diff options
| author | Michael Roitzsch <mroi@users.sourceforge.net> | 2004-07-22 14:15:19 +0000 |
|---|---|---|
| committer | Michael Roitzsch <mroi@users.sourceforge.net> | 2004-07-22 14:15:19 +0000 |
| commit | 3926905111c12a62857712fb4c4db92272a9f3cd (patch) | |
| tree | e825201a2df7a349a71c69d505e3b0cfc92b9cdc | |
| parent | 799b551607ee22196c0599adeceb9d0830e5c910 (diff) | |
| download | xine-lib-3926905111c12a62857712fb4c4db92272a9f3cd.tar.gz xine-lib-3926905111c12a62857712fb4c4db92272a9f3cd.tar.bz2 | |
a broken CD might contain an unterminated label, which would have overrun the
buffer; a label with '%' characters would have lead to a format string attack
Rocky, can you merge this back to libcdio, please?
CVS patchset: 6832
CVS date: 2004/07/22 14:15:19
| -rw-r--r-- | src/input/vcd/libcdio/cd_types.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/input/vcd/libcdio/cd_types.c b/src/input/vcd/libcdio/cd_types.c index 047c8bb63..49ffc79e0 100644 --- a/src/input/vcd/libcdio/cd_types.c +++ b/src/input/vcd/libcdio/cd_types.c @@ -1,5 +1,5 @@ /* - $Id: cd_types.c,v 1.2 2004/04/11 12:20:31 miguelfreitas Exp $ + $Id: cd_types.c,v 1.3 2004/07/22 14:15:19 mroi Exp $ Copyright (C) 2003 Rocky Bernstein <rocky@panix.com> @@ -240,7 +240,7 @@ cdio_guess_cd_type(const CdIo *cdio, int start_session, track_t track_num, else ret = CDIO_FS_ISO_9660; iso_analysis->isofs_size = _cdio_get_iso9660_fs_sec_count(); - sprintf(iso_analysis->iso_label, buffer[0]+40); + snprintf(iso_analysis->iso_label, 33, "%s", buffer[0]+40); #if 0 if (_cdio_is_rockridge()) |