Fix potential buffer overflow (CID 191)

356fafa5 · ivoire · eeaa54cf · 356fafa5
Commit 356fafa5 authored Oct 10, 2008 by ivoire
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

modules/misc/osd/simple.c modules/misc/osd/simple.c +5 -2

No files found.
--- a/modules/misc/osd/simple.c
+++ b/modules/misc/osd/simple.c
@@ -93,8 +93,11 @@ int osd_parser_simpleOpen( vlc_object_t *p_this )
        /* NULL terminate before asking the length of path[] */
        path[PATH_MAX-1] = '\0';
        i_len = strlen(&path[0]);
-        if( i_len == PATH_MAX )
-            i_len--; /* truncate to prevent buffer overflow */
+        /* Protect against buffer overflow:
+         * max index is PATH_MAX-1 and we increment by 1 after
+         * so PATH_MAX-2 is the bigest we can have */
+        if( i_len > PATH_MAX - 2 )
+            i_len = PATH_MAX - 2;
 #if defined(WIN32) || defined(UNDER_CE)
        if( (i_len > 0) && path[i_len] != '\\' )
            path[i_len] = '\\';