Opened 12 years ago

Closed 12 years ago

#4888 closed defect (fixed)

UDFFindFile uses strcat with a source string that can be larger then the destination string

Reported by: Erik Hovland <erik@…> Owned by: Isaac Richards
Priority: minor Milestone: unknown
Component: mythtv Version: head
Severity: low Keywords:
Cc: Ticket locked: no

Description

The function UDFFindFile() uses strcat:

    strcat( tokenline, filename );

While filename can have any length, overrunning tokenline.

Attachments (1)

libs_libmythdvdnav_dvd_udf.c-prevent-string-overflow.patch (773 bytes) - added by Erik Hovland <erik@…> 12 years ago.
Switches the function to use strncat instead of strcat to prevent string overflow.

Download all attachments as: .zip

Change History (2)

Changed 12 years ago by Erik Hovland <erik@…>

Switches the function to use strncat instead of strcat to prevent string overflow.

comment:1 Changed 12 years ago by danielk

Resolution: fixed
Status: newclosed

(In [17209]) Fixes #4888. Use strncat instead of strcat to avoid possible buffer overrun.

Note: See TracTickets for help on using tickets.