jp3d/jpwl convert: fix write stack buffer overflow

Missing buffer length formatter in fscanf call might lead to write stack buffer overflow. fixes #1044 (CVE-2017-17480)
author: Hugo Lefeuvre <hle@debian.org> 2018-10-22 16:59:41 +0200
committer: Hugo Lefeuvre <hle@debian.org> 2018-11-01 09:05:26 +0100
commit: 0bc90e4062a5f9258c91eca018c019b179066c62 (patch)
tree: 2e1cc6c8732e3787244c47a3a2ab6944cc34ced1 /src/bin/jpwl
parent: 0e6a5553cfef21b764d289585af2c6934a95456b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bin/jpwl/convert.c b/src/bin/jpwl/convert.c
index f3bb670b..73c1be72 100644
--- a/src/bin/jpwl/convert.c
+++ b/src/bin/jpwl/convert.c
@@ -1349,7 +1349,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters)
     }
 
     fseek(f, 0, SEEK_SET);
-    if (fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d", temp, &endian1,
+    if (fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d", temp, &endian1,
                &endian2, signtmp, &prec, temp, &w, temp, &h) != 9) {
         fprintf(stderr,
                 "ERROR: Failed to read the right number of element from the fscanf() function!\n");
author	Hugo Lefeuvre <hle@debian.org>	2018-10-22 16:59:41 +0200
committer	Hugo Lefeuvre <hle@debian.org>	2018-11-01 09:05:26 +0100
commit	0bc90e4062a5f9258c91eca018c019b179066c62 (patch)
tree	2e1cc6c8732e3787244c47a3a2ab6944cc34ced1 /src/bin/jpwl
parent	0e6a5553cfef21b764d289585af2c6934a95456b (diff)