diff options
author | Thomas Martitz <kugel@rockbox.org> | 2014-01-11 18:24:48 +0100 |
---|---|---|
committer | Thomas Martitz <kugel@rockbox.org> | 2014-01-11 18:24:48 +0100 |
commit | 2a471c9e84ddc4f6f407d4fe3ad2a21a1d0e3723 (patch) | |
tree | 63f3e353b1ce425b5348a63c671728449c58e652 /apps/cuesheet.c | |
parent | fe08ac4c2fc2c8c0177ddd6545e3c6a69d07b5db (diff) | |
download | rockbox-2a471c9e84ddc4f6f407d4fe3ad2a21a1d0e3723.tar.gz rockbox-2a471c9e84ddc4f6f407d4fe3ad2a21a1d0e3723.zip |
cuesheet: Fix another possible buffer overflow with long filenames.
Change-Id: I9d8fa8fcb0a872f688664c53881fde93f2de9436
Diffstat (limited to 'apps/cuesheet.c')
-rw-r--r-- | apps/cuesheet.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/apps/cuesheet.c b/apps/cuesheet.c index 0ba71762a9..73dd19fdab 100644 --- a/apps/cuesheet.c +++ b/apps/cuesheet.c | |||
@@ -73,11 +73,13 @@ bool look_for_cuesheet_file(struct mp3entry *track_id3, struct cuesheet_file *cu | |||
73 | if (!dot || !file_exists(cuepath)) | 73 | if (!dot || !file_exists(cuepath)) |
74 | { | 74 | { |
75 | strcpy(cuepath, CUE_DIR); | 75 | strcpy(cuepath, CUE_DIR); |
76 | strlcat(cuepath, slash, MAX_PATH); | 76 | if (strlcat(cuepath, slash, MAX_PATH) >= MAX_PATH) |
77 | goto skip; /* overflow */ | ||
77 | char *dot = strrchr(cuepath, '.'); | 78 | char *dot = strrchr(cuepath, '.'); |
78 | strcpy(dot, ".cue"); | 79 | strcpy(dot, ".cue"); |
79 | if (!file_exists(cuepath)) | 80 | if (!file_exists(cuepath)) |
80 | { | 81 | { |
82 | skip: | ||
81 | if ((len+4) >= MAX_PATH) | 83 | if ((len+4) >= MAX_PATH) |
82 | return false; | 84 | return false; |
83 | strlcpy(cuepath, track_id3->path, MAX_PATH); | 85 | strlcpy(cuepath, track_id3->path, MAX_PATH); |