[xiph-cvs] cvs commit: vorbis-tools/oggenc oggenc.c
Michael Smith
msmith at xiph.org
Fri Aug 10 23:27:41 PDT 2001
msmith 01/08/10 23:27:41
Modified: oggenc Tag: tools-pre-rc2 oggenc.c
Log:
Don't overflow buffers in format string name creation code.
Revision Changes Path
No revision
No revision
1.17.2.3 +29 -20 vorbis-tools/oggenc/oggenc.c
Index: oggenc.c
===================================================================
RCS file: /usr/local/cvsroot/vorbis-tools/oggenc/oggenc.c,v
retrieving revision 1.17.2.2
retrieving revision 1.17.2.3
diff -u -r1.17.2.2 -r1.17.2.3
--- oggenc.c 2001/08/10 06:59:13 1.17.2.2
+++ oggenc.c 2001/08/11 06:27:40 1.17.2.3
@@ -116,8 +116,6 @@
char *artist=NULL, *album=NULL, *title=NULL, *track=NULL, *date=NULL;
input_format *format;
-
-
/* Set various encoding defaults */
enc_opts.serialno = opt.serial++;
@@ -352,15 +350,16 @@
char *artist, char *title, char *album, char *track, char *date)
{
char *buffer;
- char *cur;
char next;
-
- buffer = calloc(CHUNK,1);
-
- cur = buffer;
+ int len;
+ char *string;
+ int used=0;
+ int buflen;
+ buffer = calloc(CHUNK+1,1);
+ buflen = CHUNK;
- while(*format)
+ while(*format && used < buflen)
{
next = *format++;
@@ -369,27 +368,37 @@
switch(*format++)
{
case '%':
- *cur++ = '%';
+ *(buffer+(used++)) = '%';
break;
case 'a':
- strcat(buffer, artist?artist:"(none)");
- cur += strlen(artist?artist:"(none)");
+ string = artist?artist:"(none)";
+ len = strlen(string);
+ strncpy(buffer+used, string, buflen-used);
+ used += len;
break;
case 'd':
- strcat(buffer, date?date:"(none)");
- cur += strlen(date?date:"(none)");
+ string = date?date:"(none)";
+ len = strlen(string);
+ strncpy(buffer+used, string, buflen-used);
+ used += len;
break;
case 't':
- strcat(buffer, title?title:"(none)");
- cur += strlen(title?title:"(none)");
+ string = title?title:"(none)";
+ len = strlen(string);
+ strncpy(buffer+used, string, buflen-used);
+ used += len;
break;
case 'l':
- strcat(buffer, album?album:"(none)");
- cur += strlen(album?album:"(none)");
+ string = album?album:"(none)";
+ len = strlen(string);
+ strncpy(buffer+used, string, buflen-used);
+ used += len;
break;
case 'n':
- strcat(buffer, track?track:"(none)");
- cur += strlen(track?track:"(none)");
+ string = track?track:"(none)";
+ len = strlen(string);
+ strncpy(buffer+used, string, buflen-used);
+ used += len;
break;
default:
fprintf(stderr, "WARNING: Ignoring illegal escape character '%c' in name format\n", *(format - 1));
@@ -397,7 +406,7 @@
}
}
else
- *cur++ = next;
+ *(buffer + (used++)) = next;
}
return buffer;
--- >8 ----
List archives: http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to 'cvs-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the commits
mailing list