Codebase list faad2 / d562c29
...and fix potential buffer overruns for even longer pathnames. Fabian Greffrath 13 years ago
1 changed file(s) with 51 addition(s) and 3 deletion(s). Raw diff Collapse all Expand all
+51
-3
debian/patches/path_max.patch less more
0 Description: Extend file name buffers for longer path names.
0 Description: Extend file name buffers for longer path names
1 and fix potential buffer overruns for even longer pathnames.
12 Author: Fabian Greffrath <fabian+debian@greffrath.com>
23 Forwarded: menno@audiocoding.com
34
45 --- faad2.orig/frontend/main.c
56 +++ faad2/frontend/main.c
6 @@ -42,6 +42,7 @@
7 @@ -42,6 +42,11 @@
78 #include <stdlib.h>
89 #include <string.h>
910 #include <getopt.h>
1011 +#include <limits.h>
12 +
13 +#ifndef PATH_MAX
14 +#define PATH_MAX 254
15 +#endif
1116
1217 #include <neaacdec.h>
1318 #include <mp4ff.h>
14 @@ -1107,9 +1108,9 @@ int main(int argc, char *argv[])
19 @@ -1107,9 +1112,9 @@ int main(int argc, char *argv[])
1520 int mp4file = 0;
1621 int noGapless = 0;
1722 char *fnp;
2429 unsigned char header[8];
2530 float length = 0;
2631 FILE *hMP4File;
32 @@ -1157,14 +1162,14 @@ int main(int argc, char *argv[])
33 if (optarg)
34 {
35 outfile_set = 1;
36 - strcpy(audioFileName, optarg);
37 + strncpy(audioFileName, optarg, PATH_MAX);
38 }
39 break;
40 case 'a':
41 if (optarg)
42 {
43 adts_out = 1;
44 - strcpy(adtsFileName, optarg);
45 + strncpy(adtsFileName, optarg, PATH_MAX);
46 }
47 break;
48 case 's':
49 @@ -1284,7 +1289,7 @@ int main(int argc, char *argv[])
50 #endif
51
52 /* point to the specified file name */
53 - strcpy(aacFileName, argv[optind]);
54 + strncpy(aacFileName, argv[optind], PATH_MAX);
55
56 #ifdef _WIN32
57 begin = GetTickCount();
58 @@ -1297,14 +1302,14 @@ int main(int argc, char *argv[])
59 */
60 if(!writeToStdio && !outfile_set)
61 {
62 - strcpy(audioFileName, aacFileName);
63 + strncpy(audioFileName, aacFileName, PATH_MAX);
64
65 fnp = (char *)strrchr(audioFileName,'.');
66
67 if (fnp)
68 fnp[0] = '\0';
69
70 - strcat(audioFileName, file_ext[format]);
71 + strncat(audioFileName, file_ext[format], PATH_MAX - sizeof(file_ext[format]));
72 }
73
74 /* check for mp4 file */