[MPlayer-dev-eng] [PATCH 1/4] String handling audit/cleanup take 2

Nicholas Kain njkain at gmail.com
Fri Mar 2 23:28:54 CET 2007


On 3/2/07, Nicholas Kain <njkain at gmail.com> wrote:
> I'll attempt to thread the messages beneath this one, barring any smtp delays.

Anything but mutt is a pain...

Patch for the mplayer root directory.
-------------- next part --------------
--- asxparser.c.orig	2007-03-02 02:21:30.000000000 -0500
+++ asxparser.c	2007-03-02 16:08:57.000000000 -0500
@@ -118,13 +118,16 @@ asx_warning_attrib_invalid(ASX_Parser_t*
     len += strlen(ptr[0]);
     len += ((ptr[1] == NULL) ? 4 : 2);
   }
-  str = vals = malloc(len);
-  vals += sprintf(vals,"%s",valid_vals[0]);
+  str = malloc(len);
+  strlcpy(str, valid_vals[0],len);
   for(ptr = valid_vals + 1 ; ptr[0] != NULL ; ptr++) {
-    if(ptr[1] == NULL)
-      vals += sprintf(vals," or %s",ptr[0]);
-    else
-      vals += sprintf(vals,", %s",ptr[0]);
+    if(ptr[1] == NULL) {
+      strlcat(str, " or ", len);
+      strlcat(str, ptr[0], len);
+    } else {
+      strlcat(str, ", ", len);
+      strlcat(str, ptr[0], len);
+    }
   }
   mp_msg(MSGT_PLAYTREE,MSGL_ERR,"at line %d : attribute %s of element %s is invalid (%s). Valid values are %s",
 	      parser->line,attrib,elem,val,str);
@@ -190,8 +193,7 @@ asx_parse_attribs(ASX_Parser_t* parser,c
       }
     }
     attrib = malloc(ptr2-ptr1+2);
-    strncpy(attrib,ptr1,ptr2-ptr1+1);
-    attrib[ptr2-ptr1+1] = '\0';
+    strlcpy(attrib,ptr1,ptr2-ptr1+2);
 
     ptr1 = strchr(ptr3,'"');
     if(ptr1 == NULL || ptr1[1] == '\0') ptr1 = strchr(ptr3,'\'');
@@ -208,8 +210,7 @@ asx_parse_attribs(ASX_Parser_t* parser,c
     }
     ptr1++;
     val = malloc(ptr2-ptr1+1);
-    strncpy(val,ptr1,ptr2-ptr1);
-    val[ptr2-ptr1] = '\0';
+    strlcpy(val,ptr1,ptr2-ptr1+1);
     n_attrib++;
     
     attribs = (char**)realloc(attribs,(2*n_attrib+1)*sizeof(char*));
@@ -323,8 +324,7 @@ asx_get_element(ASX_Parser_t* parser,cha
   }
 
   element = malloc(ptr2-ptr1+1);
-  strncpy(element,ptr1,ptr2-ptr1);
-  element[ptr2-ptr1] = '\0';
+  strlcpy(element,ptr1,ptr2-ptr1+1);
 
   for( ; strchr(SPACE,*ptr2) != NULL; ptr2++) { // Skip space
     if(ptr2[0] == '\0') {
@@ -353,8 +353,7 @@ asx_get_element(ASX_Parser_t* parser,cha
   // Save attribs string
   if(ptr3-ptr2 > 0) {
     attribs = malloc(ptr3-ptr2+1);
-    strncpy(attribs,ptr2,ptr3-ptr2);
-    attribs[ptr3-ptr2] = '\0';
+    strlcpy(attribs,ptr2,ptr3-ptr2+1);
   }
   //bs_line = parser->line;
   if(ptr3[0] != '/') { // Not Self closed element
@@ -412,8 +411,7 @@ asx_get_element(ASX_Parser_t* parser,cha
 	  //}
 	  ptr4++;
 	  body = malloc(ptr4-ptr3+1);
-	  strncpy(body,ptr3,ptr4-ptr3);
-	  body[ptr4-ptr3] = '\0';	  
+	  strlcpy(body,ptr3,ptr4-ptr3+1);
 	}
 	break;
       } else {
--- command.c.orig	2007-03-02 05:32:44.000000000 -0500
+++ command.c	2007-03-02 13:27:51.000000000 -0500
@@ -290,11 +290,11 @@ static int mp_property_length(m_option_t
 	    s -= m * 60;
 	    *(char **) arg = malloc(20);
 	    if (h > 0)
-		sprintf(*(char **) arg, "%d:%02d:%02d", h, m, s);
+		snprintf(*(char **) arg, 20, "%d:%02d:%02d", h, m, s);
 	    else if (m > 0)
-		sprintf(*(char **) arg, "%d:%02d", m, s);
+		snprintf(*(char **) arg, 20, "%d:%02d", m, s);
 	    else
-		sprintf(*(char **) arg, "%d", s);
+		snprintf(*(char **) arg, 20, "%d", s);
 	    return M_PROPERTY_OK;
 	}
 	break;
@@ -472,7 +472,7 @@ static int mp_property_channels(m_option
 	    break;
 	default:
 	    *(char **) arg = malloc(32);
-	    sprintf(*(char **) arg, "%d channels", mpctx->sh_audio->channels);
+	    snprintf(*(char **) arg, 32, "%d channels", mpctx->sh_audio->channels);
 	}
 	return M_PROPERTY_OK;
     }
@@ -857,7 +857,7 @@ static int mp_property_gamma(m_option_t 
     if (mpctx->demuxer->type == DEMUXER_TYPE_TV) {
 	int l = strlen(prop->name);
 	char tv_prop[3 + l + 1];
-	sprintf(tv_prop, "tv_%s", prop->name);
+	snprintf(tv_prop, 3 + l + 1, "tv_%s", prop->name);
 	return mp_property_do(tv_prop, action, arg, mpctx);
     }
 #endif
@@ -973,7 +973,6 @@ static int mp_property_sub(m_option_t * 
 	if (!arg)
 	    return M_PROPERTY_ERROR;
 	*(char **) arg = malloc(64);
-	(*(char **) arg)[63] = 0;
 	sub_name = 0;
 	if (subdata)
 	    sub_name = subdata->filename;
@@ -987,7 +986,7 @@ static int mp_property_sub(m_option_t * 
 	    if ((tmp2 = strrchr(tmp, '/')))
 		tmp = tmp2 + 1;
 
-	    snprintf(*(char **) arg, 63, "(%d) %s%s",
+	    snprintf(*(char **) arg, 64, "(%d) %s%s",
 		     mpctx->set_of_sub_pos + 1,
 		     strlen(tmp) < 20 ? "" : "...",
 		     strlen(tmp) < 20 ? tmp : tmp + strlen(tmp) - 19);
@@ -998,7 +997,7 @@ static int mp_property_sub(m_option_t * 
 	    if (vo_spudec && dvdsub_id >= 0) {
 		unsigned char lang[3];
 		if (dvdnav_lang_from_sid(mpctx->stream, dvdsub_id, lang)) {
-		    snprintf(*(char **) arg, 63, "(%d) %s", dvdsub_id, lang);
+		    snprintf(*(char **) arg, 64, "(%d) %s", dvdsub_id, lang);
 		    return M_PROPERTY_OK;
 		}
 	    }
@@ -1008,7 +1007,7 @@ static int mp_property_sub(m_option_t * 
 	if (mpctx->demuxer->type == DEMUXER_TYPE_MATROSKA && dvdsub_id >= 0) {
 	    char lang[40] = MSGTR_Unknown;
 	    demux_mkv_get_sub_lang(mpctx->demuxer, dvdsub_id, lang, 9);
-	    snprintf(*(char **) arg, 63, "(%d) %s", dvdsub_id, lang);
+	    snprintf(*(char **) arg, 64, "(%d) %s", dvdsub_id, lang);
 	    return M_PROPERTY_OK;
 	}
 #ifdef HAVE_OGGVORBIS
@@ -1016,14 +1015,14 @@ static int mp_property_sub(m_option_t * 
 	    char *lang = demux_ogg_sub_lang(mpctx->demuxer, dvdsub_id);
 	    if (!lang)
 		lang = MSGTR_Unknown;
-	    snprintf(*(char **) arg, 63, "(%d) %s", dvdsub_id, lang);
+	    snprintf(*(char **) arg, 64, "(%d) %s", dvdsub_id, lang);
 	    return M_PROPERTY_OK;
 	}
 #endif
 	if (vo_vobsub && vobsub_id >= 0) {
 	    const char *language = MSGTR_Unknown;
 	    language = vobsub_get_id(vo_vobsub, (unsigned int) vobsub_id);
-	    snprintf(*(char **) arg, 63, "(%d) %s",
+	    snprintf(*(char **) arg, 64, "(%d) %s",
 		     vobsub_id, language ? language : MSGTR_Unknown);
 	    return M_PROPERTY_OK;
 	}
@@ -1035,15 +1034,15 @@ static int mp_property_sub(m_option_t * 
 	    lang[0] = code >> 8;
 	    lang[1] = code;
 	    lang[2] = 0;
-	    snprintf(*(char **) arg, 63, "(%d) %s", dvdsub_id, lang);
+	    snprintf(*(char **) arg, 64, "(%d) %s", dvdsub_id, lang);
 	    return M_PROPERTY_OK;
 	}
 #endif
 	if (dvdsub_id >= 0) {
-	    snprintf(*(char **) arg, 63, "(%d) %s", dvdsub_id, MSGTR_Unknown);
+	    snprintf(*(char **) arg, 64, "(%d) %s", dvdsub_id, MSGTR_Unknown);
 	    return M_PROPERTY_OK;
 	}
-	snprintf(*(char **) arg, 63, MSGTR_Disabled);
+	snprintf(*(char **) arg, 64, MSGTR_Disabled);
 	return M_PROPERTY_OK;
 
     case M_PROPERTY_SET:
--- cpudetect.c.orig	2007-03-02 06:55:59.000000000 -0500
+++ cpudetect.c	2007-03-02 13:12:43.000000000 -0500
@@ -37,6 +37,8 @@ CpuCaps gCpuCaps;
 #include <proto/exec.h>
 #endif
 
+#define RETNAME_LEN 256
+
 //#define X86_FXSR_MAGIC
 /* Thanks to the FreeBSD project for some of this cpuid code, and 
  * help understanding how to use it.  Thanks to the Mesa 
@@ -235,22 +237,22 @@ char *GetCpuFriendlyName(unsigned int re
 	char *retname;
 	int i;
 
-	if (NULL==(retname=malloc(256))) {
+	if (NULL==(retname=malloc(RETNAME_LEN))) {
 		mp_msg(MSGT_CPUDETECT,MSGL_FATAL,"Error: GetCpuFriendlyName() not enough memory\n");
 		exit(1);
 	}
 
-	sprintf(vendor,"%.4s%.4s%.4s",(char*)(regs+1),(char*)(regs+3),(char*)(regs+2));
+	snprintf(vendor, sizeof(vendor), "%.4s%.4s%.4s",(char*)(regs+1),(char*)(regs+3),(char*)(regs+2));
 
+	retname[0] = '\0';
 	do_cpuid(0x80000000,regs);
 	if (regs[0] >= 0x80000004)
 	{
 		// CPU has built-in namestring
-		retname[0] = '\0';
 		for (i = 0x80000002; i <= 0x80000004; i++)
 		{
 			do_cpuid(i, regs);
-			strncat(retname, (char*)regs, 16);
+			strncat(retname, (char*)regs, 16); /* intentional */
 		}
 		return retname;
 	}
@@ -258,9 +260,9 @@ char *GetCpuFriendlyName(unsigned int re
 	for(i=0; i<MAX_VENDORS; i++){
 		if(!strcmp(cpuvendors[i].string,vendor)){
 			if(cpuname[i][CPUID_FAMILY][CPUID_MODEL]){
-				snprintf(retname,255,"%s %s",cpuvendors[i].name,cpuname[i][CPUID_FAMILY][CPUID_MODEL]);
+				snprintf(retname,RETNAME_LEN,"%s %s",cpuvendors[i].name,cpuname[i][CPUID_FAMILY][CPUID_MODEL]);
 			} else {
-				snprintf(retname,255,"unknown %s %d. Generation CPU",cpuvendors[i].name,CPUID_FAMILY); 
+				snprintf(retname,RETNAME_LEN,"unknown %s %d. Generation CPU",cpuvendors[i].name,CPUID_FAMILY); 
 				mp_msg(MSGT_CPUDETECT,MSGL_WARN,"unknown %s CPU:\n",cpuvendors[i].name);
 				mp_msg(MSGT_CPUDETECT,MSGL_WARN,"Vendor:   %s\n",cpuvendors[i].string);
 				mp_msg(MSGT_CPUDETECT,MSGL_WARN,"Type:     %d\n",CPUID_TYPE);
@@ -272,7 +274,6 @@ char *GetCpuFriendlyName(unsigned int re
 			}
 		}
 	}
-	retname[255] = 0;
 
 	//printf("Detected CPU: %s\n", retname);
 	return retname;
--- get_path.c.orig	2007-03-02 05:03:05.000000000 -0500
+++ get_path.c	2007-03-02 13:16:16.000000000 -0500
@@ -55,12 +55,12 @@ char *get_path(const char *filename){
 	if (filename == NULL) {
 		if ((buff = (char *) malloc(len)) == NULL)
 			return NULL;
-		sprintf(buff, "%s%s", homedir, config_dir);
+		snprintf(buff, len, "%s%s", homedir, config_dir);
 	} else {
 		len += strlen(filename) + 1;
 		if ((buff = (char *) malloc(len)) == NULL)
 			return NULL;
-		sprintf(buff, "%s%s/%s", homedir, config_dir, filename);
+		snprintf(buff, len, "%s%s/%s", homedir, config_dir, filename);
 	}
 
 #ifdef MACOSX_BUNDLE
@@ -95,11 +95,11 @@ char *get_path(const char *filename){
 				maxlen=strlen(filename)+strlen(res_url_path)+2;
 			}
 			free(buff);
-			buff = (char *) malloc(maxlen);
-			strcpy(buff, res_url_path);
+			buff = malloc(maxlen);
+			strlcpy(buff, res_url_path, maxlen);
 				
-			strcat(buff,"/");
-			strcat(buff, filename);
+			strlcat(buff,"/", maxlen);
+			strlcat(buff, filename, maxlen);
 		}
 	}
 #endif
@@ -116,27 +116,29 @@ void set_path_env()
 	char realpath[MAX_PATH];
 #ifdef __CYGWIN__
 	cygwin_conv_to_full_win32_path(WIN32_PATH,win32path);
-	strcpy(tmppath,win32path);
+	strlcpy(tmppath,win32path,sizeof(tmppath));
 #ifdef USE_REALCODECS
 	cygwin_conv_to_full_win32_path(REALCODEC_PATH,realpath);
-	sprintf(tmppath,"%s;%s",win32path,realpath);
+	snprintf(tmppath,sizeof(tmppath),"%s;%s",win32path,realpath);
 #endif /*USE_REALCODECS*/
 #else /*__CYGWIN__*/
 	/* Expand to absolute path unless it's already absolute */
 	if(!strstr(WIN32_PATH,":") && WIN32_PATH[0] != '\\'){
+		char *p = strrchr(win32path, '\\') + 1;
 		GetModuleFileNameA(NULL, win32path, MAX_PATH);
-		strcpy(strrchr(win32path, '\\') + 1, WIN32_PATH);
+		strlcpy(p, WIN32_PATH, sizeof(win32path) - (p-win32path));
 	}
-	else strcpy(win32path,WIN32_PATH);
-	strcpy(tmppath,win32path);
+	else strlcpy(win32path,WIN32_PATH,sizeof(win32path));
+	strlcpy(tmppath,win32path,sizeof(tmppath));
 #ifdef USE_REALCODECS
 	/* Expand to absolute path unless it's already absolute */
 	if(!strstr(REALCODEC_PATH,":") && REALCODEC_PATH[0] != '\\'){
+		char *p = strrchr(realpath, '\\') + 1;
 		GetModuleFileNameA(NULL, realpath, MAX_PATH);
-		strcpy(strrchr(realpath, '\\') + 1, REALCODEC_PATH);
+		strcpy(p, REALCODEC_PATH, sizeof(realpath) - (p-realpath));
 	}
-	else strcpy(realpath,REALCODEC_PATH);
-	sprintf(tmppath,"%s;%s",win32path,realpath);
+	else strlcpy(realpath,REALCODEC_PATH,sizeof(realpath));
+	snprintf(tmppath,sizeof(tmppath),"%s;%s",win32path,realpath);
 #endif /*USE_REALCODECS*/
 #endif /*__CYGWIN__*/
 	mp_msg(MSGT_WIN32, MSGL_V,"Setting PATH to %s\n",tmppath);
--- m_config.c.orig	2007-03-02 05:28:25.000000000 -0500
+++ m_config.c	2007-03-02 13:25:31.000000000 -0500
@@ -199,8 +199,8 @@ m_config_add_option(m_config_t *config, 
   // Fill in the full name
   if(prefix && strlen(prefix) > 0) {
     int l = strlen(prefix) + 1 + strlen(arg->name) + 1;
-    co->name = (char*) malloc(l);
-    sprintf(co->name,"%s:%s",prefix,arg->name);
+    co->name = malloc(l);
+    snprintf(co->name,l,"%s:%s",prefix,arg->name);
   } else
     co->name = arg->name;
 
@@ -322,7 +322,7 @@ m_config_parse_option(m_config_t *config
       if(r >= 0) {
 	// Build the full name
 	char n[l];
-	sprintf(n,"%s:%s",co->name,lst[2*i]);
+	snprintf(n,l,"%s:%s",co->name,lst[2*i]);
 	sr = m_config_parse_option(config,n,lst[2*i+1],set);
 	if(sr < 0){
 	  if(sr == M_OPT_UNKNOWN){
@@ -417,14 +417,14 @@ m_config_print_option_list(m_config_t *c
   for(co = config->opts ; co ; co = co->next) {
     m_option_t* opt = co->opt;
     if(opt->type->flags & M_OPT_TYPE_HAS_CHILD) continue;
-    if(opt->flags & M_OPT_MIN)
-      sprintf(min,"%-8.0f",opt->min);
+    if(opt->flags & M_OPT_MIN) 
+      snprintf(min,sizeof(min),"%-8.0f",opt->min);
     else
-      strcpy(min,"No");
+      strlcpy(min,"No",sizeof(min));
     if(opt->flags & M_OPT_MAX)
-      sprintf(max,"%-8.0f",opt->max);
+      snprintf(max,sizeof(max),"%-8.0f",opt->max);
     else
-      strcpy(max,"No");
+      strlcpy(max,"No",sizeof(max));
     mp_msg(MSGT_CFGPARSER, MSGL_INFO, " %-20.20s %-15.15s %-10.10s %-10.10s %-3.3s   %-3.3s   %-3.3s\n",
 	   co->name,
 	   co->opt->type->name,
--- m_option.c.orig	2007-03-02 02:50:41.000000000 -0500
+++ m_option.c	2007-03-02 13:24:14.000000000 -0500
@@ -587,8 +587,7 @@ static int parse_str_list(m_option_t* op
     }
     len = ptr - last_ptr;
     res[n] = malloc(len + 1);
-    if(len) strncpy(res[n],last_ptr,len);
-    res[n][len] = '\0';
+    if(len) strlcpy(res[n],last_ptr,len+1);
     ptr++;
     n++;
   }
@@ -1387,13 +1386,13 @@ static int get_obj_params(const char* op
       m_option_t* opt = &desc->fields[n];
       if(opt->type->flags & M_OPT_TYPE_HAS_CHILD) continue;
       if(opt->flags & M_OPT_MIN)
-	sprintf(min,"%-8.0f",opt->min);
+        snprintf(min, sizeof(min), "%-8.0f",opt->min);
       else
-	strcpy(min,"No");
+	strlcpy(min,"No", sizeof(min));
       if(opt->flags & M_OPT_MAX)
-	sprintf(max,"%-8.0f",opt->max);
+        snprintf(max, sizeof(max), "%-8.0f",opt->max);
       else
-	strcpy(max,"No");
+        strlcpy(max,"No", sizeof(max));
       printf(" %-20.20s %-15.15s %-10.10s %-10.10s\n",
 	     opt->name,
 	     opt->type->name,
@@ -1663,8 +1662,7 @@ static int parse_obj_settings_list(m_opt
       op = OP_CLR;
     else {
       char prefix[len];
-      strncpy(prefix,opt->name,len-1);
-      prefix[len-1] = '\0';
+      strlcpy(prefix,opt->name,sizeof(prefix));
       mp_msg(MSGT_VFILTER,MSGL_ERR, "Option %s: unknown postfix %s\n"
 	     "Supported postfixes are:\n"
 	     "  %s-add\n"
@@ -2045,7 +2043,7 @@ static int parse_custom_url(m_option_t* 
       if(dst) {
 	int p = atoi(ptr2+1);
 	char tmp[100];
-	snprintf(tmp,99,"%d",p);
+	snprintf(tmp,sizeof(tmp),"%d",p);
 	r = m_struct_set(desc,dst,"port",tmp);
 	if(r < 0) {
 	  mp_msg(MSGT_CFGPARSER, MSGL_ERR, "Option %s: Error while setting port.\n",name);
@@ -2063,8 +2061,7 @@ static int parse_custom_url(m_option_t* 
       // skip
     } else {
       char tmp[pos2-pos1+1];
-      strncpy(tmp,ptr1, pos2-pos1);
-      tmp[pos2-pos1] = '\0';
+      strlcpy(tmp,ptr1, sizeof(tmp));
       r = m_struct_set(desc,dst,"hostname",tmp);
       if(r < 0) {
 	mp_msg(MSGT_CFGPARSER, MSGL_ERR, "Option %s: Error while setting hostname.\n",name);
--- mplayer.c.orig	2007-03-02 02:54:50.000000000 -0500
+++ mplayer.c	2007-03-02 16:46:15.000000000 -0500
@@ -491,28 +491,28 @@ char *get_metadata (metadata_t type) {
       meta = strdup ("h264");
     else if (sh_video->format >= 0x20202020)
     {
-      meta = (char *) malloc (8);
-      sprintf (meta, "%.4s", (char *) &sh_video->format);
+      meta = malloc (8);
+      snprintf (meta, 8, "%.4s", (char *) &sh_video->format);
     }
     else
     {
-      meta = (char *) malloc (8);
-      sprintf (meta, "0x%08X", sh_video->format);
+      meta = malloc (8);
+      snprintf (meta, 8, "0x%08X", sh_video->format);
     }
     return meta;
   }
   
