgit v1.2.3