Context Navigation

Back to Ticket #4888

Ticket #4888: libs_libmythdvdnav_dvd_udf.c-prevent-string-overflow.patch

File libs_libmythdvdnav_dvd_udf.c-prevent-string-overflow.patch, 773 bytes (added by Erik Hovland <erik@…>, 16 years ago)
Switches the function to use strncat instead of strcat to prevent string overflow.

libs/libmythdvdnav/dvd_udf.c

The function UDFFindFile() concatenates to tokenline using the given string

From: Erik Hovland <erik@hovland.org>

filename using strcat w/out checking the length of filename. Changing to
using strncat.
---

 libs/libmythdvdnav/dvd_udf.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libs/libmythdvdnav/dvd_udf.c b/libs/libmythdvdnav/dvd_udf.c
index 003aa8b..2585334 100644

  uint32_t UDFFindFile( dvd_reader_t *device, char *filename,
     *filesize = 0;
     tokenline[0] = '\0';
     strcat( tokenline, filename );
+    strncat( tokenline, filename, MAX_UDF_FILE_NAME_LEN - 1 );
     if(!(GetUDFCache(device, PartitionCache, 0, &partition) &&

Download in other formats:

Original Format