pandory500/SDL-mirror
2
0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed potential buffer overflow in Linux CD code (thanks Ryan!)

Browse source 
--HG--
extra : convert_revision : svn%3Ac70aab31-4412-0410-b14c-859654838e24/trunk%40140
This commit is contained in:
Sam Lantinga 2001-08-09 05:34:17 +00:00
parent 848f5a9b72
commit 8fd4e7fc4e
1 changed files with 15 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/cdrom/linux/SDL_syscdrom.c
View file

@ -181,10 +181,21 @@ static void CheckMounts(const char *mtab)
mntfp = setmntent(mtab, "r"); mntfp = setmntent(mtab, "r");
if ( mntfp != NULL ) { if ( mntfp != NULL ) {
char *tmp, mnt_type[32], mnt_dev[1024]; char *tmp;
char *mnt_type;
char *mnt_dev;
while ( (mntent=getmntent(mntfp)) != NULL ) { while ( (mntent=getmntent(mntfp)) != NULL ) {
/* Warning, possible buffer overflow.. */ mnt_type = malloc(strlen(mntent->mnt_type) + 1);
if (mnt_type == NULL)
continue; /* maybe you'll get lucky next time. */
mnt_dev = malloc(strlen(mntent->mnt_fsname) + 1);
if (mnt_dev == NULL) {
free(mnt_type);
continue;
}
strcpy(mnt_type, mntent->mnt_type); strcpy(mnt_type, mntent->mnt_type);
strcpy(mnt_dev, mntent->mnt_fsname); strcpy(mnt_dev, mntent->mnt_fsname);
@ -216,6 +227,8 @@ static void CheckMounts(const char *mtab)
AddDrive(mnt_dev, &stbuf); AddDrive(mnt_dev, &stbuf);
} }
} }
free(mnt_dev);
free(mnt_type);
} }
endmntent(mntfp); endmntent(mntfp);
} }