[vlc-commits] bluray: Fix potential buffer overflow when reading mount points
David Fuhrmann
git at videolan.org
Wed May 13 19:30:34 CEST 2020
vlc/vlc-3.0 | branch: master | David Fuhrmann <dfuhrmann at videolan.org> | Wed May 6 20:35:22 2020 +0200| [a9a75ea81d70d977dfc5e1ea68bf1efa56ca78ab] | committer: David Fuhrmann
bluray: Fix potential buffer overflow when reading mount points
Avoid overflow when more than 128 mount points exist on the system.
(cherry picked from commit 2b697ae12898316af895a0a1e2285a70a49ea085)
Signed-off-by: David Fuhrmann <dfuhrmann at videolan.org>
> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=a9a75ea81d70d977dfc5e1ea68bf1efa56ca78ab
---
modules/access/bluray.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/modules/access/bluray.c b/modules/access/bluray.c
index dff49e4a38..10be6cbf27 100644
--- a/modules/access/bluray.c
+++ b/modules/access/bluray.c
@@ -435,14 +435,18 @@ static void FindMountPoint(char **file)
if (!stat (device, &st) && S_ISBLK (st.st_mode)) {
int fs_count = getfsstat (NULL, 0, MNT_NOWAIT);
if (fs_count > 0) {
- struct statfs mbuf[128];
- getfsstat (mbuf, fs_count * sizeof(mbuf[0]), MNT_NOWAIT);
+ int bufSize = fs_count * sizeof (struct statfs);
+ struct statfs* mbuf = malloc(bufSize);
+ getfsstat (mbuf, bufSize, MNT_NOWAIT);
for (int i = 0; i < fs_count; ++i)
if (!strcmp (mbuf[i].f_mntfromname, device)) {
free(device);
*file = strdup(mbuf[i].f_mntonname);
+ free(mbuf);
return;
}
+
+ free(mbuf);
}
}
#else
More information about the vlc-commits
mailing list