flacenc: avoid potential string overflow

We don't necessarily have full control over the input tags, so
it's possible that the ISRC tag contains a longer string than
expected, in which case we'd write over the end of the static-size
13 byte buffer that is FLAC__StreamMetadata_CueSheet_Track::isrc.
Make sure to only copy the ISRC if it's not too long, and make
sure the buffer we write to is always NUL-terminated by using
g_strlcpy().

CID 1324931.
This commit is contained in:
Tim-Philipp Müller 2015-09-28 20:25:22 +01:00
parent 1cd4baa16a
commit 6c09710292

View file

@ -528,8 +528,8 @@ add_cuesheet (const GstToc * toc, guint sample_rate,
(FLAC__uint64) gst_util_uint64_scale_round (start, sample_rate,
GST_SECOND);
track->number = (FLAC__byte) track_num + 1;
if (isrc)
strcpy (track->isrc, isrc);
if (isrc != NULL && strlen (isrc) <= 12)
g_strlcpy (track->isrc, isrc, 13);
if (track->number <= 0)
return FALSE;
if (!FLAC__metadata_object_cuesheet_insert_track (cuesheet, track_num,