Annotation of /trunk/mplayer/patches/mplayer-1.0_rc1-CVE-2007-2948.patch
Parent Directory
| 
Revision Log
Revision 224 -
(hide annotations)
(download)
Sat Jun 23 13:53:28 2007 UTC (16 years, 11 months ago) by niro
File size: 1226 byte(s)
Sat Jun 23 13:53:28 2007 UTC (16 years, 11 months ago) by niro
File size: 1226 byte(s)
-new fixes
| 1 | niro | 224 | --- trunk/stream/stream_cddb.c 2007/05/10 11:43:39 23287 |
| 2 | +++ trunk/stream/stream_cddb.c 2007/06/05 11:13:32 23470 | ||
| 3 | @@ -377,7 +377,7 @@ | ||
| 4 | |||
| 5 | switch(status) { | ||
| 6 | case 210: | ||
| 7 | - ret = sscanf( http_hdr->body, "%d %s %08lx", &status, category, &disc_id); | ||
| 8 | + ret = sscanf( http_hdr->body, "%d %99s %08lx", &status, category, &disc_id); | ||
| 9 | if( ret!=3 ) { | ||
| 10 | mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError); | ||
| 11 | return -1; | ||
| 12 | @@ -438,7 +438,7 @@ | ||
| 13 | ptr++; | ||
| 14 | // We have a list of exact/inexact matches, so which one do we use? | ||
| 15 | // So let's take the first one. | ||
| 16 | - ret = sscanf(ptr, "%s %08lx %s", cddb_data->category, &(cddb_data->disc_id), album_title); | ||
| 17 | + ret = sscanf(ptr, "%99s %08lx %99s", cddb_data->category, &(cddb_data->disc_id), album_title); | ||
| 18 | if( ret!=3 ) { | ||
| 19 | mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError); | ||
| 20 | return -1; | ||
| 21 | @@ -475,7 +475,7 @@ | ||
| 22 | switch(status) { | ||
| 23 | case 200: | ||
| 24 | // Found exact match | ||
| 25 | - ret = sscanf(http_hdr->body, "%d %s %08lx %s", &status, cddb_data->category, &(cddb_data->disc_id), album_title); | ||
| 26 | + ret = sscanf(http_hdr->body, "%d %99s %08lx %99s", &status, cddb_data->category, &(cddb_data->disc_id), album_title); | ||
| 27 | if( ret!=4 ) { | ||
| 28 | mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError); | ||
| 29 | return -1; |