[Mplayer-cvslog] CVS: main/Gui/skin font.c, 1.16, 1.17 skin.c, 1.24, 1.25
Diego Biurrun CVS
syncmail at mplayerhq.hu
Fri Jun 25 18:49:55 CEST 2004
CVS change done by Diego Biurrun CVS
Update of /cvsroot/mplayer/main/Gui/skin
In directory mail:/var2/tmp/cvs-serv17907/Gui/skin
Modified Files:
font.c skin.c
Log Message:
string handling security fixes
patch by Nicholas Kain, Alexander Strasser <eclipse7 at gmx.net>
reviewed by Pontscho, Alex, Rich
Index: font.c
===================================================================
RCS file: /cvsroot/mplayer/main/Gui/skin/font.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- font.c 20 Mar 2003 12:42:15 -0000 1.16
+++ font.c 25 Jun 2004 16:49:52 -0000 1.17
@@ -27,7 +27,7 @@
if ( ( Fonts[id]=calloc( 1,sizeof( bmpFont ) ) ) == NULL ) return -1;
- strcpy( Fonts[id]->name,name );
+ strlcpy( Fonts[id]->name,name,128 ); // FIXME: as defined in font.h
for ( i=0;i<256;i++ )
Fonts[id]->Fnt[i].x=Fonts[id]->Fnt[i].y=Fonts[id]->Fnt[i].sx=Fonts[id]->Fnt[i].sy=-1;
@@ -60,7 +60,8 @@
if ( id < 0 ) return id;
- strcpy( tmp,path ); strcat( tmp,fname ); strcat( tmp,".fnt" );
+ strlcpy( tmp,path,sizeof( tmp ) );
+ strlcat( tmp,fname,sizeof( tmp ) ); strlcat( tmp,".fnt",sizeof( tmp ) );
if ( ( f=fopen( tmp,"rt" ) ) == NULL )
{ free( Fonts[id] ); return -3; }
@@ -93,7 +94,7 @@
{
if ( !strcmp( command,"image" ) )
{
- strcpy( tmp,path ); strcat( tmp,param );
+ strlcpy( tmp,path,sizeof( tmp ) ); strlcat( tmp,param,sizeof( tmp ) );
mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"[font] font imagefile: %s\n",tmp );
if ( skinBPRead( tmp,&Fonts[id]->Bitmap ) ) return -4;
}
Index: skin.c
===================================================================
RCS file: /cvsroot/mplayer/main/Gui/skin/skin.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- skin.c 3 Jun 2003 17:36:25 -0000 1.24
+++ skin.c 25 Jun 2004 16:49:52 -0000 1.25
@@ -116,7 +116,7 @@
{
CHECKDEFLIST( "window" );
- strcpy( window_name,strlower( in ) );
+ strlcpy( window_name,strlower( in ),sizeof( window_name ) );
if ( !strncmp( in,"main",4 ) ) { currSection=&skinAppMPlayer->main; currSubItem=&skinAppMPlayer->NumberOfItems; currSubItems=skinAppMPlayer->Items; }
else if ( !strncmp( in,"sub",3 ) ) currSection=&skinAppMPlayer->sub;
else if ( !strncmp( in,"playbar",7 ) ) { currSection=&skinAppMPlayer->bar; currSubItem=&skinAppMPlayer->NumberOfBarItems; currSubItems=skinAppMPlayer->barItems; }
@@ -147,7 +147,7 @@
defList->main.x=x;
defList->main.y=y;
defList->main.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
if ( skinBPRead( tmp,&defList->main.Bitmap ) ) return 1;
defList->main.width=defList->main.Bitmap.Width;
defList->main.height=defList->main.Bitmap.Height;
@@ -162,7 +162,7 @@
if ( !strcmp( window_name,"sub" ) )
{
defList->sub.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
if ( skinBPRead( tmp,&defList->sub.Bitmap ) ) return 1;
defList->sub.x=x;
defList->sub.y=y;
@@ -179,7 +179,7 @@
{
defList->menuIsPresent=1;
defList->menuBase.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
if ( skinBPRead( tmp,&defList->menuBase.Bitmap ) ) return 1;
defList->menuBase.width=defList->menuBase.Bitmap.Width;
defList->menuBase.height=defList->menuBase.Bitmap.Height;
@@ -197,7 +197,7 @@
defList->bar.x=x;
defList->bar.y=y;
defList->bar.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
if ( skinBPRead( tmp,&defList->bar.Bitmap ) ) return 1;
defList->bar.width=defList->bar.Bitmap.Width;
defList->bar.height=defList->bar.Bitmap.Height;
@@ -268,7 +268,7 @@
currSubItems[ *currSubItem ].Bitmap.Image=NULL;
if ( strcmp( fname,"NULL" ) )
{
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
if ( skinBPRead( tmp,&currSubItems[ *currSubItem ].Bitmap ) ) return 1;
}
@@ -289,7 +289,7 @@
cutItem( in,fname,',',0 );
defList->menuSelected.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp ));
mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"\n[skin] selected: %s\n",fname );
if ( skinBPRead( tmp,&defList->menuSelected.Bitmap ) ) return 1;
defList->menuSelected.width=defList->menuSelected.Bitmap.Width;
@@ -381,14 +381,14 @@
item->Bitmap.Image=NULL;
if ( strcmp( phfname,"NULL" ) )
{
- strcpy( tmp,path ); strcat( tmp,phfname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp ));
if ( skinBPRead( tmp,&item->Bitmap ) ) return 1;
}
item->Mask.Image=NULL;
if ( strcmp( pfname,"NULL" ) )
{
- strcpy( tmp,path ); strcat( tmp,pfname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, pfname, sizeof( tmp ));
if ( skinBPRead( tmp,&item->Mask ) ) return 1;
}
return 0;
@@ -445,7 +445,7 @@
item->Bitmap.Image=NULL;
if ( strcmp( phfname,"NULL" ) )
{
- strcpy( tmp,path ); strcat( tmp,phfname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp ));
if ( skinBPRead( tmp,&item->Bitmap ) ) return 1;
}
return 0;
@@ -655,7 +655,12 @@
FILE * skinFile;
void setname( char * item1, char * item2 )
-{ strcpy( fn,item1 ); strcat( fn,"/" ); strcat( fn,item2 ); strcpy( path,fn ); strcat( path,"/" ); strcat( fn,"/skin" ); }
+{
+ strlcpy(fn, item1, sizeof( fn ));
+ strlcat(fn, "/", sizeof( fn )); strlcat(fn, item2, sizeof( fn ));
+ strlcpy(path, fn, sizeof( path )); strlcat(path, "/", sizeof( path ));
+ strlcat(fn, "/skin", sizeof( fn ));
+}
int skinRead( char * dname )
{
More information about the MPlayer-cvslog
mailing list