mirror of https://github.com/mpv-player/mpv
stream_cddb: replace sprintf with snprintf
Replace sprintf with snprintf. To my knowledge the only "real" issue this fixes is that setting certain environment variables to very long strings might have caused overflows. git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@35306 b3059339-0415-0410-9bf9-f77b7e298cf2
This commit is contained in:
reimar
wm4
parent
a169aa6364
commit
7d5a6b9b02
|
|
@ -106,7 +106,7 @@ static int read_toc(const char *dev)
|
||||||
CDROM_TOC toc;
|
CDROM_TOC toc;
|
||||||
char device[10];
|
char device[10];
|
||||||
|
|
||||||
sprintf(device, "\\\\.\\%s", dev);
|
snprintf(device, sizeof(device), "\\\\.\\%s", dev);
|
||||||
drive = CreateFile(device, GENERIC_READ, FILE_SHARE_READ, NULL,
|
drive = CreateFile(device, GENERIC_READ, FILE_SHARE_READ, NULL,
|
||||||
OPEN_EXISTING, 0, 0);
|
OPEN_EXISTING, 0, 0);
|
||||||
|
|
||||||
|
|
@ -305,7 +305,7 @@ static int cddb_http_request(char *command,
|
||||||
if (reply_parser == NULL || command == NULL || cddb_data == NULL)
|
if (reply_parser == NULL || command == NULL || cddb_data == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
sprintf(request, "http://%s/~cddb/cddb.cgi?cmd=%s%s&proto=%d",
|
snprintf(request, sizeof(request), "http://%s/~cddb/cddb.cgi?cmd=%s%s&proto=%d",
|
||||||
cddb_data->freedb_server, command, cddb_data->cddb_hello,
|
cddb_data->freedb_server, command, cddb_data->cddb_hello,
|
||||||
cddb_data->freedb_proto_level);
|
cddb_data->freedb_proto_level);
|
||||||
mp_msg(MSGT_OPEN, MSGL_INFO,"Request[%s]\n", request);
|
mp_msg(MSGT_OPEN, MSGL_INFO,"Request[%s]\n", request);
|
||||||
|
|
@ -358,7 +358,7 @@ static int cddb_read_cache(cddb_data_t *cddb_data)
|
||||||
if (cddb_data == NULL || cddb_data->cache_dir == NULL)
|
if (cddb_data == NULL || cddb_data->cache_dir == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
sprintf(file_name, "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
|
snprintf(file_name, sizeof(file_name), "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
|
||||||
|
|
||||||
file_fd = open(file_name, O_RDONLY | O_BINARY);
|
file_fd = open(file_name, O_RDONLY | O_BINARY);
|
||||||
if (file_fd < 0) {
|
if (file_fd < 0) {
|
||||||
|
|
@ -419,7 +419,7 @@ static int cddb_write_cache(cddb_data_t *cddb_data)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(file_name, "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
|
snprintf(file_name, sizeof(file_name), "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
|
||||||
|
|
||||||
file_fd = creat(file_name, S_IRUSR | S_IWUSR);
|
file_fd = creat(file_name, S_IRUSR | S_IWUSR);
|
||||||
if (file_fd < 0) {
|
if (file_fd < 0) {
|
||||||
|
|
@ -506,7 +506,7 @@ static int cddb_read_parse(HTTP_header_t *http_hdr, cddb_data_t *cddb_data)
|
||||||
static int cddb_request_titles(cddb_data_t *cddb_data)
|
static int cddb_request_titles(cddb_data_t *cddb_data)
|
||||||
{
|
{
|
||||||
char command[1024];
|
char command[1024];
|
||||||
sprintf(command, "cddb+read+%s+%08lx",
|
snprintf(command, sizeof(command), "cddb+read+%s+%08lx",
|
||||||
cddb_data->category, cddb_data->disc_id);
|
cddb_data->category, cddb_data->disc_id);
|
||||||
return cddb_http_request(command, cddb_read_parse, cddb_data);
|
return cddb_http_request(command, cddb_read_parse, cddb_data);
|
||||||
}
|
}
|
||||||
|
|
@ -671,7 +671,8 @@ static void cddb_create_hello(cddb_data_t *cddb_data)
|
||||||
}
|
}
|
||||||
user_name = getenv("LOGNAME");
|
user_name = getenv("LOGNAME");
|
||||||
}
|
}
|
||||||
sprintf(cddb_data->cddb_hello, "&hello=%s+%s+%s",
|
snprintf(cddb_data->cddb_hello, sizeof(cddb_data->cddb_hello),
|
||||||
|
"&hello=%s+%s+%s",
|
||||||
user_name, host_name, mplayer_version);
|
user_name, host_name, mplayer_version);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -684,8 +685,9 @@ static int cddb_retrieve(cddb_data_t *cddb_data)
|
||||||
|
|
||||||
ptr = offsets;
|
ptr = offsets;
|
||||||
for (i = 0; i < cddb_data->tracks ; i++) {
|
for (i = 0; i < cddb_data->tracks ; i++) {
|
||||||
ptr += sprintf(ptr, "%d+", cdtoc[i].frame);
|
unsigned space = sizeof(offsets) - (ptr - offsets);
|
||||||
if (ptr-offsets > sizeof offsets - 40) break;
|
if (space < 40) break;
|
||||||
|
ptr += snprintf(ptr, space, "%d+", cdtoc[i].frame);
|
||||||
}
|
}
|
||||||
ptr[0] = 0;
|
ptr[0] = 0;
|
||||||
time_len = (cdtoc[cddb_data->tracks].frame)/75;
|
time_len = (cdtoc[cddb_data->tracks].frame)/75;
|
||||||
|
|
@ -700,7 +702,7 @@ static int cddb_retrieve(cddb_data_t *cddb_data)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(command, "cddb+query+%08lx+%d+%s%d", cddb_data->disc_id,
|
snprintf(command, sizeof(command), "cddb+query+%08lx+%d+%s%d", cddb_data->disc_id,
|
||||||
cddb_data->tracks, offsets, time_len);
|
cddb_data->tracks, offsets, time_len);
|
||||||
ret = cddb_http_request(command, cddb_query_parse, cddb_data);
|
ret = cddb_http_request(command, cddb_query_parse, cddb_data);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
|
|
@ -750,13 +752,13 @@ int cddb_resolve(const char *dev, char **xmcd_file)
|
||||||
if (home_dir == NULL) {
|
if (home_dir == NULL) {
|
||||||
cddb_data.cache_dir = NULL;
|
cddb_data.cache_dir = NULL;
|
||||||
} else {
|
} else {
|
||||||
cddb_data.cache_dir = malloc(strlen(home_dir)
|
unsigned len = strlen(home_dir) + strlen(cddb_cache_dir) + 1;
|
||||||
+ strlen(cddb_cache_dir) + 1);
|
cddb_data.cache_dir = malloc(len);
|
||||||
if (cddb_data.cache_dir == NULL) {
|
if (cddb_data.cache_dir == NULL) {
|
||||||
mp_tmsg(MSGT_DEMUX, MSGL_ERR, "Memory allocation failed.\n");
|
mp_tmsg(MSGT_DEMUX, MSGL_ERR, "Memory allocation failed.\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
sprintf(cddb_data.cache_dir, "%s%s", home_dir, cddb_cache_dir);
|
snprintf(cddb_data.cache_dir, len, "%s%s", home_dir, cddb_cache_dir);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check for a cached file
|
// Check for a cached file
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue