diff options
| author | Aidan MacDonald <amachronic@protonmail.com> | 2021-07-24 14:49:32 +0100 |
|---|---|---|
| committer | Aidan MacDonald <amachronic@protonmail.com> | 2021-08-04 19:04:48 +0000 |
| commit | 429a7e2c0a83f70b0dc15c5287547fafcac80a9c (patch) | |
| tree | f92b3f013204e1d3b16bb11a6ecd8f820003f800 | |
| parent | bdd9c8dfc8abc7b066334820bd93e4394571a46b (diff) | |
Avoid buffer overflow when generating bookmark file name
Change-Id: I14f3d83a8089d33f4e900a1d5f965e67082a07ea
| -rw-r--r-- | apps/bookmark.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/apps/bookmark.c b/apps/bookmark.c index 07751c2d4c..dece69dce6 100644 --- a/apps/bookmark.c +++ b/apps/bookmark.c @@ -1103,12 +1103,10 @@ static bool parse_bookmark(const char *bookmark, const bool parse_filenames, con /* Changing this function could result in how the bookmarks are stored. */ /* it would be here that the centralized/decentralized bookmark code */ /* could be placed. */ -/* Always returns true */ +/* Returns true if the file name is generated, false if it was too long */ /* ----------------------------------------------------------------------- */ static bool generate_bookmark_file_name(const char *in) { - int len = strlen(in); - /* if this is a root dir MP3, rename the bookmark file root_dir.bmark */ /* otherwise, name it based on the in variable */ if (!strcmp("/", in)) @@ -1121,15 +1119,24 @@ static bool generate_bookmark_file_name(const char *in) path_strip_volume(in, &filename, true); bool volume_root = *filename == '\0'; #endif - strcpy(global_bookmark_file_name, in); - if(global_bookmark_file_name[len-1] == '/') + size_t len = strlcpy(global_bookmark_file_name, in, MAX_PATH); + if(len >= MAX_PATH) + return false; + + if(global_bookmark_file_name[len-1] == '/') { + global_bookmark_file_name[len-1] = '\0'; len--; + } + #ifdef HAVE_MULTIVOLUME if (volume_root) - strcpy(&global_bookmark_file_name[len], "/volume_dir.bmark"); + len = strlcat(global_bookmark_file_name, "/volume_dir.bmark", MAX_PATH); else #endif - strcpy(&global_bookmark_file_name[len], ".bmark"); + len = strlcat(global_bookmark_file_name, ".bmark", MAX_PATH); + + if(len >= MAX_PATH) + return false; } return true; |