diff options
author | reimar <reimar@b3059339-0415-0410-9bf9-f77b7e298cf2> | 2009-09-02 19:49:10 +0000 |
---|---|---|
committer | reimar <reimar@b3059339-0415-0410-9bf9-f77b7e298cf2> | 2009-09-02 19:49:10 +0000 |
commit | 76cb85c05677e4ac2669dea5af1be9a05cbc17bb (patch) | |
tree | 11c39135c7830773c4658fa13c065effbcf8d70f /mplayer.c | |
parent | 8eaac761417661ed0939181f1d354a0bb00106fa (diff) | |
download | mpv-76cb85c05677e4ac2669dea5af1be9a05cbc17bb.tar.bz2 mpv-76cb85c05677e4ac2669dea5af1be9a05cbc17bb.tar.xz |
Limit amount of data allocated on stack, strlen(filename) is not a good idea for
file name strings that might come from arbitrary playlists, use PATH_MAX instead.
git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@29636 b3059339-0415-0410-9bf9-f77b7e298cf2
Diffstat (limited to 'mplayer.c')
-rw-r--r-- | mplayer.c | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -931,9 +931,13 @@ static int try_load_config(m_config_t *conf, const char *file) static void load_per_file_config (m_config_t* conf, const char *const file) { char *confpath; - char cfg[strlen(file)+10]; + char cfg[PATH_MAX]; char *name; + if (strlen(file) > PATH_MAX - 14) { + mp_msg(MSGT_CPLAYER, MSGL_WARN, "Filename is too long, can not load file or directory specific config files\n"); + return; + } sprintf (cfg, "%s.conf", file); name = strrchr(cfg, '/'); @@ -951,7 +955,7 @@ static void load_per_file_config (m_config_t* conf, const char *const file) name++; if (use_filedir_conf) { - char dircfg[strlen(file)+14]; + char dircfg[PATH_MAX]; strcpy(dircfg, cfg); strcpy(dircfg + (name - cfg), "mplayer.conf"); try_load_config(conf, dircfg); |