Browse code
srtdec: fix a format string vulnerability.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit aaa1173de775b9b865a714abcc270816d2f59dff)
Fabian Greffrath authored on 2012/03/03 10:35:27Showing 1 changed files
| ... | ... |
@@ -110,7 +110,7 @@ static const char *srt_to_ass(AVCodecContext *avctx, char *out, char *out_end, |
| 110 | 110 |
for (j=sptr-2; j>=0; j--) |
| 111 | 111 |
if (stack[j].param[i][0]) {
|
| 112 | 112 |
out += snprintf(out, out_end-out, |
| 113 |
- stack[j].param[i]); |
|
| 113 |
+ "%s", stack[j].param[i]); |
|
| 114 | 114 |
break; |
| 115 | 115 |
} |
| 116 | 116 |
} else {
|
| ... | ... |
@@ -146,7 +146,7 @@ static const char *srt_to_ass(AVCodecContext *avctx, char *out, char *out_end, |
| 146 | 146 |
for (i=0; i<PARAM_NUMBER; i++) |
| 147 | 147 |
if (stack[sptr].param[i][0]) |
| 148 | 148 |
out += snprintf(out, out_end-out, |
| 149 |
- stack[sptr].param[i]); |
|
| 149 |
+ "%s", stack[sptr].param[i]); |
|
| 150 | 150 |
} |
| 151 | 151 |
} else if (!buffer[1] && strspn(buffer, "bisu") == 1) {
|
| 152 | 152 |
out += snprintf(out, out_end-out, |