shithub: dav1d

Download patch

ref: b004c1a7a1cdba17a42c1de4c2df54b0588c5a77
parent: 679754e77dd809a607fbd057109be59e7039bd7d
author: James Almer <[email protected]>
date: Fri Oct 19 20:29:29 EDT 2018

ivf: fix the conversion specifier in printed error message strings

Fixes stack buffer overflows.

--- a/tools/input/ivf.c
+++ b/tools/input/ivf.c
@@ -57,12 +57,12 @@
         fclose(c->f);
         return -1;
     } else if (memcmp(hdr, "DKIF", 4)) {
-        fprintf(stderr, "%s is not an IVF file [tag=%4s|0x%02x%02x%02x%02x]\n",
+        fprintf(stderr, "%s is not an IVF file [tag=%.4s|0x%02x%02x%02x%02x]\n",
                 file, hdr, hdr[0], hdr[1], hdr[2], hdr[3]);
         fclose(c->f);
         return -1;
     } else if (memcmp(&hdr[8], "AV01", 4)) {
-        fprintf(stderr, "%s is not an AV1 file [tag=%4s|0x%02x%02x%02x%02x]\n",
+        fprintf(stderr, "%s is not an AV1 file [tag=%.4s|0x%02x%02x%02x%02x]\n",
                 file, &hdr[8], hdr[8], hdr[9], hdr[10], hdr[11]);
         fclose(c->f);
         return -1;