claunia/flac
1
0
Fork 0
mirror of https://github.com/claunia/flac.git synced 2025-12-16 18:54:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow by replacing strcpy with memcpy.

Browse Source 
Thanks to Cristian Rodríguez <crrodriguez@opensuse.org> for the
report.
This commit is contained in:
Erik de Castro Lopo
2012-04-05 21:02:40 +10:00
parent 6c2040dc90
commit dff08f1be0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/metaflac/options.c
View File

@@ -1041,7 +1041,7 @@ FLAC__bool parse_block_type(const char *in, Argument_BlockType *out)
out->entries[entry].filter_application_by_id = (0 != r);
if(0 != r) {
if(strlen(r) == 4) {
strcpy(out->entries[entry].application_id, r);
memcpy(out->entries[entry].application_id, r, 4);
}
else if(strlen(r) == 10 && strncmp(r, "0x", 2) == 0 && strspn(r+2, "0123456789ABCDEFabcdef") == 8) {
FLAC__uint32 x = strtoul(r+2, 0, 16);