From 70c0dc335f5750934c503bdf6ad74daf0f5cf251 Mon Sep 17 00:00:00 2001
From: Gediminas Jarulaitis <beos.zealot@gmail.com>
Date: Thu, 28 Feb 2013 21:55:19 +0200
Subject: [PATCH] iso9660 file system driver buffer overflows bugfix rev2
---
src/add-ons/kernel/file_systems/iso9660/iso9660.cpp | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/add-ons/kernel/file_systems/iso9660/iso9660.cpp b/src/add-ons/kernel/file_systems/iso9660/iso9660.cpp
index 039c57d..8a0c9ff 100644
|
a
|
b
|
InitVolDesc(iso9660_volume *volume, char *buffer)
|
| 253 | 253 | buffer += 128; |
| 254 | 254 | TRACE(("InitVolDesc - volume app id string is %s\n", volume->appIDString)); |
| 255 | 255 | |
| 256 | | volume->copyright[38] = '\0'; |
| 257 | | strncpy(volume->copyright, buffer, 38); |
| 258 | | buffer += 38; |
| | 256 | volume->copyright[sizeof(volume->copyright) - 1] = '\0'; |
| | 257 | strncpy(volume->copyright, buffer, sizeof(volume->copyright) - 1); |
| | 258 | buffer += sizeof(volume->copyright) - 1; |
| 259 | 259 | TRACE(("InitVolDesc - copyright is %s\n", volume->copyright)); |
| 260 | 260 | |
| 261 | | volume->abstractFName[38] = '\0'; |
| 262 | | strncpy(volume->abstractFName, buffer, 38); |
| 263 | | buffer += 38; |
| | 261 | volume->abstractFName[sizeof(volume->abstractFName) - 1] = '\0'; |
| | 262 | strncpy(volume->abstractFName, buffer, sizeof(volume->abstractFName) - 1); |
| | 263 | buffer += sizeof(volume->abstractFName) - 1; |
| 264 | 264 | |
| 265 | | volume->biblioFName[38] = '\0'; |
| 266 | | strncpy(volume->biblioFName, buffer, 38); |
| 267 | | buffer += 38; |
| | 265 | volume->biblioFName[sizeof(volume->biblioFName) - 1] = '\0'; |
| | 266 | strncpy(volume->biblioFName, buffer, sizeof(volume->biblioFName) - 1); |
| | 267 | buffer += sizeof(volume->biblioFName) - 1; |
| 268 | 268 | |
| 269 | 269 | init_volume_date(&volume->createDate, buffer); |
| 270 | 270 | buffer += 17; |
