[vlc-devel] [PATCH 2/3] Audioscrobbler: Update the scrobbling protocol to the version 2.0.
Samuel Pitoiset
samuel.pitoiset at gmail.com
Wed Mar 7 00:07:57 CET 2012
Hi,
Thanks for the hint. I will correct that.
On Sat, Feb 25, 2012 at 8:36 AM, Ilkka Ollakka <ileoo at videolan.org> wrote:
> On Fri, Feb 24, 2012 at 11:08:19PM +0100, Samuel Pitoiset wrote:
>
> Hi,
>
> Thanks for the patch, one thing that I spotted that is problematic
>
> > --- a/modules/misc/audioscrobbler.c
> > +++ b/modules/misc/audioscrobbler.c
> > @@ -1209,6 +1209,274 @@ static void HandleInterval(mtime_t *next,
> unsigned int *i_interval)
> > +
> > + vlc_mutex_lock(&p_sys->lock);
> > + for (i_song = 0 ; i_song < p_sys->i_songs ; i_song++)
> > + {
> > + audioscrobbler_song_t *p_song = &p_sys->p_queue[i_song];
> > + char psz_key[1204], psz_val[1024];
> > +
> > + /* album */
> > + sprintf(psz_key, "album[%d]", i_song);
> > + sprintf(psz_val, "%s", p_song->psz_b);
>
> I think it would be better to use snprintf here, and is that psz_key
> really 1204 and not 1024? So change all sprintf stuff to snprintf
> or something safer. This is issue if there is song that has metadata
> for example 2000 characters long and you only have 1024 character of
> memory where you write it. Atleast I did not spot any checks for
> p_song->psz_b length limitting in current core.
>
> --
> Ilkka Ollakka
> You will be surprised by a loud noise.
>
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> http://mailman.videolan.org/listinfo/vlc-devel
>
>
--
Best regards,
Samuel Pitoiset.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20120307/49509341/attachment.html>
More information about the vlc-devel
mailing list