[Mplayer-cvslog] CVS: main/Gui/skin font.c, 1.16, 1.17 skin.c, 1.24, 1.25

Diego Biurrun CVS syncmail at mplayerhq.hu
Fri Jun 25 18:49:55 CEST 2004


CVS change done by Diego Biurrun CVS

Update of /cvsroot/mplayer/main/Gui/skin
In directory mail:/var2/tmp/cvs-serv17907/Gui/skin

Modified Files:
	font.c skin.c 
Log Message:
string handling security fixes
patch by Nicholas Kain, Alexander Strasser <eclipse7 at gmx.net>
reviewed by Pontscho, Alex, Rich


Index: font.c
===================================================================
RCS file: /cvsroot/mplayer/main/Gui/skin/font.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- font.c	20 Mar 2003 12:42:15 -0000	1.16
+++ font.c	25 Jun 2004 16:49:52 -0000	1.17
@@ -27,7 +27,7 @@
 
  if ( ( Fonts[id]=calloc( 1,sizeof( bmpFont ) ) ) == NULL ) return -1;
 
- strcpy( Fonts[id]->name,name );
+ strlcpy( Fonts[id]->name,name,128 ); // FIXME: as defined in font.h
  for ( i=0;i<256;i++ ) 
    Fonts[id]->Fnt[i].x=Fonts[id]->Fnt[i].y=Fonts[id]->Fnt[i].sx=Fonts[id]->Fnt[i].sy=-1;
 
@@ -60,7 +60,8 @@
  
  if ( id < 0 ) return id;
 
- strcpy( tmp,path ); strcat( tmp,fname ); strcat( tmp,".fnt" );
+ strlcpy( tmp,path,sizeof( tmp ) );
+ strlcat( tmp,fname,sizeof( tmp ) ); strlcat( tmp,".fnt",sizeof( tmp ) );
  if ( ( f=fopen( tmp,"rt" ) ) == NULL ) 
    { free( Fonts[id] ); return -3; }
    
@@ -93,7 +94,7 @@
      {
       if ( !strcmp( command,"image" ) )
        {
-        strcpy( tmp,path ); strcat( tmp,param );
+        strlcpy( tmp,path,sizeof( tmp )  ); strlcat( tmp,param,sizeof( tmp ) );
         mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"[font] font imagefile: %s\n",tmp );
         if ( skinBPRead( tmp,&Fonts[id]->Bitmap ) ) return -4;
        }

Index: skin.c
===================================================================
RCS file: /cvsroot/mplayer/main/Gui/skin/skin.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- skin.c	3 Jun 2003 17:36:25 -0000	1.24
+++ skin.c	25 Jun 2004 16:49:52 -0000	1.25
@@ -116,7 +116,7 @@
 {
  CHECKDEFLIST( "window" );
 
- strcpy( window_name,strlower( in ) );
+ strlcpy( window_name,strlower( in ),sizeof( window_name ) );
  if ( !strncmp( in,"main",4 ) ) { currSection=&skinAppMPlayer->main; currSubItem=&skinAppMPlayer->NumberOfItems; currSubItems=skinAppMPlayer->Items; }
   else if ( !strncmp( in,"sub",3 ) ) currSection=&skinAppMPlayer->sub;
    else if ( !strncmp( in,"playbar",7 ) ) { currSection=&skinAppMPlayer->bar; currSubItem=&skinAppMPlayer->NumberOfBarItems; currSubItems=skinAppMPlayer->barItems; }
@@ -147,7 +147,7 @@
    defList->main.x=x;
    defList->main.y=y;
    defList->main.type=itBase;
-   strcpy( tmp,path ); strcat( tmp,fname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&defList->main.Bitmap ) ) return 1;
    defList->main.width=defList->main.Bitmap.Width;
    defList->main.height=defList->main.Bitmap.Height;
@@ -162,7 +162,7 @@
  if ( !strcmp( window_name,"sub" ) )
   {
    defList->sub.type=itBase;
-   strcpy( tmp,path ); strcat( tmp,fname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&defList->sub.Bitmap ) ) return 1;
    defList->sub.x=x;
    defList->sub.y=y;
@@ -179,7 +179,7 @@
   {
    defList->menuIsPresent=1;
    defList->menuBase.type=itBase;
-   strcpy( tmp,path ); strcat( tmp,fname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&defList->menuBase.Bitmap ) ) return 1;
    defList->menuBase.width=defList->menuBase.Bitmap.Width;
    defList->menuBase.height=defList->menuBase.Bitmap.Height;
@@ -197,7 +197,7 @@
    defList->bar.x=x;
    defList->bar.y=y;
    defList->bar.type=itBase;
-   strcpy( tmp,path ); strcat( tmp,fname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&defList->bar.Bitmap ) ) return 1;
    defList->bar.width=defList->bar.Bitmap.Width;
    defList->bar.height=defList->bar.Bitmap.Height;
@@ -268,7 +268,7 @@
  currSubItems[ *currSubItem ].Bitmap.Image=NULL;
  if ( strcmp( fname,"NULL" ) )
   {
-   strcpy( tmp,path ); strcat( tmp,fname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&currSubItems[ *currSubItem ].Bitmap ) ) return 1;
   }
 
@@ -289,7 +289,7 @@
 
  cutItem( in,fname,',',0 );
  defList->menuSelected.type=itBase;
- strcpy( tmp,path ); strcat( tmp,fname );
+ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); 
  mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"\n[skin] selected: %s\n",fname );
  if ( skinBPRead( tmp,&defList->menuSelected.Bitmap ) ) return 1;
  defList->menuSelected.width=defList->menuSelected.Bitmap.Width;
@@ -381,14 +381,14 @@
  item->Bitmap.Image=NULL;
  if ( strcmp( phfname,"NULL" ) )
   {
-   strcpy( tmp,path ); strcat( tmp,phfname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&item->Bitmap ) ) return 1;
   }
 
  item->Mask.Image=NULL;
  if ( strcmp( pfname,"NULL" ) )
   {
-   strcpy( tmp,path ); strcat( tmp,pfname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, pfname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&item->Mask ) ) return 1;
   }
  return 0;
@@ -445,7 +445,7 @@
  item->Bitmap.Image=NULL;
  if ( strcmp( phfname,"NULL" ) )
   {
-   strcpy( tmp,path ); strcat( tmp,phfname );
+   strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); 
    if ( skinBPRead( tmp,&item->Bitmap ) ) return 1;
   }
  return 0;
@@ -655,7 +655,12 @@
 FILE * skinFile;
 
 void setname( char * item1, char * item2 )
-{ strcpy( fn,item1 ); strcat( fn,"/" ); strcat( fn,item2 ); strcpy( path,fn ); strcat( path,"/" ); strcat( fn,"/skin" ); }
+{
+  strlcpy(fn, item1, sizeof( fn ));
+  strlcat(fn, "/", sizeof( fn )); strlcat(fn, item2, sizeof( fn ));
+  strlcpy(path, fn, sizeof( path )); strlcat(path, "/", sizeof( path ));
+  strlcat(fn, "/skin", sizeof( fn ));
+}
 
 int skinRead( char * dname )
 {




More information about the MPlayer-cvslog mailing list