mirror of https://github.com/mpv-player/mpv
Prevent possible buffer overflow on album_title[]
Based on a patch by Adam Bozanich abozanich musecurity com git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@25824 b3059339-0415-0410-9bf9-f77b7e298cf2
This commit is contained in:
parent
795973f732
commit
8c3a19d8a8
|
@ -58,6 +58,7 @@
|
||||||
#include "version.h"
|
#include "version.h"
|
||||||
#include "stream.h"
|
#include "stream.h"
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
|
#include "libavutil/intreadwrite.h"
|
||||||
|
|
||||||
#define DEFAULT_FREEDB_SERVER "freedb.freedb.org"
|
#define DEFAULT_FREEDB_SERVER "freedb.freedb.org"
|
||||||
#define DEFAULT_CACHE_DIR "/.cddb/"
|
#define DEFAULT_CACHE_DIR "/.cddb/"
|
||||||
|
@ -503,8 +504,9 @@ cddb_parse_matches_list(HTTP_header_t *http_hdr, cddb_data_t *cddb_data) {
|
||||||
} else {
|
} else {
|
||||||
len = ptr2-ptr+1;
|
len = ptr2-ptr+1;
|
||||||
}
|
}
|
||||||
|
len = FFMIN(sizeof(album_title) - 1, len);
|
||||||
strncpy(album_title, ptr, len);
|
strncpy(album_title, ptr, len);
|
||||||
album_title[len-2]='\0';
|
album_title[len]='\0';
|
||||||
}
|
}
|
||||||
mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title);
|
mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -540,8 +542,9 @@ cddb_query_parse(HTTP_header_t *http_hdr, cddb_data_t *cddb_data) {
|
||||||
} else {
|
} else {
|
||||||
len = ptr2-ptr+1;
|
len = ptr2-ptr+1;
|
||||||
}
|
}
|
||||||
|
len = FFMIN(sizeof(album_title) - 1, len);
|
||||||
strncpy(album_title, ptr, len);
|
strncpy(album_title, ptr, len);
|
||||||
album_title[len-2]='\0';
|
album_title[len]='\0';
|
||||||
}
|
}
|
||||||
mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title);
|
mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title);
|
||||||
return cddb_request_titles(cddb_data);
|
return cddb_request_titles(cddb_data);
|
||||||
|
|
Loading…
Reference in New Issue