pkgsrc/audio/audacity/patches/patch-ba
drochner 5ed2ca5c25 patch around SA33356: Audacity "String_parse::get_nonspace_quoted()"
Buffer Overflow
(homegrown patch, might be sufficient or not)
bump PKGREVISION
2009-01-13 12:38:49 +00:00

24 lines
811 B
Text

$NetBSD: patch-ba,v 1.1 2009/01/13 12:38:49 drochner Exp $
--- lib-src/allegro/strparse.cpp.orig 2006-11-15 05:12:11.000000000 +0100
+++ lib-src/allegro/strparse.cpp
@@ -16,8 +16,9 @@ char String_parse::peek()
}
-void String_parse::get_nonspace_quoted(char *field)
+void String_parse::get_nonspace_quoted(char *field, int flen)
{
+ char *ofield = field;
skip_space();
bool quoted = false;
if (string[pos] == '"') {
@@ -25,7 +26,7 @@ void String_parse::get_nonspace_quoted(c
*field++ = '"';
pos = pos + 1;
}
- while (string[pos] && (quoted || !isspace(string[pos]))) {
+ while (string[pos] && (quoted || !isspace(string[pos])) && (field - ofield) < (flen - 2)) {
if (string[pos] == '"') {
if (quoted) {
*field++ = '"';