pkgsrc/audio/mpg123/patches/patch-at
drochner 80e13c626a Fix a buffer overflow by a malicous playlist (CAN-2004-1284).
Being here, fix a possible problem which was mentioned in conjunction
with CAN-2003-0577 - zero bitrate makes mpg123 assume a negative
frame size.
bump PKGREVISION
2005-01-07 14:52:13 +00:00

17 lines
692 B
Text

$NetBSD: patch-at,v 1.1 2005/01/07 14:52:13 drochner Exp $
--- mpg123.c.orig 2005-01-07 15:18:27.000000000 +0100
+++ mpg123.c
@@ -309,9 +309,9 @@ char *find_next_file (int argc, char *ar
if (line[0]=='\0' || line[0]=='#')
continue;
if ((listnamedir) && (line[0]!='/') && (line[0]!='\\')){
- strcpy (linetmp, listnamedir);
- strcat (linetmp, line);
- strcpy (line, linetmp);
+ strncpy (linetmp, listnamedir, 1023);
+ strncat (linetmp, line, 1023 - strlen(linetmp));
+ strncpy (line, linetmp, 1023);
}
return (line);
}