Commit 47f34be8 authored by Sam Hocevar's avatar Sam Hocevar

* ./src/interface/intf_msg.c: backported a buffer overflow fix from HEAD.

parent 095d07d4
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* Collection of useful common types and macros definitions * Collection of useful common types and macros definitions
***************************************************************************** *****************************************************************************
* Copyright (C) 1998, 1999, 2000 VideoLAN * Copyright (C) 1998, 1999, 2000 VideoLAN
* $Id: common.h,v 1.108 2002/05/20 22:36:42 sam Exp $ * $Id: common.h,v 1.108.2.1 2002/08/10 19:40:03 sam Exp $
* *
* Authors: Samuel Hocevar <sam@via.ecp.fr> * Authors: Samuel Hocevar <sam@via.ecp.fr>
* Vincent Seguin <seguin@via.ecp.fr> * Vincent Seguin <seguin@via.ecp.fr>
...@@ -457,8 +457,12 @@ typedef __int64 off_t; ...@@ -457,8 +457,12 @@ typedef __int64 off_t;
# define O_NONBLOCK 0 # define O_NONBLOCK 0
# endif # endif
/* These two are not defined in mingw32 (bug?) */
# ifndef snprintf # ifndef snprintf
# define snprintf _snprintf /* snprintf not defined in mingw32 (bug?) */ # define snprintf _snprintf
# endif
# ifndef vsnprintf
# define vsnprintf _vsnprintf
# endif # endif
#endif #endif
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
* interface, such as message output. See config.h for output configuration. * interface, such as message output. See config.h for output configuration.
***************************************************************************** *****************************************************************************
* Copyright (C) 1998-2001 VideoLAN * Copyright (C) 1998-2001 VideoLAN
* $Id: intf_msg.c,v 1.49 2002/05/17 00:58:13 sam Exp $ * $Id: intf_msg.c,v 1.49.2.1 2002/08/10 19:40:04 sam Exp $
* *
* Authors: Vincent Seguin <seguin@via.ecp.fr> * Authors: Vincent Seguin <seguin@via.ecp.fr>
* *
...@@ -311,6 +311,9 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap ) ...@@ -311,6 +311,9 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap )
#ifdef WIN32 #ifdef WIN32
char * psz_temp; char * psz_temp;
#endif #endif
#ifndef HAVE_VASPRINTF
int i_size = strlen(psz_format) + INTF_MAX_MSG_SIZE;
#endif
/* /*
* Convert message to string * Convert message to string
...@@ -318,7 +321,7 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap ) ...@@ -318,7 +321,7 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap )
#ifdef HAVE_VASPRINTF #ifdef HAVE_VASPRINTF
vasprintf( &psz_str, psz_format, ap ); vasprintf( &psz_str, psz_format, ap );
#else #else
psz_str = (char*) malloc( strlen(psz_format) + INTF_MAX_MSG_SIZE ); psz_str = (char*) malloc( i_size * sizeof(char) );
#endif #endif
if( psz_str == NULL ) if( psz_str == NULL )
...@@ -338,11 +341,12 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap ) ...@@ -338,11 +341,12 @@ static void QueueMsg( int i_type, int i_level, char *psz_format, va_list ap )
fprintf(stderr, "intf warning: couldn't print message"); fprintf(stderr, "intf warning: couldn't print message");
return; return;
} }
vsprintf( psz_str, psz_temp, ap ); vsnprintf( psz_str, i_size, psz_temp, ap );
free( psz_temp ); free( psz_temp );
# else # else
vsprintf( psz_str, psz_format, ap ); vsnprintf( psz_str, i_size, psz_format, ap );
# endif # endif
psz_str[ i_size - 1 ] = 0; /* Just in case */
#endif #endif
/* Put message in queue */ /* Put message in queue */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment