| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
The function tag_ape_load() retrieves a 32 bit unsigned integer from
the input file, and passes it to g_malloc(). This is dangerous, and
may be used for a denial of service attack on MPD.
|
|
|
|
|
| |
Extend the tagLen check after reading it. Removed the second
(redundant) check after the subtraction.
|
|
|
|
|
|
|
| |
The expression "tagLen - size > 0" may result in an integer underflow
and a buffer overflow, when "size" is larger than "tagLen". "size" is
read from the input file, and must not be trusted. This patch changes
the expression to "tagLen > size", which is a lot safer.
|
|
|
|
|
| |
strcasecmp() is locale dependent, making it a bad choice for internal
string comparisons.
|
|
|
|
|
|
|
|
| |
This updates the copyright header to all be the same, which is
pretty much an update of where to mail request for a copy of the GPL
and the years of the MPD project. This also puts all committers under
'The Music Player Project' umbrella. These entries should go
individually in the AUTHORS file, for consistancy.
|
|
|