Mercurial > mplayer.hg

changeset 22188:b9fa8b0ddab9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
strncat() misuses, may have been exploitable. Reported by Sascha Sommer.
author rtogni
date Sun, 11 Feb 2007 18:00:06 +0000
parents 88b36fd17976
children 6b84fac921eb
files stream/freesdp/parser.c
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/stream/freesdp/parser.c	Sun Feb 11 17:57:02 2007 +0000
+++ b/stream/freesdp/parser.c	Sun Feb 11 18:00:06 2007 +0000
@@ -832,9 +832,9 @@
           {
             /* ignore unknown attributes, but provide access to them */
             *fsdp_buf[1] = '\0';
-            strncat (fsdp_buf[1], fsdp_buf[0], MAXLONGFIELDLEN);
-            strncat (fsdp_buf[1], ":", MAXLONGFIELDLEN);
-            strncat (fsdp_buf[1], longfsdp_buf, MAXLONGFIELDLEN);
+            strncat (fsdp_buf[1], fsdp_buf[0], MAXSHORTFIELDLEN-1);
+            strncat (fsdp_buf[1], ":", MAXSHORTFIELDLEN-strlen(fsdp_buf[1])-1);
+            strncat (fsdp_buf[1], longfsdp_buf, MAXSHORTFIELDLEN-strlen(fsdp_buf[1])-1);
             if (NULL == media->unidentified_attributes)
             {
               media->unidentified_attributes_count = 0;