   case META_VIDEO_BITRATE:
   {
-    meta = (char *) malloc (16);
-    sprintf (meta, "%d kbps", (int) (sh_video->i_bps * 8 / 1024));
+    meta = malloc (16);
+    snprintf (meta, 16, "%d kbps", (int) (sh_video->i_bps * 8 / 1024));
     return meta;
   }
   
   case META_VIDEO_RESOLUTION:
   {
-    meta = (char *) malloc (16);
-    sprintf (meta, "%d x %d", sh_video->disp_w, sh_video->disp_h);
+    meta = malloc (16);
+    snprintf (meta, 16, "%d x %d", sh_video->disp_w, sh_video->disp_h);
     return meta;
   }
 
@@ -525,15 +525,15 @@ char *get_metadata (metadata_t type) {
   
   case META_AUDIO_BITRATE:
   {
-    meta = (char *) malloc (16);
-    sprintf (meta, "%d kbps", (int) (sh_audio->i_bps * 8/1000));
+    meta = malloc (16);
+    snprintf (meta, 16, "%d kbps", (int) (sh_audio->i_bps * 8/1000));
     return meta;
   }
   
   case META_AUDIO_SAMPLES:
   {
-    meta = (char *) malloc (16);
-    sprintf (meta, "%d Hz, %d ch.", sh_audio->samplerate, sh_audio->channels);
+    meta = malloc (16);
+    snprintf (meta, 16, "%d Hz, %d ch.", sh_audio->samplerate, sh_audio->channels);
     return meta;
   }
 
@@ -770,8 +770,7 @@ static void exit_sighandler(int x){
       if (crash_debug) {
         int gdb_pid;
         char spid[20];
-        snprintf(spid, 19, "%i", getpid());
-        spid[19] = 0;
+        snprintf(spid, sizeof(spid), "%i", getpid());
         mp_msg(MSGT_CPLAYER, MSGL_INFO, "Forking...\n");
         gdb_pid = fork();
         mp_msg(MSGT_CPLAYER, MSGL_INFO, "Forked...\n");
@@ -831,7 +830,7 @@ void load_per_file_config (m_config_t* c
     struct stat st;
     char *name;
 
-    sprintf (cfg, "%s.conf", file);
+    snprintf (cfg, strlen(file) + 10, "%s.conf", file);
     
     if (use_filedir_conf && !stat (cfg, &st))
     {
@@ -1270,7 +1269,6 @@ void set_osd_msg(int id, int level, int 
     va_start(va,fmt);
     r = vsnprintf(msg->msg, 64, fmt, va);
     va_end(va);
-    if(r >= 64) msg->msg[63] = 0;
     // set id and time
     msg->id = id;
     msg->level = level;
@@ -1408,7 +1406,7 @@ static void update_osd_msg(void) {
     // Look if we have a msg
     if((msg = get_osd_msg())) {
         if(strcmp(osd_text,msg->msg)) {
-            strncpy((char*)osd_text, msg->msg, 63);
+            strlcpy(osd_text, msg->msg, sizeof(osd_text));
             if(mpctx->sh_video) vo_osd_changed(OSDTYPE_OSD); else 
             if(term_osd) mp_msg(MSGT_CPLAYER,MSGL_STATUS,"%s%s\n",term_osd_esc,msg->msg);
         }
@@ -1427,17 +1425,19 @@ static void update_osd_msg(void) {
                 percentage = demuxer_get_percent_pos(mpctx->demuxer);
             
             if (percentage >= 0)
-                snprintf(percentage_text, 9, " (%d%%)", percentage);
+		snprintf(percentage_text, sizeof(percentage_text), " (%d%%)",
+			percentage);
             else
                 percentage_text[0] = 0;
             
             if (osd_level == 3) 
-                snprintf(osd_text_timer, 63,
+                snprintf(osd_text_timer, sizeof(osd_text_timer),
                          "%c %02d:%02d:%02d / %02d:%02d:%02d%s",
                          mpctx->osd_function,pts/3600,(pts/60)%60,pts%60,
                          len/3600,(len/60)%60,len%60,percentage_text);
             else
-                snprintf(osd_text_timer, 63, "%c %02d:%02d:%02d%s",
+                snprintf(osd_text_timer, sizeof(osd_text_timer), 
+                         "%c %02d:%02d:%02d%s",
                          mpctx->osd_function,pts/3600,(pts/60)%60,
                          pts%60,percentage_text);
         } else
@@ -1448,7 +1448,7 @@ static void update_osd_msg(void) {
             mpctx->osd_show_percentage--;
         
         if(strcmp(osd_text,osd_text_timer)) {
-            strncpy(osd_text, osd_text_timer, 63);
+            strlcpy(osd_text, osd_text_timer, sizeof(osd_text));
             vo_osd_changed(OSDTYPE_OSD);
         }
         return;
@@ -2396,7 +2396,7 @@ int gui_no_filename=0;
       
