Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc
Commits
51166b98
Commit
51166b98
authored
Jul 11, 2005
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Avoid buffer overflow
(local account needed, but possibly not same user as VLC)
parent
d367c2f5
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
4 deletions
+11
-4
modules/control/http.c
modules/control/http.c
+11
-4
No files found.
modules/control/http.c
View file @
51166b98
...
@@ -525,7 +525,7 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
...
@@ -525,7 +525,7 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
char
**
ppsz_hosts
=
NULL
;
char
**
ppsz_hosts
=
NULL
;
int
i_hosts
=
0
;
int
i_hosts
=
0
;
int
i
;
int
i
,
i_dirlen
;
#ifdef HAVE_SYS_STAT_H
#ifdef HAVE_SYS_STAT_H
if
(
stat
(
psz_dir
,
&
stat_info
)
==
-
1
||
!
S_ISDIR
(
stat_info
.
st_mode
)
)
if
(
stat
(
psz_dir
,
&
stat_info
)
==
-
1
||
!
S_ISDIR
(
stat_info
.
st_mode
)
)
...
@@ -540,6 +540,13 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
...
@@ -540,6 +540,13 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
return
VLC_EGENERIC
;
return
VLC_EGENERIC
;
}
}
i_dirlen
=
strlen
(
psz_dir
);
if
(
i_dirlen
+
10
>
MAX_DIR_SIZE
)
{
msg_Warn
(
p_intf
,
"skipping too deep dir (%s)"
,
psz_dir
);
return
0
;
}
msg_Dbg
(
p_intf
,
"dir=%s"
,
psz_dir
);
msg_Dbg
(
p_intf
,
"dir=%s"
,
psz_dir
);
sprintf
(
dir
,
"%s/.access"
,
psz_dir
);
sprintf
(
dir
,
"%s/.access"
,
psz_dir
);
...
@@ -621,10 +628,10 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
...
@@ -621,10 +628,10 @@ static int ParseDirectory( intf_thread_t *p_intf, char *psz_root,
break
;
break
;
}
}
if
(
p_dir_content
->
d_name
[
0
]
==
'.'
)
if
(
(
p_dir_content
->
d_name
[
0
]
==
'.'
)
{
||
(
i_dirlen
+
strlen
(
p_dir_content
->
d_name
)
>
MAX_DIR_SIZE
)
)
continue
;
continue
;
}
sprintf
(
dir
,
"%s/%s"
,
psz_dir
,
p_dir_content
->
d_name
);
sprintf
(
dir
,
"%s/%s"
,
psz_dir
,
p_dir_content
->
d_name
);
if
(
ParseDirectory
(
p_intf
,
psz_root
,
dir
)
)
if
(
ParseDirectory
(
p_intf
,
psz_root
,
dir
)
)
{
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment