Found a code security issue in function “encode_load_input_images”

[xiaolian8325]

hi，

issue

the function snprintf use an external and controllable argument like argv[0], that is very dangerous. Because the argument is just a format string, it contains some symbols as %n %p %s are very dangerous. The user can read or write the stack segment by using them.

code

             snprintf(filename,maxlength,argv[0],framecounter);
             if (!file_exists(filename)) {
                stop_searching++;
                continue;
             }

example

use the command ./flif -e sig%s.%s.png test.flif the error will be Segmentation fault

thanks for your time.

from: Eagleye team Cheng Renfeng. Zhou Kai. Cheng Xiaoyan.