[MPlayer-cvslog] r35306 - trunk/stream/stream_cddb.c

reimar subversion at mplayerhq.hu
Wed Oct 31 19:55:33 CET 2012


Author: reimar
Date: Wed Oct 31 19:55:33 2012
New Revision: 35306

Log:
Replace sprintf with snprintf.

To my knowledge the only "real" issue this fixes
is that setting certain environment variables to
very long strings might have caused overflows.

Modified:
   trunk/stream/stream_cddb.c

Modified: trunk/stream/stream_cddb.c
==============================================================================
--- trunk/stream/stream_cddb.c	Wed Oct 31 05:41:32 2012	(r35305)
+++ trunk/stream/stream_cddb.c	Wed Oct 31 19:55:33 2012	(r35306)
@@ -111,7 +111,7 @@ static int read_toc(const char *dev)
     CDROM_TOC toc;
     char device[10];
 
-    sprintf(device, "\\\\.\\%s", dev);
+    snprintf(device, sizeof(device), "\\\\.\\%s", dev);
     drive = CreateFile(device, GENERIC_READ, FILE_SHARE_READ, NULL,
                        OPEN_EXISTING, 0, 0);
 
@@ -383,7 +383,7 @@ static int cddb_http_request(char *comma
     if (reply_parser == NULL || command == NULL || cddb_data == NULL)
         return -1;
 
-    sprintf(request, "http://%s/~cddb/cddb.cgi?cmd=%s%s&proto=%d",
+    snprintf(request, sizeof(request), "http://%s/~cddb/cddb.cgi?cmd=%s%s&proto=%d",
             cddb_data->freedb_server, command, cddb_data->cddb_hello,
             cddb_data->freedb_proto_level);
     mp_msg(MSGT_OPEN, MSGL_INFO,"Request[%s]\n", request);
@@ -438,7 +438,7 @@ static int cddb_read_cache(cddb_data_t *
     if (cddb_data == NULL || cddb_data->cache_dir == NULL)
         return -1;
 
-    sprintf(file_name, "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
+    snprintf(file_name, sizeof(file_name), "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
 
     file_fd = open(file_name, O_RDONLY | O_BINARY);
     if (file_fd < 0) {
@@ -503,7 +503,7 @@ static int cddb_write_cache(cddb_data_t 
         }
     }
 
-    sprintf(file_name, "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
+    snprintf(file_name, sizeof(file_name), "%s%08lx", cddb_data->cache_dir, cddb_data->disc_id);
 
     file_fd = creat(file_name, S_IRUSR | S_IWUSR);
     if (file_fd < 0) {
@@ -590,7 +590,7 @@ static int cddb_read_parse(HTTP_header_t
 static int cddb_request_titles(cddb_data_t *cddb_data)
 {
     char command[1024];
-    sprintf(command, "cddb+read+%s+%08lx",
+    snprintf(command, sizeof(command), "cddb+read+%s+%08lx",
             cddb_data->category, cddb_data->disc_id);
     return cddb_http_request(command, cddb_read_parse, cddb_data);
 }
@@ -757,7 +757,8 @@ static void cddb_create_hello(cddb_data_
         }
         user_name = getenv("LOGNAME");
     }
-    sprintf(cddb_data->cddb_hello, "&hello=%s+%s+%s",
+    snprintf(cddb_data->cddb_hello, sizeof(cddb_data->cddb_hello),
+            "&hello=%s+%s+%s",
             user_name, host_name, mplayer_version);
 }
 
@@ -770,8 +771,9 @@ static int cddb_retrieve(cddb_data_t *cd
 
     ptr = offsets;
     for (i = 0; i < cddb_data->tracks ; i++) {
-        ptr += sprintf(ptr, "%d+", cdtoc[i].frame);
-        if (ptr-offsets > sizeof offsets - 40) break;
+        unsigned space = sizeof(offsets) - (ptr - offsets);
+        if (space < 40) break;
+        ptr += snprintf(ptr, space, "%d+", cdtoc[i].frame);
     }
     ptr[0] = 0;
     time_len = (cdtoc[cddb_data->tracks].frame)/75;
@@ -787,7 +789,7 @@ static int cddb_retrieve(cddb_data_t *cd
         return -1;
     }
 
-    sprintf(command, "cddb+query+%08lx+%d+%s%d", cddb_data->disc_id,
+    snprintf(command, sizeof(command), "cddb+query+%08lx+%d+%s%d", cddb_data->disc_id,
             cddb_data->tracks, offsets, time_len);
     ret = cddb_http_request(command, cddb_query_parse, cddb_data);
     if (ret < 0)
@@ -838,13 +840,13 @@ int cddb_resolve(const char *dev, char *
     if (home_dir == NULL) {
         cddb_data.cache_dir = NULL;
     } else {
-        cddb_data.cache_dir = malloc(strlen(home_dir)
-                                     + strlen(cddb_cache_dir) + 1);
+        unsigned len = strlen(home_dir) + strlen(cddb_cache_dir) + 1;
+        cddb_data.cache_dir = malloc(len);
         if (cddb_data.cache_dir == NULL) {
             mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_MemAllocFailed);
             return -1;
         }
-        sprintf(cddb_data.cache_dir, "%s%s", home_dir, cddb_cache_dir);
+        snprintf(cddb_data.cache_dir, len, "%s%s", home_dir, cddb_cache_dir);
     }
 
     // Check for a cached file


More information about the MPlayer-cvslog mailing list