[vlc-devel] commit: Fix potential buffer overflow (CID 191) ( Rémi Duraffort )
git version control
git at videolan.org
Fri Oct 10 23:20:30 CEST 2008
vlc | branch: 0.9-bugfix | Rémi Duraffort <ivoire at videolan.org> | Fri Oct 10 21:41:54 2008 +0200| [d7ab4f734dbf41cad172ecf8c671c8c97fb64b4a] | committer: Derk-Jan Hartman
Fix potential buffer overflow (CID 191)
(cherry picked from commit 356fafa5164defa5ed37f2c6b2e673249e4890f6)
Signed-off-by: Derk-Jan Hartman <hartman at videolan.org>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=d7ab4f734dbf41cad172ecf8c671c8c97fb64b4a
---
modules/misc/osd/simple.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/modules/misc/osd/simple.c b/modules/misc/osd/simple.c
index 938fb06..f17ebaf 100644
--- a/modules/misc/osd/simple.c
+++ b/modules/misc/osd/simple.c
@@ -93,8 +93,11 @@ int osd_parser_simpleOpen( vlc_object_t *p_this )
/* NULL terminate before asking the length of path[] */
path[PATH_MAX-1] = '\0';
i_len = strlen(&path[0]);
- if( i_len == PATH_MAX )
- i_len--; /* truncate to prevent buffer overflow */
+ /* Protect against buffer overflow:
+ * max index is PATH_MAX-1 and we increment by 1 after
+ * so PATH_MAX-2 is the bigest we can have */
+ if( i_len > PATH_MAX - 2 )
+ i_len = PATH_MAX - 2;
#if defined(WIN32) || defined(UNDER_CE)
if( (i_len > 0) && path[i_len] != '\\' )
path[i_len] = '\\';
More information about the vlc-devel
mailing list