Commit 789f166b authored by Sam Hocevar's avatar Sam Hocevar
Browse files

* modules/access/vcdx/access.c: Fixed an obvious buffer overflow. This

    code is still unsafe, bounds need to be checked after each sprintf/strcat
    call.
parent 0a9aa8d0
......@@ -4,7 +4,7 @@
* to go here.
*****************************************************************************
* Copyright (C) 2000, 2003 VideoLAN
* $Id: access.c,v 1.11 2003/12/13 12:56:14 rocky Exp $
* $Id: access.c,v 1.12 2003/12/22 00:13:52 sam Exp $
*
* Authors: Rocky Bernstein <rocky@panix.com>
* Johan Bilien <jobi@via.ecp.fr>
......@@ -1121,8 +1121,8 @@ VCDFormatStr(const input_thread_t *p_input, thread_vcd_data_t *p_vcd,
case 'L':
if (vcdplayer_pbc_is_on(p_vcd)) {
char num_str[10];
sprintf(num_str, _(" List ID %d"), p_vcd->cur_lid);
char num_str[40];
sprintf(num_str, "%s %d", _("List ID"), p_vcd->cur_lid);
strncat(tp, num_str, TEMP_STR_LEN-(tp-temp_str));
tp += strlen(num_str);
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment