]> git.pld-linux.org Git - packages/libmp3splt.git/blob - libmp3splt-format_security.patch
projects / packages / libmp3splt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
noarch apidocs
[packages/libmp3splt.git] / libmp3splt-format_security.patch
1 diff -urN libmp3splt-0.9.0.orig/src/oformat_parser.c libmp3splt-0.9.0/src/oformat_parser.c
2 --- libmp3splt-0.9.0.orig/src/oformat_parser.c  2014-03-22 23:25:22.076480090 +0100
3 +++ libmp3splt-0.9.0/src/oformat_parser.c       2014-03-22 23:30:02.099814984 +0100
4 @@ -533,7 +533,7 @@
5                int max_number_of_digits = splt_u_get_requested_num_of_digits(state,
6                    state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE);
7  
8 -              snprintf(temp + offset, temp_len, format);
9 +              snprintf(temp + offset, temp_len, "%s", format);
10  
11                fm_length = strlen(temp) + 1 + max_number_of_digits;
12                if ((fm = malloc(fm_length * sizeof(char))) == NULL)
13 @@ -563,7 +563,7 @@
14            //
15            if (artist_or_performer != NULL)
16            {
17 -            snprintf(temp+2,temp_len, state->oformat.format[i]+2);
18 +            snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
19  
20              int artist_length = 0;
21              artist_length = strlen(artist_or_performer);
22 @@ -571,7 +571,7 @@
23            }
24            else
25            {
26 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
27 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
28              fm_length = strlen(temp) + 1;
29            }
30  
31 @@ -591,7 +591,7 @@
32            }
33            else
34            {
35 -            snprintf(fm, fm_length, temp);
36 +            snprintf(fm, fm_length, "%s", temp);
37            }
38  
39            break;
40 @@ -608,7 +608,7 @@
41            //
42            if (artist != NULL)
43            {
44 -            snprintf(temp+2,temp_len, state->oformat.format[i]+2);
45 +            snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
46  
47              int artist_length = 0;
48              artist_length = strlen(artist);
49 @@ -616,7 +616,7 @@
50            }
51            else
52            {
53 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
54 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
55              fm_length = strlen(temp) + 1;
56            }
57  
58 @@ -636,7 +636,7 @@
59            }
60            else
61            {
62 -            snprintf(fm, fm_length, temp);
63 +            snprintf(fm, fm_length, "%s", temp);
64            }
65            break;
66          case 'b':
67 @@ -654,13 +654,13 @@
68            {
69              int album_length = 0;
70              album_length = strlen(album);
71 -            snprintf(temp+2, temp_len, state->oformat.format[i]+2);
72 +            snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
73  
74              fm_length = strlen(temp) + album_length + 1;
75            }
76            else
77            {
78 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
79 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
80              fm_length = strlen(temp) + 1;
81            }
82  
83 @@ -698,13 +698,13 @@
84            {
85              int genre_length = 0;
86              genre_length = strlen(genre);
87 -            snprintf(temp+2, temp_len, state->oformat.format[i]+2);
88 +            snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
89  
90              fm_length = strlen(temp) + genre_length + 1;
91            }
92            else
93            {
94 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
95 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
96              fm_length = strlen(temp) + 1;
97            }
98  
99 @@ -742,13 +742,13 @@
100            {
101              int title_length = 0;
102              title_length = strlen(title);
103 -            snprintf(temp+2, temp_len, state->oformat.format[i]+2);
104 +            snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
105  
106              fm_length = strlen(temp) + title_length + 1;
107            }
108            else
109            {
110 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
111 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
112              fm_length = strlen(temp) + 1;
113            }
114  
115 @@ -768,7 +768,7 @@
116            }
117            else
118            {
119 -            snprintf(fm, fm_length, temp);
120 +            snprintf(fm, fm_length, "%s", temp);
121            }
122            break;
123          case 'p':
124 @@ -786,13 +786,13 @@
125            {
126              int performer_length = 0;
127              performer_length = strlen(performer);
128 -            snprintf(temp+2, temp_len, state->oformat.format[i]+2);
129 +            snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2);
130  
131              fm_length = strlen(temp) + performer_length + 1;
132            }
133            else
134            {
135 -            snprintf(temp,temp_len, state->oformat.format[i]+2);
136 +            snprintf(temp,temp_len, "%s", state->oformat.format[i]+2);
137              fm_length = strlen(temp) + 1;
138            }
139  
140 @@ -811,7 +811,7 @@
141            }
142            else
143            {
144 -            snprintf(fm, fm_length, temp);
145 +            snprintf(fm, fm_length, "%s", temp);
146            }
147            break;
148          case 'l':
149 @@ -861,7 +861,7 @@
150              const char *format =
151                splt_u_get_format_ptr(state->oformat.format[i], temp, NULL);
152  
153 -            snprintf(temp + 4, temp_len, format + 2);
154 +            snprintf(temp + 4, temp_len, "%s", format + 2);
155              fm_length = strlen(temp) + 1 + max_num_of_digits;
156            }
157            else
158 @@ -902,7 +902,7 @@
159              original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state)));
160              if (original_filename)
161              {
162 -              snprintf(temp+2,temp_len, state->oformat.format[i]+2);
163 +              snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2);
164  
165                splt_su_cut_extension(original_filename);
166  
Libraries for the mp3splt project
This page took 0.072888 seconds and 3 git commands to generate.