[xine-cvs] CVS: xine-lib/src/input input_dvd.c,1.214,1.215

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/xine/xine-lib/src/input
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv3065/src/input

Modified Files:
	input_dvd.c 
Log Message:
Remove any possibility of strcpy/sprintf overflows wrt front ends requesting
language & subtitle strings (given a buffer of >= XINE_LANG_MAX bytes).
Also fixes an off-by-one buffer termination in the TS code.
(Note: compile-tested only.)

Index: input_dvd.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/input/input_dvd.c,v
retrieving revision 1.214
retrieving revision 1.215
diff -u -r1.214 -r1.215

--- input_dvd.c	19 Jan 2007 01:05:25 -0000	1.214
+++ input_dvd.c	8 Feb 2007 02:40:23 -0000	1.215
@@ -1278,7 +1278,7 @@
     if(this && this->stream && this->dvdnav) {
 
       if(!(dvdnav_is_domain_vts(this->dvdnav))) {
-	sprintf(data, "%s", "menu");
+	strcpy(data, "menu");
 	if (channel <= 0)
 	  return INPUT_OPTIONAL_SUCCESS;
 	else
@@ -1297,11 +1297,11 @@
 	  sprintf(data, " %c%c", lang >> 8, lang & 0xff);
 	  /* TODO: provide long version in XINE_META_INFO_FULL_LANG */
 	else
-	  sprintf(data, " %c%c", '?', '?');
+	  strcpy(data, " ??");
 	return INPUT_OPTIONAL_SUCCESS;
       } else {
         if (channel == -1) {
-	  sprintf(data, "%s", "none");
+	  strcpy(data, "none");
 	  return INPUT_OPTIONAL_SUCCESS;
 	}
       }



