claunia/flac
1
0
Fork 0
mirror of https://github.com/claunia/flac.git synced 2025-12-16 18:54:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

extra checking on memory allocation sizes to prevent a class of overflow attacks

Browse Source
This commit is contained in:
Josh Coalson
2007-09-11 04:49:56 +00:00
parent 0221d87c89
commit 0f008d2e9e
26 changed files with 234 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/plugin_xmms/plugin.c
View File

@@ -400,8 +400,13 @@ void FLAC_XMMS__get_song_info(char *filename, char **title, int *length_in_msec)
if(title) {
if (!is_http_source(filename)) {
static const char *errtitle = "Invalid FLAC File: ";
*title = g_malloc(strlen(errtitle) + 1 + strlen(filename) + 1 + 1);
sprintf(*title, "%s\"%s\"", errtitle, filename);
if(strlen(errtitle) + 1 + strlen(filename) + 1 + 1 < strlen(filename)) { /* overflow check */
*title = NULL;
}
else {
*title = g_malloc(strlen(errtitle) + 1 + strlen(filename) + 1 + 1);
sprintf(*title, "%s\"%s\"", errtitle, filename);
}
} else {
*title = NULL;
}