avformat/ftp: Fix Out-of-Bounds Access and Information Leak in ftp.c:393
authorWenxiang Qian <leonwxqian@qq.com>
Wed, 13 Feb 2019 07:47:20 +0000 (08:47 +0100)
committerMichael Niedermayer <michael@niedermayer.cc>
Sun, 24 Mar 2019 09:38:51 +0000 (10:38 +0100)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a142ffdcaec06fcbf7d4b00dbb0e5ddfb9e3344d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavformat/ftp.c

index 9aa7a45..7b3c860 100644 (file)
@@ -389,7 +389,7 @@ static int ftp_file_size(FTPContext *s)
     static const int size_codes[] = {213, 0};
 
     snprintf(command, sizeof(command), "SIZE %s\r\n", s->path);
-    if (ftp_send_command(s, command, size_codes, &res) == 213 && res) {
+    if (ftp_send_command(s, command, size_codes, &res) == 213 && res && strlen(res) > 4) {
         s->filesize = strtoll(&res[4], NULL, 10);
     } else {
         s->filesize = -1;