Mercurial > mplayer.hg

diff stream/stream_dvb.c @ 22402:963d93b2fe7c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
replaced 2 instances of sprintf() with snprintf() and one instance of strncpy() followed by string termination with strlcpy(); patch by njkain gmail com. This patch is intended to render code easier to audit against buffer oveflows
author nicodvb
date Sat, 03 Mar 2007 13:10:31 +0000
parents cea0eb833758
children 056c2968b148
line wrap: on
line diff
--- a/stream/stream_dvb.c	Sat Mar 03 08:20:00 2007 +0000
+++ b/stream/stream_dvb.c	Sat Mar 03 13:10:31 2007 +0000
@@ -176,8 +176,7 @@
 			ptr->name = (char*) malloc(k+1);
 			if(! ptr->name)
 				continue;
-			strncpy(ptr->name, line, k);
-			ptr->name[k] = 0;
+			strlcpy(ptr->name, line, k+1);
 		}
 		else
 			continue;
@@ -764,7 +763,7 @@
 	conf->cards = NULL;
 	for(i=0; i<MAX_CARDS; i++)
 	{
-		sprintf(filename, "/dev/dvb/adapter%d/frontend0", i);
+		snprintf(filename, sizeof(filename), "/dev/dvb/adapter%d/frontend0", i);
 		fd = open(filename, O_RDONLY|O_NONBLOCK);
 		if(fd < 0)
 		{
@@ -824,7 +823,7 @@
 		conf->cards[conf->count].devno = i;
 		conf->cards[conf->count].list = list;
 		conf->cards[conf->count].type = type;
-		sprintf(name, "DVB-%c card n. %d", type==TUNER_TER ? 'T' : (type==TUNER_CBL ? 'C' : 'S'), conf->count+1);
+		snprintf(name, 20, "DVB-%c card n. %d", type==TUNER_TER ? 'T' : (type==TUNER_CBL ? 'C' : 'S'), conf->count+1);
 		conf->cards[conf->count].name = name;
 		conf->count++;
 	}