From: Josh Coalson <jcoalson@users.sourceforce.net>
Date: Fri, 14 Nov 2003 00:06:25 +0000 (+0000)
Subject: fix bug (debian #213172): http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=213172
X-Git-Tag: 1.2.0~990
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=997c6bc1a0fd454c8bc78e2a74823c09a9eea134;p=platform%2Fupstream%2Fflac.git

fix bug (debian #213172): bugs.debian.org/cgi-bin/bugreport.cgi?bug=213172
---

diff --git a/src/flac/Makefile.am b/src/flac/Makefile.am
index da4e0a4..c2d70bb 100644
--- a/src/flac/Makefile.am
+++ b/src/flac/Makefile.am
@@ -31,11 +31,13 @@ flac_SOURCES = \
 	decode.c \
 	encode.c \
 	main.c \
+	string.c \
 	utils.c \
 	vorbiscomment.c \
 	analyze.h \
 	decode.h \
 	encode.h \
+	string.h \
 	utils.h \
 	vorbiscomment.h
 
diff --git a/src/flac/Makefile.lite b/src/flac/Makefile.lite
index cbbee44..32b8263 100644
--- a/src/flac/Makefile.lite
+++ b/src/flac/Makefile.lite
@@ -42,6 +42,7 @@ SRCS_C = \
 	decode.c \
 	encode.c \
 	main.c \
+	string.c \
 	utils.c \
 	vorbiscomment.c
 
diff --git a/src/flac/main.c b/src/flac/main.c
index 4acc936..1454cf9 100644
--- a/src/flac/main.c
+++ b/src/flac/main.c
@@ -38,6 +38,7 @@
 #include "analyze.h"
 #include "decode.h"
 #include "encode.h"
+#include "string.h" /* for strlcat() and strlcpy() */
 #include "utils.h"
 #include "vorbiscomment.h"
 
@@ -70,6 +71,7 @@ static int decode_file(const char *infilename);
 
 static const char *get_encoded_outfilename(const char *infilename);
 static const char *get_decoded_outfilename(const char *infilename);
+static const char *get_outfilename(const char *infilename, const char *suffix);
 
 static void die(const char *message);
 static char *local_strdup(const char *source);
@@ -488,6 +490,10 @@ int do_it()
 				grabbag__replaygain_get_album(&album_gain, &album_peak);
 				for(i = 0; i < option_values.num_files; i++) {
 					const char *error, *outfilename = get_encoded_outfilename(option_values.filenames[i]);
+					if(0 == outfilename) {
+						fprintf(stderr, "ERROR: filename too long: %s", option_values.filenames[i]);
+						return 1;
+					}
 					if(0 == strcmp(option_values.filenames[i], "-")) {
 						FLAC__ASSERT(0);
 						/* double protection */
@@ -1376,6 +1382,11 @@ int encode_file(const char *infilename, FLAC__bool is_first_file, FLAC__bool is_
 	encode_options_t common_options;
 	const char *outfilename = get_encoded_outfilename(infilename);
 
+	if(0 == outfilename) {
+		fprintf(stderr, "ERROR: filename too long: %s", infilename);
+		return 1;
+	}
+
 	if(0 == strcmp(infilename, "-")) {
 		infilesize = -1;
 		encode_infile = grabbag__file_get_binary_stdin();
@@ -1524,6 +1535,11 @@ int decode_file(const char *infilename)
 	decode_options_t common_options;
 	const char *outfilename = get_decoded_outfilename(infilename);
 
+	if(0 == outfilename) {
+		fprintf(stderr, "ERROR: filename too long: %s", infilename);
+		return 1;
+	}
+
 	if(!option_values.test_only && !option_values.analyze) {
 		if(option_values.force_raw_format && (option_values.format_is_big_endian < 0 || option_values.format_is_unsigned_samples < 0))
 			return usage_error("ERROR: for decoding to a raw file you must specify a value for --endian and --sign\n");
@@ -1596,35 +1612,29 @@ int decode_file(const char *infilename)
 
 const char *get_encoded_outfilename(const char *infilename)
 {
-	if(0 == option_values.cmdline_forced_outfilename) {
-		static char buffer[4096]; /* @@@ bad MAGIC NUMBER */
+	const char *suffix = (option_values.use_ogg? ".ogg" : ".flac");
+	return get_outfilename(infilename, suffix);
+}
 
-		if(0 == strcmp(infilename, "-") || option_values.force_to_stdout) {
-			strcpy(buffer, "-");
-		}
-		else {
-			const char *suffix = (option_values.use_ogg? ".ogg" : ".flac");
-			char *p;
-			strcpy(buffer, option_values.output_prefix? option_values.output_prefix : "");
-			strcat(buffer, infilename);
-			if(0 == (p = strrchr(buffer, '.')))
-				strcat(buffer, suffix);
-			else {
-				if(0 == strcmp(p, suffix)) {
-					strcpy(p, "_new");
-					strcat(p, suffix);
-				}
-				else
-					strcpy(p, suffix);
-			}
-		}
-		return buffer;
+const char *get_decoded_outfilename(const char *infilename)
+{
+	const char *suffix;
+	if(option_values.analyze) {
+		suffix = ".ana";
 	}
-	else
-		return option_values.cmdline_forced_outfilename;
+	else if(option_values.force_raw_format) {
+		suffix = ".raw";
+	}
+	else if(option_values.force_aiff_format) {
+		suffix = ".aiff";
+	}
+	else {
+		suffix = ".wav";
+	}
+	return get_outfilename(infilename, suffix);
 }
 
-const char *get_decoded_outfilename(const char *infilename)
+const char *get_outfilename(const char *infilename, const char *suffix)
 {
 	if(0 == option_values.cmdline_forced_outfilename) {
 		static char buffer[4096]; /* @@@ bad MAGIC NUMBER */
@@ -1633,25 +1643,26 @@ const char *get_decoded_outfilename(const char *infilename)
 			strcpy(buffer, "-");
 		}
 		else {
-			static const char *suffixes[] = { ".wav", ".aif", ".raw", ".ana" };
-			const char *suffix = suffixes[
-				option_values.analyze? 3 :
-				option_values.force_raw_format? 2 :
-				option_values.force_aiff_format? 1 :
-				0
-			];
 			char *p;
-			strcpy(buffer, option_values.output_prefix? option_values.output_prefix : "");
-			strcat(buffer, infilename);
-			if(0 == (p = strrchr(buffer, '.')))
-				strcat(buffer, suffix);
+			if (flac__strlcpy(buffer, option_values.output_prefix? option_values.output_prefix : "", sizeof buffer) >= sizeof buffer)
+				return 0;
+			if (flac__strlcat(buffer, infilename, sizeof buffer) >= sizeof buffer)
+				return 0;
+			if(0 == (p = strrchr(buffer, '.'))) {
+				if (flac__strlcat(buffer, suffix, sizeof buffer) >= sizeof buffer)
+					return 0;
+			}
 			else {
 				if(0 == strcmp(p, suffix)) {
-					strcpy(p, "_new");
-					strcat(p, suffix);
+					*p = '\0';
+					if (flac__strlcat(buffer, "_new", sizeof buffer) >= sizeof buffer)
+						return 0;
 				}
-				else
-					strcpy(p, suffix);
+				else {
+					*p = '\0';
+				}
+				if (flac__strlcat(buffer, suffix, sizeof buffer) >= sizeof buffer)
+					return 0;
 			}
 		}
 		return buffer;
diff --git a/src/flac/string.c b/src/flac/string.c
new file mode 100644
index 0000000..c25ea13
--- /dev/null
+++ b/src/flac/string.c
@@ -0,0 +1,102 @@
+/* flac - Command-line FLAC encoder/decoder
+ */
+
+#include "utils.h"
+
+/*	$OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp $
+ *
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ *
+ * Copy src to string dst of size siz.  At most siz-1 characters
+ * will be copied.  Always NUL terminates (unless siz == 0).
+ * Returns strlen(src); if retval >= siz, truncation occurred.
+ */
+size_t
+flac__strlcpy(char *dst, const char *src, size_t siz)
+{
+	register char *d = dst;
+	register const char *s = src;
+	register size_t n = siz;
+
+	/* Copy as many bytes as will fit */
+	if (n != 0 && --n != 0) {
+		do {
+			if ((*d++ = *s++) == 0)
+				break;
+		} while (--n != 0);
+	}
+
+	/* Not enough room in dst, add NUL and traverse rest of src */
+	if (n == 0) {
+		if (siz != 0)
+			*d = '\0';		/* NUL-terminate dst */
+		while (*s++)
+			;
+	}
+
+	return(s - src - 1);	/* count does not include NUL */
+}
+
+/*	$OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp $
+ *
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ *
+ * Appends src to string dst of size siz (unlike strncat, siz is the
+ * full size of dst, not space left).  At most siz-1 characters
+ * will be copied.  Always NUL terminates (unless siz <= strlen(dst)).
+ * Returns strlen(src) + MIN(siz, strlen(initial dst)).
+ * If retval >= siz, truncation occurred.
+ */
+size_t
+flac__strlcat(char *dst, const char *src, size_t siz)
+{
+	register char *d = dst;
+	register const char *s = src;
+	register size_t n = siz;
+	size_t dlen;
+
+	/* Find the end of dst and adjust bytes left but don't go past end */
+	while (n-- != 0 && *d != '\0')
+		d++;
+	dlen = d - dst;
+	n = siz - dlen;
+
+	if (n == 0)
+		return(dlen + strlen(s));
+	while (*s != '\0') {
+		if (n != 1) {
+			*d++ = *s;
+			n--;
+		}
+		s++;
+	}
+	*d = '\0';
+
+	return(dlen + (s - src));	/* count does not include NUL */
+}
diff --git a/src/flac/string.h b/src/flac/string.h
new file mode 100644
index 0000000..b802ec3
--- /dev/null
+++ b/src/flac/string.h
@@ -0,0 +1,25 @@
+/* flac - Command-line FLAC encoder/decoder
+ * Copyright (C) 2002,2003  Josh Coalson
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef flac__string_h
+#define flac__string_h
+
+size_t flac__strlcpy(char *dst, const char *src, size_t siz);
+size_t flac__strlcat(char *dst, const char *src, size_t siz);
+
+#endif