avformat/iss: check sscanf() return code

Fixes use of uninitialized data Fixes: msan_uninit-mem_7f883205ce82_15_0001010100.iss Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
author: Michael Niedermayer <michaelni@gmx.at> 2013-12-23 00:17:52 +0100
committer: Michael Niedermayer <michaelni@gmx.at> 2013-12-23 16:28:44 +0100
commit: 5c3079aaa94ba8140fc727b5533b75b5b337b2bb (patch)
tree: 09a0ef08b78dee01d7f51f2399d131791a7073eb /libavformat/iss.c
parent: 6da21c1f8190d674fd1e5619bb148c1bbab8ca3c (diff)
download: ffmpeg-5c3079aaa94ba8140fc727b5533b75b5b337b2bb.tar.gz
1 files changed, 12 insertions, 3 deletions
diff --git a/libavformat/iss.c b/libavformat/iss.c
index e4335b4cbf..e9945313d6 100644
--- a/libavformat/iss.c
+++ b/libavformat/iss.c
@@ -76,14 +76,23 @@ static av_cold int iss_read_header(AVFormatContext *s)
 
     get_token(pb, token, sizeof(token)); //"IMA_ADPCM_Sound"
     get_token(pb, token, sizeof(token)); //packet size
-    sscanf(token, "%d", &iss->packet_size);
+    if (sscanf(token, "%d", &iss->packet_size) != 1) {
+        av_log(s, AV_LOG_ERROR, "Failed parsing packet size\n");
+        return AVERROR_INVALIDDATA;
+    }
     get_token(pb, token, sizeof(token)); //File ID
     get_token(pb, token, sizeof(token)); //out size
     get_token(pb, token, sizeof(token)); //stereo
-    sscanf(token, "%d", &stereo);
+    if (sscanf(token, "%d", &stereo) != 1) {
+        av_log(s, AV_LOG_ERROR, "Failed parsing stereo flag\n");
+        return AVERROR_INVALIDDATA;
+    }
     get_token(pb, token, sizeof(token)); //Unknown1
     get_token(pb, token, sizeof(token)); //RateDivisor
-    sscanf(token, "%d", &rate_divisor);
+    if (sscanf(token, "%d", &rate_divisor) != 1) {
+        av_log(s, AV_LOG_ERROR, "Failed parsing rate_divisor\n");
+        return AVERROR_INVALIDDATA;
+    }
     get_token(pb, token, sizeof(token)); //Unknown2
     get_token(pb, token, sizeof(token)); //Version ID
     get_token(pb, token, sizeof(token)); //Size
author	Michael Niedermayer <michaelni@gmx.at>	2013-12-23 00:17:52 +0100
committer	Michael Niedermayer <michaelni@gmx.at>	2013-12-23 16:28:44 +0100
commit	5c3079aaa94ba8140fc727b5533b75b5b337b2bb (patch)
tree	09a0ef08b78dee01d7f51f2399d131791a7073eb /libavformat/iss.c
parent	6da21c1f8190d674fd1e5619bb148c1bbab8ca3c (diff)
download	ffmpeg-5c3079aaa94ba8140fc727b5533b75b5b337b2bb.tar.gz