aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--NEWS1
-rw-r--r--doc/mpd.conf.52
-rw-r--r--src/AudioCompress/compress.c7
-rw-r--r--src/decoder/_ogg_common.c14
-rw-r--r--src/update_walk.c12
5 files changed, 27 insertions, 9 deletions
diff --git a/NEWS b/NEWS
index 873c91762..9cde9bce3 100644
--- a/NEWS
+++ b/NEWS
@@ -20,6 +20,7 @@ ver 0.17.2 (2012/??/??)
* playlist: fix memory leak
* state_file: save song priorities
* player: disable cross-fading in "single" mode
+* update: fix unsafe readlink() usage
ver 0.17.1 (2012/07/31)
diff --git a/doc/mpd.conf.5 b/doc/mpd.conf.5
index d502e0564..33049bf3c 100644
--- a/doc/mpd.conf.5
+++ b/doc/mpd.conf.5
@@ -216,7 +216,7 @@ default is 5.
.TP
.B max_playlist_length <number>
This specifies the maximum number of songs that can be in the playlist. The
-default is 4096.
+default is 16384.
.TP
.B max_command_list_size <size in KiB>
This specifies the maximum size a command list can be. The default is 2048.
diff --git a/src/AudioCompress/compress.c b/src/AudioCompress/compress.c
index 36cdfd8dd..fd51ac3a3 100644
--- a/src/AudioCompress/compress.c
+++ b/src/AudioCompress/compress.c
@@ -33,6 +33,9 @@ struct Compressor {
struct Compressor *Compressor_new(unsigned int history)
{
struct Compressor *obj = malloc(sizeof(struct Compressor));
+ if (obj == NULL)
+ /* out of memory, not much we can do */
+ abort();
obj->prefs.target = TARGET;
obj->prefs.maxgain = GAINMAX;
@@ -61,6 +64,10 @@ void Compressor_delete(struct Compressor *obj)
static int *resizeArray(int *data, int newsz, int oldsz)
{
data = realloc(data, newsz*sizeof(int));
+ if (data == NULL)
+ /* out of memory, not much we can do */
+ abort();
+
if (newsz > oldsz)
memset(data + oldsz, 0, sizeof(int)*(newsz - oldsz));
return data;
diff --git a/src/decoder/_ogg_common.c b/src/decoder/_ogg_common.c
index bedd3de61..09d2712da 100644
--- a/src/decoder/_ogg_common.c
+++ b/src/decoder/_ogg_common.c
@@ -33,12 +33,14 @@ ogg_stream_type ogg_stream_type_detect(struct input_stream *inStream)
size_t r;
r = decoder_read(NULL, inStream, buf, sizeof(buf));
- if (r >= 32 && memcmp(buf, "OggS", 4) == 0 && (
- (memcmp(buf+29, "FLAC", 4) == 0
- && memcmp(buf+37, "fLaC", 4) == 0)
- || (memcmp(buf+28, "FLAC", 4) == 0)
- || (memcmp(buf+28, "fLaC", 4) == 0))) {
+ if (r < sizeof(buf) || memcmp(buf, "OggS", 4) != 0)
+ return VORBIS;
+
+ if ((memcmp(buf + 29, "FLAC", 4) == 0 &&
+ memcmp(buf + 37, "fLaC", 4) == 0) ||
+ memcmp(buf + 28, "FLAC", 4) == 0 ||
+ memcmp(buf + 28, "fLaC", 4) == 0)
return FLAC;
- }
+
return VORBIS;
}
diff --git a/src/update_walk.c b/src/update_walk.c
index 615bf41a8..8554e8f3c 100644
--- a/src/update_walk.c
+++ b/src/update_walk.c
@@ -283,12 +283,20 @@ skip_symlink(const struct directory *directory, const char *utf8_name)
return true;
char buffer[MPD_PATH_MAX];
- ssize_t ret = readlink(path_fs, buffer, sizeof(buffer));
+ ssize_t length = readlink(path_fs, buffer, sizeof(buffer));
g_free(path_fs);
- if (ret < 0)
+ if (length < 0)
/* don't skip if this is not a symlink */
return errno != EINVAL;
+ if ((size_t)length >= sizeof(buffer))
+ /* skip symlinks when the buffer is too small for the
+ link target */
+ return true;
+
+ /* null-terminate the buffer, because readlink() will not */
+ buffer[length] = 0;
+
if (!follow_inside_symlinks && !follow_outside_symlinks) {
/* ignore all symlinks */
return true;