From 76cb85c05677e4ac2669dea5af1be9a05cbc17bb Mon Sep 17 00:00:00 2001 From: reimar Date: Wed, 2 Sep 2009 19:49:10 +0000 Subject: [PATCH] Limit amount of data allocated on stack, strlen(filename) is not a good idea for file name strings that might come from arbitrary playlists, use PATH_MAX instead. git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@29636 b3059339-0415-0410-9bf9-f77b7e298cf2 --- mplayer.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/mplayer.c b/mplayer.c index 0a96d2f905..b0bec7a87b 100644 --- a/mplayer.c +++ b/mplayer.c @@ -931,9 +931,13 @@ static int try_load_config(m_config_t *conf, const char *file) static void load_per_file_config (m_config_t* conf, const char *const file) { char *confpath; - char cfg[strlen(file)+10]; + char cfg[PATH_MAX]; char *name; + if (strlen(file) > PATH_MAX - 14) { + mp_msg(MSGT_CPLAYER, MSGL_WARN, "Filename is too long, can not load file or directory specific config files\n"); + return; + } sprintf (cfg, "%s.conf", file); name = strrchr(cfg, '/'); @@ -951,7 +955,7 @@ static void load_per_file_config (m_config_t* conf, const char *const file) name++; if (use_filedir_conf) { - char dircfg[strlen(file)+14]; + char dircfg[PATH_MAX]; strcpy(dircfg, cfg); strcpy(dircfg + (name - cfg), "mplayer.conf"); try_load_config(conf, dircfg);