evas: fix for sscanf use with save flags input.

Summary:
As 'flags' can be supplied by application, in case application is supplying
a big string(error case), it can cause crash in some version of glibc.

Setting maximum possible input (0x64) length as width specifier

Fix for static code analyzer warnings
- scanf without field width limits can crash with huge input data on some versions of libc

Signed-off-by: Godly T.Alias <godlytalias@yahoo.co.in>
Test Plan: Run SonarQube

Reviewers: cedric, raster, Princekrdubey, rajeshps

Reviewed By: cedric

Subscribers: jpeg

Differential Revision: https://phab.enlightenment.org/D5266

Signed-off-by: Cedric BAIL <cedric@osg.samsung.com>

diff --git a/src/lib/evas/canvas/evas_object_image.c b/src/lib/evas/canvas/evas_object_image.c
index 9d4ed08..ebdb038 100644 (file)
--- a/src/lib/evas/canvas/evas_object_image.c
+++ b/src/lib/evas/canvas/evas_object_image.c
@@ -900,8 +900,8 @@ _efl_canvas_image_internal_efl_file_save(const Eo *eo_obj, Evas_Image_Data *o, c
           {
              pp = strchr(p, ' ');
              if (pp) *pp = 0;
-             sscanf(p, "quality=%i", &quality);
-             sscanf(p, "compress=%i", &compress);
+             sscanf(p, "quality=%4i", &quality);
+             sscanf(p, "compress=%4i", &compress);
              sscanf(p, "encoding=%ms", &encoding);
              if (pp) p = pp + 1;
              else break;