diff options
| author | Darren Salt <linux@youmustbejoking.demon.co.uk> | 2007-02-08 02:40:22 +0000 |
|---|---|---|
| committer | Darren Salt <linux@youmustbejoking.demon.co.uk> | 2007-02-08 02:40:22 +0000 |
| commit | e418c1e04f612664164841c297ddb97a0f3135bf (patch) | |
| tree | 8fc36e7a16fd0e482083e45d1ba6d1f3ef1a5742 /src/input | |
| parent | 2e01aa74ccd6a4d559f9b0cea2db95d6ccf7d696 (diff) | |
| download | xine-lib-e418c1e04f612664164841c297ddb97a0f3135bf.tar.gz xine-lib-e418c1e04f612664164841c297ddb97a0f3135bf.tar.bz2 | |
Remove any possibility of strcpy/sprintf overflows wrt front ends requesting
language & subtitle strings (given a buffer of >= XINE_LANG_MAX bytes).
Also fixes an off-by-one buffer termination in the TS code.
(Note: compile-tested only.)
CVS patchset: 8592
CVS date: 2007/02/08 02:40:22
Diffstat (limited to 'src/input')
| -rw-r--r-- | src/input/input_dvd.c | 8 | ||||
| -rw-r--r-- | src/input/vcd/xineplug_inp_vcd.c | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/src/input/input_dvd.c b/src/input/input_dvd.c index c132bdb04..a8100a063 100644 --- a/src/input/input_dvd.c +++ b/src/input/input_dvd.c @@ -18,7 +18,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA * - * $Id: input_dvd.c,v 1.214 2007/01/19 01:05:25 dgp85 Exp $ + * $Id: input_dvd.c,v 1.215 2007/02/08 02:40:23 dsalt Exp $ * */ @@ -1278,7 +1278,7 @@ static int dvd_plugin_get_optional_data (input_plugin_t *this_gen, if(this && this->stream && this->dvdnav) { if(!(dvdnav_is_domain_vts(this->dvdnav))) { - sprintf(data, "%s", "menu"); + strcpy(data, "menu"); if (channel <= 0) return INPUT_OPTIONAL_SUCCESS; else @@ -1297,11 +1297,11 @@ static int dvd_plugin_get_optional_data (input_plugin_t *this_gen, sprintf(data, " %c%c", lang >> 8, lang & 0xff); /* TODO: provide long version in XINE_META_INFO_FULL_LANG */ else - sprintf(data, " %c%c", '?', '?'); + strcpy(data, " ??"); return INPUT_OPTIONAL_SUCCESS; } else { if (channel == -1) { - sprintf(data, "%s", "none"); + strcpy(data, "none"); return INPUT_OPTIONAL_SUCCESS; } } diff --git a/src/input/vcd/xineplug_inp_vcd.c b/src/input/vcd/xineplug_inp_vcd.c index 87b442acd..920b5c1d8 100644 --- a/src/input/vcd/xineplug_inp_vcd.c +++ b/src/input/vcd/xineplug_inp_vcd.c @@ -1,5 +1,5 @@ /* - $Id: xineplug_inp_vcd.c,v 1.52 2006/12/19 19:10:51 dsalt Exp $ + $Id: xineplug_inp_vcd.c,v 1.53 2007/02/08 02:40:23 dsalt Exp $ Copyright (C) 2002, 2003, 2004, 2005 Rocky Bernstein <rocky@panix.com> @@ -1295,7 +1295,7 @@ vcd_get_optional_data (input_plugin_t *this_gen, dbg_print(INPUT_DBG_EXT, "AUDIO CHANNEL = %d\n", channel); if (channel == (uint8_t)-1) { - sprintf(data, " %s", "auto"); + strcpy(data, "auto"); } else { const vcdinfo_obj_t *p_vcdinfo= my_vcd.player.vcd; unsigned int audio_type; @@ -1320,9 +1320,9 @@ vcd_get_optional_data (input_plugin_t *this_gen, channel = (int8_t) _x_get_spu_channel(my_vcd.stream); dbg_print(INPUT_DBG_EXT, "SPU CHANNEL = %d\n", channel); if (-1 == channel) { - sprintf(data, " %s", "auto"); + strcpy(data, "auto"); } else { - sprintf(data, " %1d", channel); + sprintf(data, "%1d", channel); } } |