mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-10-08 03:32:18 +00:00
Code Issues 1 Projects Releases Wiki Activity

flacenc: avoid potential string overflow

Browse source 
We don't necessarily have full control over the input tags, so
it's possible that the ISRC tag contains a longer string than
expected, in which case we'd write over the end of the static-size
13 byte buffer that is FLAC__StreamMetadata_CueSheet_Track::isrc.
Make sure to only copy the ISRC if it's not too long, and make
sure the buffer we write to is always NUL-terminated by using
g_strlcpy().

CID 1324931.
This commit is contained in:
Tim-Philipp Müller 2015-09-28 20:25:22 +01:00
parent 1cd4baa16a
commit 6c09710292
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ext/flac/gstflacenc.c
View file

@ -528,8 +528,8 @@ add_cuesheet (const GstToc * toc, guint sample_rate,
(FLAC__uint64) gst_util_uint64_scale_round (start, sample_rate,
GST_SECOND);
track->number = (FLAC__byte) track_num + 1;
if (isrc)
strcpy (track->isrc, isrc);
if (isrc != NULL && strlen (isrc) <= 12)
g_strlcpy (track->isrc, isrc, 13);
if (track->number <= 0)
return FALSE;
if (!FLAC__metadata_object_cuesheet_insert_track (cuesheet, track_num,