From 30a4ad82e91c8f24a636caace9dad0d4988f5002 Mon Sep 17 00:00:00 2001 From: John Stebbins Date: Mon, 11 Feb 2019 08:04:24 -0700 Subject: [PATCH] scan: fix potential buffer overflow in sprintf Use snprintf (cherry picked from commit 67299770c013120ffdc4d86daffc9c48691ab802) --- libhb/scan.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/libhb/scan.c b/libhb/scan.c index a6c5d2eae..84566558f 100644 --- a/libhb/scan.c +++ b/libhb/scan.c @@ -1298,21 +1298,20 @@ static void LookForAudio(hb_scan_t *scan, hb_title_t * title, hb_buffer_t * b) break; } } - if (codec_name != NULL && profile_name != NULL) { - sprintf(audio->config.lang.description, "%s (%s %s)", - audio->config.lang.simple, codec_name, profile_name); + snprintf(audio->config.lang.description, sizeof(audio->config.lang.description), + "%s (%s %s)", audio->config.lang.simple, codec_name, profile_name); } else if (codec_name != NULL) { - sprintf(audio->config.lang.description, "%s (%s)", - audio->config.lang.simple, codec_name); + snprintf(audio->config.lang.description, sizeof(audio->config.lang.description), + "%s (%s)", audio->config.lang.simple, codec_name); } else if (profile_name != NULL) { - sprintf(audio->config.lang.description, "%s (%s)", - audio->config.lang.simple, profile_name); + snprintf(audio->config.lang.description, sizeof(audio->config.lang.description), + "%s (%s)", audio->config.lang.simple, profile_name); } if (audio->config.lang.attributes & HB_AUDIO_ATTR_VISUALLY_IMPAIRED) -- 2.40.0