[vlc-commits] ftp: fix scan string injection

Rémi Denis-Courmont git at videolan.org
Thu Sep 15 13:12:06 CEST 2016


vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Thu Sep 15 14:11:42 2016 +0300| [09a26099cfd8d708d40127d4faa64ade01f36775] | committer: Rémi Denis-Courmont

ftp: fix scan string injection

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=09a26099cfd8d708d40127d4faa64ade01f36775
---

 modules/access/ftp.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/modules/access/ftp.c b/modules/access/ftp.c
index ba2859d..c30fa46 100644
--- a/modules/access/ftp.c
+++ b/modules/access/ftp.c
@@ -1078,10 +1078,7 @@ static int ftp_StartStream( vlc_object_t *p_access, access_sys_t *p_sys,
 
     if( *psz_ip )
     {
-        char psz_fmt[7] = "(|||%u";
-        psz_fmt[1] = psz_fmt[2] = psz_fmt[3] = psz_parser[1];
-
-        if( sscanf( psz_parser, psz_fmt, &i_port ) < 1 )
+        if( sscanf( psz_parser, "(%*3c%u", &i_port ) < 1 )
         {
             free( psz_arg );
             msg_Err( p_access, "cannot parse passive mode response" );



More information about the vlc-commits mailing list