Changeset 5829:09f674dfe78a in roaraudio


Ignore:
Timestamp:
01/06/13 15:26:14 (8 years ago)
Author:
phi
Branch:
default
Phase:
public
Message:

fix possible buffer overflow (which can lead in stack overwrite) caused by ignoring buffer length in write-loop.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • libroar/stream.c

    r5823 r5829  
    13861386ssize_t   roar_profiles_list   (const char ** list, size_t len, size_t offset) { 
    13871387 size_t i; 
    1388  int idx = 0; 
     1388 ssize_t idx = 0; 
    13891389 
    13901390 if ( list == NULL ) { 
     
    13991399  return 0; 
    14001400 
    1401  for (i = offset; _libroar_aiprofiles[i].name != NULL; i++) { 
     1401 for (i = offset; idx < len && _libroar_aiprofiles[i].name != NULL; i++) { 
    14021402  list[idx++] = _libroar_aiprofiles[i].name; 
    14031403 } 
Note: See TracChangeset for help on using the changeset viewer.