       if (getcwd(cwd, PATH_MAX) != (char *)NULL)
       {
-	  strcat(cwd, "/");
+	  strlcat(cwd, "/", sizeof(cwd));
           // Prefix relative paths with current working directory
           play_tree_add_bpf(mpctx->playtree, cwd);
       }      
@@ -2797,9 +2797,9 @@ if (edl_output_filename) {
 		filename_recode(vobsub_name));
     }else if(sub_auto && filename && (strlen(filename)>=5)){
       /* try to autodetect vobsub from movie filename ::atmos */
-      char *buf = malloc((strlen(filename)-3)),*psub;
-      memset(buf,0,strlen(filename)-3); // make sure string is terminated
-      strncpy(buf, filename, strlen(filename)-4); 
+      size_t len = strlen(filename)-3; 
+      char *buf = malloc(len),*psub;
+      strlcpy(buf, filename, len); 
       vo_vobsub=vobsub_open(buf,spudec_ifo,0,&vo_spudec);
       /* try from ~/.mplayer/sub */
       if(!vo_vobsub && (psub = get_path( "sub/" ))) {
@@ -2813,7 +2813,7 @@ if (edl_output_filename) {
           else bname = buf;
           l = strlen(psub) + strlen(bname) + 1;
           psub = realloc(psub,l);
-          strcat(psub,bname);
+          strlcat(psub,bname,l);
           vo_vobsub=vobsub_open(psub,spudec_ifo,0,&vo_spudec);
           free(psub);          
       }
@@ -2972,9 +2972,9 @@ if (mpctx->demuxer && mpctx->demuxer->ty
       temp=malloc((strlen(filename)-strlen(mp_basename(filename))+strlen(playlist_entry)+1));
       if (temp)
       {
-	strncpy(temp, filename, strlen(filename)-strlen(mp_basename(filename)));
-	temp[strlen(filename)-strlen(mp_basename(filename))]='\0';
-	strcat(temp, playlist_entry);
+	size_t len = strlen(filename)-strlen(mp_basename(filename));
+	strlcpy(temp, filename, len+1);
+	strlcat(temp, playlist_entry, len+1);
 	play_tree_add_file(entry,temp);
 	mp_msg(MSGT_CPLAYER,MSGL_V,"Resolving reference to %s.\n",temp);
 	free(temp);
--- mp_msg.c.orig	2007-03-02 06:48:54.000000000 -0500
+++ mp_msg.c	2007-03-02 06:50:44.000000000 -0500
@@ -134,8 +134,7 @@ void mp_msg(int mod, int lev, const char
         *out++ = *in++;
         outlen--; inlen--;
       }
-      strncpy(tmp, tmp2, MSGSIZE_MAX);
-      tmp[MSGSIZE_MAX-1] = 0;
+      strlcpy(tmp, tmp2, MSGSIZE_MAX);
       tmp[MSGSIZE_MAX-2] = '\n';
       }
     }
--- m_property.c.orig	2007-03-02 05:20:52.000000000 -0500
+++ m_property.c	2007-03-02 13:56:40.000000000 -0500
@@ -154,13 +154,13 @@ void m_properties_print_help_list(m_opti
     for(i = 0 ; list[i].name ; i++) {
         m_option_t* opt = &list[i];
         if(opt->flags & M_OPT_MIN)
-            sprintf(min,"%-8.0f",opt->min);
+            snprintf(min,sizeof(min), "%-8.0f",opt->min);
         else
-            strcpy(min,"No");
+            strlcpy(min,"No",sizeof(min));
         if(opt->flags & M_OPT_MAX)
-            sprintf(max,"%-8.0f",opt->max);
+            snprintf(max,sizeof(max), "%-8.0f",opt->max);
         else
-            strcpy(max,"No");
+            strlcpy(max,"No",sizeof(max));
         mp_msg(MSGT_CFGPARSER, MSGL_INFO, " %-20.20s %-15.15s %-10.10s %-10.10s\n",
                opt->name,
                opt->type->name,
@@ -239,7 +239,7 @@ int m_property_float_ro(m_option_t* prop
     case M_PROPERTY_PRINT:
         if(!arg) return 0;
         *(char**)arg = malloc(20);
-        sprintf(*(char**)arg,"%.2f",var);
+        snprintf(*(char**)arg,20,"%.2f",var);
         return 1;
     }
     return M_PROPERTY_NOT_IMPLEMENTED;
@@ -269,7 +269,7 @@ int m_property_delay(m_option_t* prop,in
     case M_PROPERTY_PRINT:
         if(!arg) return 0;
         *(char**)arg = malloc(20);
-        sprintf(*(char**)arg,"%d ms",ROUND((*var)*1000));
+        snprintf(*(char**)arg,20,"%d ms",ROUND((*var)*1000));
         return 1;
     default:
         return m_property_float_range(prop,action,arg,var);
@@ -286,7 +286,7 @@ int m_property_double_ro(m_option_t* pro
     case M_PROPERTY_PRINT:
         if(!arg) return 0;
         *(char**)arg = malloc(20);
-        sprintf(*(char**)arg,"%.2f",var);
+        snprintf(*(char**)arg,20,"%.2f",var);
         return 1;
     }
     return M_PROPERTY_NOT_IMPLEMENTED;
--- parser-mpcmd.c.orig	2007-03-02 07:03:46.000000000 -0500
+++ parser-mpcmd.c	2007-03-02 07:04:35.000000000 -0500
@@ -236,7 +236,8 @@ m_config_parse_mp_command_line(m_config_
                  {
                   if (j!=start_title) 
                       entry=play_tree_new();
-                  snprintf(entbuf,9,"dvd://%d",j);
+                  snprintf(entbuf,sizeof(entbuf - 1),"dvd://%d",j);
+                  entbuf[sizeof(entbuf - 1)] = '\0';
                   play_tree_add_file(entry,entbuf);
                   add_entry(&last_parent,&last_entry,entry);
 		  last_entry = entry;
--- playtreeparser.c.orig	2007-03-02 03:04:29.000000000 -0500
+++ playtreeparser.c	2007-03-02 03:17:08.000000000 -0500
@@ -99,8 +99,7 @@ play_tree_parser_get_line(play_tree_pars
   else
     return NULL;
   if(line_end - p->iter > 0)
-    strncpy(p->line,p->iter,line_end - p->iter);
-  p->line[line_end - p->iter] = '\0';
+    strlcpy(p->line,p->iter,line_end - p->iter);
   if(end[0] != '\0')
     end++;
 
@@ -434,8 +433,8 @@ parse_m3u(play_tree_parser_t* p) {
 
 static play_tree_t*
 parse_smil(play_tree_parser_t* p) {
-  int entrymode=0;
-  char* line,source[512],*pos,*s_start,*s_end,*src_line;
+  int entrymode=0, size;
+  char* line,*source = NULL,*pos,*s_start,*s_end,*src_line;
   play_tree_t *list = NULL, *entry = NULL, *last_entry = NULL;
   int is_rmsmil = 0;
   unsigned int npkt, ttlpkt;
@@ -500,8 +499,9 @@ parse_smil(play_tree_parser_t* p) {
         payload++;
       // Skip ") at the end of the last line from the current packet
       line[strlen(line)-2] = 0;
-      line = realloc(line, strlen(line)+strlen(payload));
-      strcat (line, payload);
+      size = strlen(line)+strlen(payload)+1; 
+      line = realloc(line, size);
+      strlcat (line, payload, size);
       npkt++;
     } else
       line = strdup(src_line);
@@ -526,12 +526,9 @@ parse_smil(play_tree_parser_t* p) {
               mp_msg(MSGT_PLAYTREE,MSGL_V,"Error parsing this source line %s\n",line);
               continue;   
             }
-          if (s_end-s_start> 511) {
-            mp_msg(MSGT_PLAYTREE,MSGL_V,"Cannot store such a large source %s\n",line);
-            continue;
-          }
-          strncpy(source,s_start,s_end-s_start);
-          source[(s_end-s_start)]='\0'; // Null terminate
+          size = s_end-s_start+1;
+          source = malloc(size);
+          strlcpy(source,s_start,size);
           entry = play_tree_new();
           play_tree_add_file(entry,source);
           if(!list)  //Insert new entry
@@ -553,12 +550,9 @@ parse_smil(play_tree_parser_t* p) {
           mp_msg(MSGT_PLAYTREE,MSGL_V,"Error parsing this source line %s\n",line);
           continue;
         }
-        if (s_end-s_start> 511) {
-          mp_msg(MSGT_PLAYTREE,MSGL_V,"Cannot store such a large source %s\n",line);
-          continue;
-        }
-        strncpy(source,s_start,s_end-s_start);
-        source[(s_end-s_start)]='\0'; // Null terminate
+        size = s_end-s_start+1;
+        source = malloc(size);
+        strlcpy(source,s_start,size);
         entry = play_tree_new();
         play_tree_add_file(entry,source);
         if(!list)  //Insert new entry
@@ -570,8 +564,8 @@ parse_smil(play_tree_parser_t* p) {
     }
   }
 
-  if (line)
-    free(line);
+  free(line);
+  free(source);
 
   if(!list) return NULL; // Nothing found
 
--- playtree.c.orig	2007-03-02 05:00:22.000000000 -0500
+++ playtree.c	2007-03-02 05:02:17.000000000 -0500
@@ -946,13 +946,14 @@ void pt_add_file(play_tree_t** ppt, char
 
 void pt_add_gui_file(play_tree_t** ppt, char* path, char* file)
 {
-  char* wholename = malloc(strlen(path)+strlen(file)+2);
+  size_t size = strlen(path)+strlen(file)+2;
+  char* wholename = malloc(size);
 
   if (wholename)
   {
-    strcpy(wholename, path);
-    strcat(wholename, "/");
-    strcat(wholename, file);
+    strlcpy(wholename, path, size);
+    strlcat(wholename, "/", size);
+    strlcat(wholename, file, size);
     pt_add_file(ppt, wholename);
     free(wholename); // As pt_add_file strdups it anyway!
   }
--- subreader.c.orig	2007-03-01 23:43:56.000000000 -0500
+++ subreader.c	2007-03-02 13:17:47.000000000 -0500
@@ -75,7 +75,7 @@ static int eol(char p) {
 static void trail_space(char *s) {
 	int i = 0;
 	while (isspace(s[i])) ++i;
-	if (i) strcpy(s, s + i);
+	if (i) strcpy(s, s + i); /* safe */
 	i = strlen(s) - 1;
 	while (i > 0 && isspace(s[i])) s[i--] = '\0';
 }
@@ -249,8 +249,7 @@ static char *sub_readtext(char *source, 
     *dest= malloc (len+1);
     if (!dest) {return ERR;}
     
-    strncpy(*dest, source, len);
-    (*dest)[len]=0;
+    strlcpy(*dest, source, len + 1);
     
     while (*p=='\r' || *p=='\n' || *p=='|') p++;
     
@@ -331,8 +330,7 @@ static subtitle *sub_read_line_subrip(st
 	    for (q=p,len=0; *p && *p!='\r' && *p!='\n' && *p!='|' && strncmp(p,"[br]",4); p++,len++);
 	    current->text[current->lines-1]=malloc (len+1);
 	    if (!current->text[current->lines-1]) return ERR;
-	    strncpy (current->text[current->lines-1], q, len);
-	    current->text[current->lines-1][len]='\0';
+	    strlcpy (current->text[current->lines-1], q, len+1);
 	    if (!*p || *p=='\r' || *p=='\n') break;
 	    if (*p=='|') p++;
 	    else while (*p++!=']');
@@ -365,8 +363,7 @@ static subtitle *sub_read_line_subviewer
                 int j=0,skip=0;
 		char *curptr=current->text[i]=malloc (len+1);
 		if (!current->text[i]) return ERR;
-		//strncpy (current->text[i], line, len); current->text[i][len]='\0';
-                for(; j<len; j++) {
+		for(; j<len; j++) {
 		    /* let's filter html tags ::atmos */
 		    if(line[j]=='>') {
 			skip=0;
@@ -415,7 +412,7 @@ static subtitle *sub_read_line_subviewer
             if (len) {
                 current->text[i]=malloc (len+1);
                 if (!current->text[i]) return ERR;
-                strncpy (current->text[i], line, len); current->text[i][len]='\0';
+                strlcpy (current->text[i], line, len);
                 ++i;
             } else {
                 break;
@@ -581,8 +578,7 @@ static subtitle *sub_read_line_ssa(strea
 	
         while (((tmp=strstr(line2, "\\n")) != NULL) || ((tmp=strstr(line2, "\\N")) != NULL) ){
 		current->text[num]=malloc(tmp-line2+1);
-		strncpy (current->text[num], line2, tmp-line2);
-		current->text[num][tmp-line2]='\0';
+		strlcpy (current->text[num], line2, tmp-line2+1);
 		line2=tmp+2;
 		num++;
 		current->lines++;
@@ -932,7 +928,7 @@ static subtitle *sub_read_line_jacosub(s
 	    } else {
 		current->alignment = SUB_ALIGNMENT_BOTTOMCENTER;
 	    }
-	    strcpy(line2, line1);
+	    strlcpy(line2, line1, sizeof(line2));
 	    p = line2;
 	}
 	for (q = line1; (!eol(*p)) && (current->lines < SUB_MAX_TEXT); ++p) {
@@ -989,8 +985,7 @@ static subtitle *sub_read_line_jacosub(s
 		    if (!stream_read_line(st, directive, LINE_LEN))
 			return NULL;
 		    trail_space(directive);
-		    strncat(line2, directive,
-			    (LINE_LEN > 511) ? LINE_LEN : 511);
+		    strlcat(line2, directive, sizeof(line2));
 		    break;
 		}
 	    default:
@@ -1726,38 +1721,41 @@ char * strreplace( char * in,char * what
 #endif
 
 
-static void strcpy_trim(char *d, char *s)
+static void strlcpy_trim(char *d, char *s, size_t len)
 {
+    if (len == 0) return;
     // skip leading whitespace
     while (*s && !isalnum(*s)) {
 	s++;
     }
     for (;;) {
 	// copy word
-	while (*s && isalnum(*s)) {
+	while (len > 1 && *s && isalnum(*s)) {
 	    *d = tolower(*s);
-	    s++; d++;
+	    s++; d++; len--;
 	}
+	if (len <= 1) break;
 	if (*s == 0) break;
 	// trim excess whitespace
 	while (*s && !isalnum(*s)) {
 	    s++;
 	}
 	if (*s == 0) break;
-	*d++ = ' ';
+	*d++ = ' '; len--;
     }
     *d = 0;
 }
  
-static void strcpy_strip_ext(char *d, char *s)
+static void strlcpy_strip_ext(char *d, char *s, size_t len)
 {
     char *tmp = strrchr(s,'.');
     if (!tmp) {
-	strcpy(d, s);
+	strlcpy(d, s, len);
 	return;
     } else {
-	strncpy(d, s, tmp-s);
-	d[tmp-s] = 0;
+	*tmp = '\0';
+	strlcpy(d, s, len);
+	*tmp = '.';
     }
     while (*d) {
 	*d = tolower(*d);
@@ -1765,14 +1763,14 @@ static void strcpy_strip_ext(char *d, ch
     }
 }
  
-static void strcpy_get_ext(char *d, char *s)
+static void strlcpy_get_ext(char *d, char *s, size_t len)
 {
     char *tmp = strrchr(s,'.');
     if (!tmp) {
-	strcpy(d, "");
+	strlcpy(d, "", len);
 	return;
     } else {
-	strcpy(d, tmp+1);
+	strlcpy(d, tmp+1, len);
    }
 }
 
@@ -1845,22 +1843,22 @@ char** sub_filenames(const char* path, c
     
     // extract filename & dirname from fname
     if (tmp) {
-	strcpy(f_fname, tmp+1);
+	strlcpy(f_fname, tmp+1, len);
 	pos = tmp - fname;
-	strncpy(f_dir, fname, pos+1);
-	f_dir[pos+1] = 0;
+	strlcpy(f_dir, fname, pos+1);
     } else {
-	strcpy(f_fname, fname);
-	strcpy(f_dir, "./");
+	strlcpy(f_fname, fname, len);
+	strlcpy(f_dir, "./", len);
     }
  
-    strcpy_strip_ext(f_fname_noext, f_fname);
-    strcpy_trim(f_fname_trim, f_fname_noext);
+    strlcpy_strip_ext(f_fname_noext, f_fname, len);
+    strlcpy_trim(f_fname_trim, f_fname_noext, len);
 
     tmp_sub_id = NULL;
     if (dvdsub_lang && !whiteonly(dvdsub_lang)) {
-	tmp_sub_id = malloc(strlen(dvdsub_lang)+1);
-	strcpy_trim(tmp_sub_id, dvdsub_lang);
+	size_t size = strlen(dvdsub_lang)+1;
+	tmp_sub_id = malloc(size);
+	strlcpy_trim(tmp_sub_id, dvdsub_lang, size);
     }
 
     // 0 = nothing
@@ -1872,9 +1870,9 @@ char** sub_filenames(const char* path, c
 	if (d) {
 	    while ((de = readdir(d))) {
 		// retrieve various parts of the filename
-		strcpy_strip_ext(tmp_fname_noext, de->d_name);
-		strcpy_get_ext(tmp_fname_ext, de->d_name);
-		strcpy_trim(tmp_fname_trim, tmp_fname_noext);
+		strlcpy_strip_ext(tmp_fname_noext, de->d_name, len);
+		strlcpy_get_ext(tmp_fname_ext, de->d_name, len);
+		strlcpy_trim(tmp_fname_trim, tmp_fname_noext, len);
 
 		// does it end with a subtitle extension?
 		found = 0;
@@ -1898,7 +1896,7 @@ char** sub_filenames(const char* path, c
 		    int prio = 0;
 		    if (!prio && tmp_sub_id)
 		    {
-			sprintf(tmpresult, "%s %s", f_fname_trim, tmp_sub_id);
+			snprintf(tmpresult, len, "%s %s", f_fname_trim, tmp_sub_id);
 			mp_msg(MSGT_SUBREADER,MSGL_INFO,"dvdsublang...%s\n", tmpresult);
 			if (strcmp(tmp_fname_trim, tmpresult) == 0 && sub_match_fuzziness >= 1) {
 			    // matches the movie name + lang extension
@@ -1938,7 +1936,7 @@ char** sub_filenames(const char* path, c
 			    prio++;
 			}
 #endif
-			sprintf(tmpresult, "%s%s", j == 0 ? f_dir : path, de->d_name);
+			snprintf(tmpresult, len, "%s%s", j == 0 ? f_dir : path, de->d_name);
 //			fprintf(stderr, "%s priority %d\n", tmpresult, prio);
 			if ((f = fopen(tmpresult, "rt"))) {
 			    fclose(f);
--- unrarlib.c.orig	2007-03-02 03:18:04.000000000 -0500
+++ unrarlib.c	2007-03-02 13:20:16.000000000 -0500
@@ -384,7 +384,6 @@ int urarlib_get(void *output,
   BOOL  retcode = FALSE;
 
 #ifdef _DEBUG_LOG
-  int  str_offs;                            /* used for debug-strings       */
   char DebugMsg[500];                       /* used to compose debug msg    */
 
   if(debug_log_first_start)
@@ -415,7 +414,8 @@ int urarlib_get(void *output,
   temp_output_buffer_offset=size;           /* set size of the temp buffer  */
 
 #ifdef _DEBUG_LOG
-  sprintf(DebugMsg, "Extracting >%s< from >%s< (password is >%s<)...",
+  snprintf(DebugMsg, sizeof(DebugMsg),
+          "Extracting >%s< from >%s< (password is >%s<)...",
           filename, (char*)rarfile, libpassword);
   debug_log(DebugMsg);
 #endif
@@ -449,17 +449,11 @@ int urarlib_get(void *output,
 #ifdef _DEBUG_LOG
 
 
-   /* sorry for this ugly code, but older SunOS gcc compilers don't support */
-   /* white spaces within strings                                           */
-   str_offs  = sprintf(DebugMsg, "Error - couldn't extract ");
-   str_offs += sprintf(DebugMsg + str_offs, ">%s<", filename);
-   str_offs += sprintf(DebugMsg + str_offs, " and allocated ");
-   str_offs += sprintf(DebugMsg + str_offs, "%u Bytes", (unsigned int)*size);
-   str_offs += sprintf(DebugMsg + str_offs, " of unused memory!");
+    snprintf(tmp, sizeof(DebugMsg), "Error - couldn't extract >%s< and allocated %u Bytes of unused memory!", filename, (unsigned int)*size);
 
   } else
   {
-    sprintf(DebugMsg, "Extracted %u Bytes.", (unsigned int)*size);
+    snprintf(DebugMsg, sizeof(DebugMsg), "Extracted %u Bytes.", (unsigned int)*size);
   }
   debug_log(DebugMsg);
 #else
@@ -554,7 +548,7 @@ int urarlib_list(void *rarfile, ArchiveL
     }
 
     tmp_List->item.Name = malloc(NewLhd.NameSize + 1);
-    strcpy(tmp_List->item.Name, ArcFileName);
+    strlcpy(tmp_List->item.Name, ArcFileName, NewLhd.NameSize + 1);
     tmp_List->item.NameSize = NewLhd.NameSize;
     tmp_List->item.PackSize = NewLhd.PackSize;
     tmp_List->item.UnpSize = NewLhd.UnpSize;
@@ -849,7 +843,6 @@ int ReadHeader(int BlockType)
 int IsArchive(void)
 {
 #ifdef _DEBUG_LOG
-  int  str_offs;                            /* used for debug-strings       */
   char DebugMsg[500];                       /* used to compose debug msg    */
 #endif
 
