diff options
author | James Meyer <james.meyer@operamail.com> | 2012-08-07 14:42:59 (GMT) |
---|---|---|
committer | James Meyer <james.meyer@operamail.com> | 2012-08-07 14:42:59 (GMT) |
commit | e2fa4ac78e97238eedb771a373a1595dd3013f56 (patch) | |
tree | b19c0f0efbe5d4b724508b1ec77a226f789b8fde /abs/core/libcdaudio/01-cddb-bufferoverflow.patch | |
parent | 086090b673780c3374f22766f2269ebc7521a822 (diff) | |
download | linhes_pkgbuild-e2fa4ac78e97238eedb771a373a1595dd3013f56.zip linhes_pkgbuild-e2fa4ac78e97238eedb771a373a1595dd3013f56.tar.gz linhes_pkgbuild-e2fa4ac78e97238eedb771a373a1595dd3013f56.tar.bz2 |
libcdaudio 0.99.12
Diffstat (limited to 'abs/core/libcdaudio/01-cddb-bufferoverflow.patch')
-rw-r--r-- | abs/core/libcdaudio/01-cddb-bufferoverflow.patch | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/abs/core/libcdaudio/01-cddb-bufferoverflow.patch b/abs/core/libcdaudio/01-cddb-bufferoverflow.patch new file mode 100644 index 0000000..0a44497 --- /dev/null +++ b/abs/core/libcdaudio/01-cddb-bufferoverflow.patch @@ -0,0 +1,15 @@ +Author: Moritz Muehlenhoff <jmm@inutil.org> +Description: CAN-2005-0706: Bufferoverflow in CDDB lookup parsing + +diff -Naurp libcdaudio.orig/src/cddb.c libcdaudio/src/cddb.c +--- libcdaudio.orig/src/cddb.c 2009-08-02 10:30:05.000000000 +0000 ++++ libcdaudio/src/cddb.c 2009-08-02 10:34:57.000000000 +0000 +@@ -1052,7 +1052,7 @@ cddb_query(int cd_desc, int sock, + } + + query->query_matches = 0; +- while(!cddb_read_line(sock, inbuffer, 256)) { ++ while(query->query_matches < MAX_INEXACT_MATCHES && !cddb_read_line(sock, inbuffer, 256)) { + slashed = 0; + if(strchr(inbuffer, '/') != NULL && parse_disc_artist) { + index = 0; |