ardour/ardour
ardour
/
ardour
13
1
Fork 0
Code Pull Requests Releases Activity

AudioClock: avoid sscanf to fixed length buffer 

Ignored strings were scanned to a buffer that potentially could
overflow. There might be hidden invariants that make actual overflow
impossible, but that seems like a fragile defense.

Instead, just *really* ignore them.
This commit is contained in:
Mads Kiilerich 2022-11-13 22:30:46 +01:00
parent c3d4453bdf
commit 1ca64eb8c1
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
gtk2_ardour/audio_clock.cc
View File

@ -2023,10 +2023,9 @@ AudioClock::timecode_validate_edit (const string& str)
{
Timecode::Time TC;
int hours;
char ignored[2];
if (sscanf (str.c_str(), "%[- _]%" PRId32 ":%" PRId32 ":%" PRId32 "%[:;]%" PRId32,
ignored, &hours, &TC.minutes, &TC.seconds, ignored, &TC.frames) != 6) {
if (sscanf (str.c_str(), "%*[- _]%" PRId32 ":%" PRId32 ":%" PRId32 "%*[:;]%" PRId32,
&hours, &TC.minutes, &TC.seconds, &TC.frames) != 4) {
return false;
}
@ -2084,10 +2083,9 @@ AudioClock::samples_from_timecode_string (const string& str) const
Timecode::Time TC;
samplepos_t sample;
char ignored[2];
int hours;
if (sscanf (str.c_str(), "%[- _]%d:%d:%d%[:;]%d", ignored, &hours, &TC.minutes, &TC.seconds, ignored, &TC.frames) != 6) {
if (sscanf (str.c_str(), "%*[- _]%d:%d:%d%*[:;]%d", &hours, &TC.minutes, &TC.seconds, &TC.frames) != 4) {
error << string_compose (_("programming error: %1 %2"), "badly formatted timecode clock string", str) << endmsg;
return 0;
}