Summary:
As 'flags' can be supplied by application, in case application is supplying
a big string(error case), it can cause crash in some version of glibc.
Setting maximum possible input (0x64) length as width specifier
Fix for static code analyzer warnings
- scanf without field width limits can crash with huge input data on some versions of libc
Signed-off-by: Godly T.Alias <godlytalias@yahoo.co.in>
Test Plan: Run SonarQube
Reviewers: cedric, raster, Princekrdubey, rajeshps
Reviewed By: cedric
Subscribers: jpeg
Differential Revision: https://phab.enlightenment.org/D5266
Signed-off-by: Cedric BAIL <cedric@osg.samsung.com>
{
pp = strchr(p, ' ');
if (pp) *pp = 0;
- sscanf(p, "quality=%i", &quality);
- sscanf(p, "compress=%i", &compress);
+ sscanf(p, "quality=%4i", &quality);
+ sscanf(p, "compress=%4i", &compress);
sscanf(p, "encoding=%ms", &encoding);
if (pp) p = pp + 1;
else break;