[CVE-2020-19646] ffmpeg, Out-of-Bounds Read and Information Leak in ftp.c:393
Reported on : 21 Aug 2018 Shipped on : 13 Feb 2019 Type : Out-of-bounds Read In Function : ftp_file_size If the server response data with 213\0, the `filesize` will be a value converted from out side the buffer. And there's a small chance to leak the data, if the heap being reused is containing chars: 0-9,+,-,e since the filesize is used to communicate with server to download later.