calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2a31e7df0e'
${ noResults }
gentoo-overlay/media-sound/peercast/files/peercast-0.1218-CVE-2008-20...

123 lines
4.4 KiB
Raw Blame History

diff -Nurad peercast-0.1218+svn20080104/core/common/channel.cpp peercast-0.1218+svn20080104.new/core/common/channel.cpp
--- peercast-0.1218+svn20080104/core/common/channel.cpp 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/channel.cpp 2008-04-30 17:45:28.000000000 +0200
@@ -440,7 +440,7 @@
if (http.isHeader(PCX_HS_POS))
streamPos = atoi(arg);
else
- Servent::readICYHeader(http, info, NULL);
+ Servent::readICYHeader(http, info, NULL, 0);
LOG_CHANNEL("Channel fetch: %s",http.cmdLine);
}
diff -Nurad peercast-0.1218+svn20080104/core/common/http.cpp peercast-0.1218+svn20080104.new/core/common/http.cpp
--- peercast-0.1218+svn20080104/core/common/http.cpp 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/http.cpp 2008-04-30 17:45:28.000000000 +0200
@@ -102,7 +102,7 @@
return 0;
}
//-----------------------------------------
-void HTTP::getAuthUserPass(char *user, char *pass)
+void HTTP::getAuthUserPass(char *user, char *pass, size_t ulen, size_t plen)
{
if (arg)
{
@@ -119,10 +119,14 @@
if (s)
{
*s = 0;
- if (user)
- strcpy(user,str.cstr());
- if (pass)
- strcpy(pass,s+1);
+ if (user){
+ strncpy(user,str.cstr(), ulen);
+ user[ulen - 1] = 0;
+ }
+ if (pass){
+ strncpy(pass,s+1, plen);
+ pass[plen - 1] = 0;
+ }
}
}
}
diff -Nurad peercast-0.1218+svn20080104/core/common/http.h peercast-0.1218+svn20080104.new/core/common/http.h
--- peercast-0.1218+svn20080104/core/common/http.h 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/http.h 2008-04-30 17:45:28.000000000 +0200
@@ -176,7 +176,7 @@
char *getArgStr();
int getArgInt();
- void getAuthUserPass(char *, char *);
+ void getAuthUserPass(char *, char *, size_t, size_t);
char cmdLine[8192],*arg;
diff -Nurad peercast-0.1218+svn20080104/core/common/servent.h peercast-0.1218+svn20080104.new/core/common/servent.h
--- peercast-0.1218+svn20080104/core/common/servent.h 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/servent.h 2008-04-30 17:45:28.000000000 +0200
@@ -206,7 +206,7 @@
void sendPCPChannel();
void checkPCPComms(Channel *, AtomStream &);
- static void readICYHeader(HTTP &, ChanInfo &, char *);
+ static void readICYHeader(HTTP &, ChanInfo &, char *, size_t);
bool canStream(Channel *);
bool isConnected() {return status == S_CONNECTED;}
diff -Nurad peercast-0.1218+svn20080104/core/common/servhs.cpp peercast-0.1218+svn20080104.new/core/common/servhs.cpp
--- peercast-0.1218+svn20080104/core/common/servhs.cpp 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/servhs.cpp 2008-04-30 17:45:28.000000000 +0200
@@ -587,7 +587,7 @@
{
case ServMgr::AUTH_HTTPBASIC:
if (http.isHeader("Authorization"))
- http.getAuthUserPass(user,pass);
+ http.getAuthUserPass(user,pass, sizeof(user), sizeof(pass));
break;
case ServMgr::AUTH_COOKIE:
if (http.isHeader("Cookie"))
@@ -1405,7 +1405,7 @@
}
// -----------------------------------
-void Servent::readICYHeader(HTTP &http, ChanInfo &info, char *pwd)
+void Servent::readICYHeader(HTTP &http, ChanInfo &info, char *pwd, size_t plen)
{
char *arg = http.getArgStr();
if (!arg) return;
@@ -1429,8 +1429,10 @@
info.desc.set(arg,String::T_ASCII);
info.desc.convertTo(String::T_UNICODE);
- }else if (http.isHeader("Authorization"))
- http.getAuthUserPass(NULL,pwd);
+ }else if (http.isHeader("Authorization")){
+ if(pwd)
+ http.getAuthUserPass(NULL,pwd, 0, plen);
+ }
else if (http.isHeader(PCX_HS_CHANNELID))
info.id.fromStr(arg);
else if (http.isHeader("ice-password"))
@@ -1501,7 +1503,7 @@
while (http.nextHeader())
{
LOG_DEBUG("ICY %s",http.cmdLine);
- readICYHeader(http,info,loginPassword.cstr());
+ readICYHeader(http,info,loginPassword.cstr(), String::MAX_LEN);
}
diff -Nurad peercast-0.1218+svn20080104/core/common/url.cpp peercast-0.1218+svn20080104.new/core/common/url.cpp
--- peercast-0.1218+svn20080104/core/common/url.cpp 2008-04-01 13:59:52.000000000 +0200
+++ peercast-0.1218+svn20080104.new/core/common/url.cpp 2008-04-30 17:45:28.000000000 +0200
@@ -171,7 +171,7 @@
LOG_CHANNEL("Fetch HTTP: %s",http.cmdLine);
ChanInfo tmpInfo = ch->info;
- Servent::readICYHeader(http,ch->info,NULL);
+ Servent::readICYHeader(http,ch->info,NULL, 0);
if (!tmpInfo.name.isEmpty())
ch->info.name = tmpInfo.name;
Reference in new issue View Git Blame Copy Permalink