MyFavMirrors/owntone-server
1
0
Fork 0
mirror of https://github.com/owntone/owntone-server.git synced 2025-04-22 19:45:43 -04:00
Code Issues Packages Projects Releases Wiki Activity

[pipe] Harden pict_tmpfile_recreate() against invalid input, take 2

Browse Source
This commit is contained in:
ejurgensen 2019-09-22 22:56:18 +02:00
parent d2921e9444
commit cae790ed7e
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/inputs/pipe.c
View File

@ -318,19 +318,17 @@ static int
pict_tmpfile_recreate(struct pipe_metadata *pm, const char *ext) pict_tmpfile_recreate(struct pipe_metadata *pm, const char *ext)
{ {
int offset = strlen(PIPE_TMPFILE_TEMPLATE) - PIPE_TMPFILE_TEMPLATE_EXTLEN; int offset = strlen(PIPE_TMPFILE_TEMPLATE) - PIPE_TMPFILE_TEMPLATE_EXTLEN;
int len = strlen(ext);
if (len > PIPE_TMPFILE_TEMPLATE_EXTLEN) if (strlen(ext) > PIPE_TMPFILE_TEMPLATE_EXTLEN)
{ {
DPRINTF(E_LOG, L_PLAYER, "Invalid extension provided to pict_tmpfile_recreate (len=%d): '%s'\n", len, ext); DPRINTF(E_LOG, L_PLAYER, "Invalid extension provided to pict_tmpfile_recreate: '%s'\n", ext);
return -1; return -1;
} }
pict_tmpfile_close(pm); pict_tmpfile_close(pm);
strcpy(pm->pict_tmpfile_path, PIPE_TMPFILE_TEMPLATE); strcpy(pm->pict_tmpfile_path, PIPE_TMPFILE_TEMPLATE);
// Use memcpy instead of strncpy because gcc 8 gives false warnings otherwise strcpy(pm->pict_tmpfile_path + offset, ext);
memcpy(pm->pict_tmpfile_path + offset, ext, len);
pm->pict_tmpfile_fd = mkstemps(pm->pict_tmpfile_path, PIPE_TMPFILE_TEMPLATE_EXTLEN); pm->pict_tmpfile_fd = mkstemps(pm->pict_tmpfile_path, PIPE_TMPFILE_TEMPLATE_EXTLEN);