mirror of
https://gitlab.freedesktop.org/gstreamer/gstreamer.git
synced 2024-12-24 01:00:37 +00:00
flacenc: avoid potential string overflow
We don't necessarily have full control over the input tags, so it's possible that the ISRC tag contains a longer string than expected, in which case we'd write over the end of the static-size 13 byte buffer that is FLAC__StreamMetadata_CueSheet_Track::isrc. Make sure to only copy the ISRC if it's not too long, and make sure the buffer we write to is always NUL-terminated by using g_strlcpy(). CID 1324931.
This commit is contained in:
parent
1cd4baa16a
commit
6c09710292
1 changed files with 2 additions and 2 deletions
|
@ -528,8 +528,8 @@ add_cuesheet (const GstToc * toc, guint sample_rate,
|
|||
(FLAC__uint64) gst_util_uint64_scale_round (start, sample_rate,
|
||||
GST_SECOND);
|
||||
track->number = (FLAC__byte) track_num + 1;
|
||||
if (isrc)
|
||||
strcpy (track->isrc, isrc);
|
||||
if (isrc != NULL && strlen (isrc) <= 12)
|
||||
g_strlcpy (track->isrc, isrc, 13);
|
||||
if (track->number <= 0)
|
||||
return FALSE;
|
||||
if (!FLAC__metadata_object_cuesheet_insert_track (cuesheet, track_num,
|
||||
|
|
Loading…
Reference in a new issue