From e418c1e04f612664164841c297ddb97a0f3135bf Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Thu, 8 Feb 2007 02:40:22 +0000 Subject: Remove any possibility of strcpy/sprintf overflows wrt front ends requesting language & subtitle strings (given a buffer of >= XINE_LANG_MAX bytes). Also fixes an off-by-one buffer termination in the TS code. (Note: compile-tested only.) CVS patchset: 8592 CVS date: 2007/02/08 02:40:22 --- src/input/vcd/xineplug_inp_vcd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/input/vcd') diff --git a/src/input/vcd/xineplug_inp_vcd.c b/src/input/vcd/xineplug_inp_vcd.c index 87b442acd..920b5c1d8 100644 --- a/src/input/vcd/xineplug_inp_vcd.c +++ b/src/input/vcd/xineplug_inp_vcd.c @@ -1,5 +1,5 @@ /* - $Id: xineplug_inp_vcd.c,v 1.52 2006/12/19 19:10:51 dsalt Exp $ + $Id: xineplug_inp_vcd.c,v 1.53 2007/02/08 02:40:23 dsalt Exp $ Copyright (C) 2002, 2003, 2004, 2005 Rocky Bernstein @@ -1295,7 +1295,7 @@ vcd_get_optional_data (input_plugin_t *this_gen, dbg_print(INPUT_DBG_EXT, "AUDIO CHANNEL = %d\n", channel); if (channel == (uint8_t)-1) { - sprintf(data, " %s", "auto"); + strcpy(data, "auto"); } else { const vcdinfo_obj_t *p_vcdinfo= my_vcd.player.vcd; unsigned int audio_type; @@ -1320,9 +1320,9 @@ vcd_get_optional_data (input_plugin_t *this_gen, channel = (int8_t) _x_get_spu_channel(my_vcd.stream); dbg_print(INPUT_DBG_EXT, "SPU CHANNEL = %d\n", channel); if (-1 == channel) { - sprintf(data, " %s", "auto"); + strcpy(data, "auto"); } else { - sprintf(data, " %1d", channel); + sprintf(data, "%1d", channel); } } -- cgit v1.2.3