@@ -885,12 +878,7 @@ int IsArchive(void)
     {
 
 #ifdef _DEBUG_LOG
-     /* sorry for this ugly code, but older SunOS gcc compilers don't       */
-     /* support white spaces within strings                                 */
-     str_offs  = sprintf(DebugMsg, "unknown archive type (only plain RAR ");
-     str_offs += sprintf(DebugMsg + str_offs, "supported (normal and solid ");
-     str_offs += sprintf(DebugMsg + str_offs, "archives), SFX and Volumes ");
-     str_offs += sprintf(DebugMsg + str_offs, "are NOT supported!)");
+     strlcpy(DebugMsg, "unknown archive type (only plain RAR supported (normal and solid archives), SFX and Volumes are NOT supported!)", sizeof(DebugMsg));
 
      debug_log(DebugMsg);
 #endif
@@ -1143,8 +1131,8 @@ static int my_stricomp(char *Str1,char *
   char S1[512],S2[512];
   char *chptr;
 
-  strncpy(S1,Str1,sizeof(S1));
-  strncpy(S2,Str2,sizeof(S2));
+  strlcpy(S1,Str1,sizeof(S1));
+  strlcpy(S2,Str2,sizeof(S2));
 
   while((chptr = strchr(S1, '\\')) != NULL) /* ignore backslash             */
   {
@@ -2506,7 +2494,7 @@ void SetCryptKeys(char *Password)
   Key[2]=0x7515A235L;
   Key[3]=0xA4E7F123L;
   memset(Psw,0,sizeof(Psw));
-  strcpy((char *)Psw,Password);
+  strlcpy((char *)Psw,Password,sizeof(Psw));
   PswLength=strlen(Password);
   memcpy(SubstTable,InitSubstTable,sizeof(SubstTable));
 
@@ -2688,7 +2676,7 @@ void debug_init_proc(char *file_name)
   char time[] = __TIME__;
 
   debug_start_time = GetTickCount();        /* get start time               */
-  strcpy(log_file_name, file_name);         /* save file name               */
+  strlcpy(log_file_name, file_name, sizeof(log_file_name)); /* save file name */
 
   if((fp = fopen(log_file_name, CREATETEXT)) != NULL)
   {
--- vobsub.c.orig	2007-03-02 04:44:25.000000000 -0500
+++ vobsub.c	2007-03-02 04:56:42.000000000 -0500
@@ -56,29 +56,23 @@ rar_open(const char *const filename, con
     if (stream->file == NULL) {
 	char *rar_filename;
 	const char *p;
+	size_t size;
 	int rc;
 	/* Guess the RAR archive filename */
 	rar_filename = NULL;
 	p = strrchr(filename, '.');
 	if (p) {
-	    ptrdiff_t l = p - filename;
-	    rar_filename = malloc(l + 5);
-	    if (rar_filename == NULL) {
-		free(stream);
-		return NULL;
-	    }
-	    strncpy(rar_filename, filename, l);
-	    strcpy(rar_filename + l, ".rar");
-	}
-	else {
-	    rar_filename = malloc(strlen(filename) + 5);
-	    if (rar_filename == NULL) {
-		free(stream);
-		return NULL;
-	    }
-	    strcpy(rar_filename, filename);
-	    strcat(rar_filename, ".rar");
+	    size = p - filename + 5;
+	} else {
+	    size = strlen(filename) + 5;
 	}
+    rar_filename = malloc(size);
+    if (rar_filename == NULL) {
+	    free(stream);
+	    return NULL;
+    }
+    strlcpy(rar_filename, filename, size);
+    strlcat(rar_filename, ".rar", size);
 	/* get rid of the path if there is any */
 	if ((p = strrchr(filename, '/')) == NULL) {
 		p = filename;
@@ -1055,6 +1049,7 @@ vobsub_parse_ifo(void* this, const char 
 void *
 vobsub_open(const char *const name,const char *const ifo,const int force,void** spu)
 {
+    size_t size;
     vobsub_t *vob = malloc(sizeof(vobsub_t));
     if(spu)
       *spu = NULL;
@@ -1069,20 +1064,21 @@ vobsub_open(const char *const name,const
 	vob->spu_streams_current = 0;
 	vob->delay = 0;
 	vob->forced_subs=0;
-	buf = malloc(strlen(name) + 5);
+	size = strlen(name) + 5;
+	buf = malloc(size);
 	if (buf) {
 	    rar_stream_t *fd;
 	    mpeg_t *mpg;
 	    /* read in the info file */
 	    if(!ifo) {
-	      strcpy(buf, name);
-	      strcat(buf, ".ifo");
+	      strlcpy(buf, name, size);
+	      strlcat(buf, ".ifo", size);
 	      vobsub_parse_ifo(vob,buf, vob->palette, &vob->orig_frame_width, &vob->orig_frame_height, force, -1, NULL);
 	    } else
 	      vobsub_parse_ifo(vob,ifo, vob->palette, &vob->orig_frame_width, &vob->orig_frame_height, force, -1, NULL);
 	    /* read in the index */
-	    strcpy(buf, name);
-	    strcat(buf, ".idx");
+	    strlcpy(buf, name, size);
+	    strlcat(buf, ".idx", size);
 	    fd = rar_open(buf, "rb");
 	    if (fd == NULL) {
 		if(force)
@@ -1104,8 +1100,8 @@ vobsub_open(const char *const name,const
 	      *spu = spudec_new_scaled_vobsub(vob->palette, vob->cuspal, vob->custom, vob->orig_frame_width, vob->orig_frame_height);
 
 	    /* read the indexed mpeg_stream */
-	    strcpy(buf, name);
-	    strcat(buf, ".sub");
+	    strlcpy(buf, name, size);
+	    strlcat(buf, ".sub", size);
 	    mpg = mpeg_open(buf);
 	    if (mpg == NULL) {
 	      if(force)
@@ -1348,18 +1344,20 @@ vobsub_out_open(const char *basename, co
 {
     vobsub_out_t *result = NULL;
     char *filename;
-    filename = malloc(strlen(basename) + 5);
+    size_t size;
+    size = strlen(basename) + 5;
+    filename = malloc(size);
     if (filename) {
 	result = malloc(sizeof(vobsub_out_t));
 	if (result) {
 	    result->aid = index;
-	    strcpy(filename, basename);
-	    strcat(filename, ".sub");
+	    strlcpy(filename, basename, size);
+	    strlcat(filename, ".sub", size);
 	    result->fsub = fopen(filename, "ab");
 	    if (result->fsub == NULL)
 		perror("Error: vobsub_out_open subtitle file open failed");
-	    strcpy(filename, basename);
-	    strcat(filename, ".idx");
+	    strlcpy(filename, basename, size);
+	    strlcat(filename, ".idx", size);
 	    result->fidx = fopen(filename, "ab");
 	    if (result->fidx) {
 		if (ftell(result->fidx) == 0){


More information about the MPlayer-dev-eng mailing list