[MPlayer-cvslog] r22206 - trunk/stream/freesdp/parser.c
rtogni
subversion at mplayerhq.hu
Sun Feb 11 19:00:06 CET 2007
Author: rtogni
Date: Sun Feb 11 19:00:06 2007
New Revision: 22206
Modified:
trunk/stream/freesdp/parser.c
Log:
strncat() misuses, may have been exploitable.
Reported by Sascha Sommer.
Modified: trunk/stream/freesdp/parser.c
==============================================================================
--- trunk/stream/freesdp/parser.c (original)
+++ trunk/stream/freesdp/parser.c Sun Feb 11 19:00:06 2007
@@ -832,9 +832,9 @@
{
/* ignore unknown attributes, but provide access to them */
*fsdp_buf[1] = '\0';
- strncat (fsdp_buf[1], fsdp_buf[0], MAXLONGFIELDLEN);
- strncat (fsdp_buf[1], ":", MAXLONGFIELDLEN);
- strncat (fsdp_buf[1], longfsdp_buf, MAXLONGFIELDLEN);
+ strncat (fsdp_buf[1], fsdp_buf[0], MAXSHORTFIELDLEN-1);
+ strncat (fsdp_buf[1], ":", MAXSHORTFIELDLEN-strlen(fsdp_buf[1])-1);
+ strncat (fsdp_buf[1], longfsdp_buf, MAXSHORTFIELDLEN-strlen(fsdp_buf[1])-1);
if (NULL == media->unidentified_attributes)
{
media->unidentified_attributes_count = 0;
More information about the MPlayer-cvslog
mailing list