storm/minidlna
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Clean up some potential buffer overruns. (SF bug #3536546)

Browse Source
This commit is contained in:
Justin Maggard 2012-06-26 18:13:48 +00:00
parent ba162fc082
commit cf8ddddcce
1 changed files with 27 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
scanner.c
View File

@ -114,7 +114,6 @@ insert_container(const char * item, const char * rootParent, const char * refID,
char *result; char *result;
char *base; char *base;
int ret = 0; int ret = 0;
sqlite_int64 detailID = 0;
result = sql_get_text_field(db, "SELECT OBJECT_ID from OBJECTS o " result = sql_get_text_field(db, "SELECT OBJECT_ID from OBJECTS o "
"left join DETAILS d on (o.DETAIL_ID = d.ID)" "left join DETAILS d on (o.DETAIL_ID = d.ID)"
@ -134,6 +133,7 @@ insert_container(const char * item, const char * rootParent, const char * refID,
} }
else else
{ {
sqlite_int64 detailID = 0;
*objectID = 0; *objectID = 0;
*parentID = get_next_available_id("OBJECTS", rootParent); *parentID = get_next_available_id("OBJECTS", rootParent);
if( refID ) if( refID )
@ -168,8 +168,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
if( strstr(class, "imageItem") ) if( strstr(class, "imageItem") )
{ {
char *date = NULL, *cam = NULL; char *date_taken = NULL, *camera = NULL;
char date_taken[13], camera[64];
static struct virtual_item last_date; static struct virtual_item last_date;
static struct virtual_item last_cam; static struct virtual_item last_cam;
static struct virtual_item last_camdate; static struct virtual_item last_camdate;
@ -179,19 +178,16 @@ insert_containers(const char * name, const char *path, const char * refID, const
ret = sql_get_table(db, sql, &result, &row, &cols); ret = sql_get_table(db, sql, &result, &row, &cols);
if( ret == SQLITE_OK ) if( ret == SQLITE_OK )
{ {
date = result[2]; date_taken = result[2];
cam = result[3]; camera = result[3];
} }
if( date_taken )
if( date )
{
strncpy(date_taken, date, 10);
date_taken[10] = '\0'; date_taken[10] = '\0';
}
else else
{ date_taken = _("Unknown Date");
strcpy(date_taken, _("Unknown Date")); if( !camera )
} camera = _("Unknown Camera");
if( valid_cache && strcmp(last_date.name, date_taken) == 0 ) if( valid_cache && strcmp(last_date.name, date_taken) == 0 )
{ {
last_date.objectID++; last_date.objectID++;
@ -202,7 +198,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
insert_container(date_taken, IMAGE_DATE_ID, NULL, "album.photoAlbum", NULL, NULL, NULL, &objectID, &parentID); insert_container(date_taken, IMAGE_DATE_ID, NULL, "album.photoAlbum", NULL, NULL, NULL, &objectID, &parentID);
sprintf(last_date.parentID, IMAGE_DATE_ID"$%llX", parentID); sprintf(last_date.parentID, IMAGE_DATE_ID"$%llX", parentID);
last_date.objectID = objectID; last_date.objectID = objectID;
strcpy(last_date.name, date_taken); strncpyt(last_date.name, date_taken, sizeof(last_date.name));
//DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached date item: %s/%s/%X\n", last_date.name, last_date.parentID, last_date.objectID); //DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached date item: %s/%s/%X\n", last_date.name, last_date.parentID, last_date.objectID);
} }
sql_exec(db, "INSERT into OBJECTS" sql_exec(db, "INSERT into OBJECTS"
@ -211,20 +207,12 @@ insert_containers(const char * name, const char *path, const char * refID, const
" ('%s$%llX', '%s', '%s', '%s', %lld, %Q)", " ('%s$%llX', '%s', '%s', '%s', %lld, %Q)",
last_date.parentID, last_date.objectID, last_date.parentID, refID, class, detailID, name); last_date.parentID, last_date.objectID, last_date.parentID, refID, class, detailID, name);
if( cam )
{
strncpy(camera, cam, 63);
camera[63] = '\0';
}
else
{
strcpy(camera, _("Unknown Camera"));
}
if( !valid_cache || strcmp(camera, last_cam.name) != 0 ) if( !valid_cache || strcmp(camera, last_cam.name) != 0 )
{ {
insert_container(camera, IMAGE_CAMERA_ID, NULL, "storageFolder", NULL, NULL, NULL, &objectID, &parentID); insert_container(camera, IMAGE_CAMERA_ID, NULL, "storageFolder", NULL, NULL, NULL, &objectID, &parentID);
sprintf(last_cam.parentID, IMAGE_CAMERA_ID"$%llX", parentID); sprintf(last_cam.parentID, IMAGE_CAMERA_ID"$%llX", parentID);
strncpy(last_cam.name, camera, 255); strncpyt(last_cam.name, camera, sizeof(last_cam.name));
/* Invalidate last_camdate cache */
last_camdate.name[0] = '\0'; last_camdate.name[0] = '\0';
} }
if( valid_cache && strcmp(last_camdate.name, date_taken) == 0 ) if( valid_cache && strcmp(last_camdate.name, date_taken) == 0 )
@ -237,7 +225,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
insert_container(date_taken, last_cam.parentID, NULL, "album.photoAlbum", NULL, NULL, NULL, &objectID, &parentID); insert_container(date_taken, last_cam.parentID, NULL, "album.photoAlbum", NULL, NULL, NULL, &objectID, &parentID);
sprintf(last_camdate.parentID, "%s$%llX", last_cam.parentID, parentID); sprintf(last_camdate.parentID, "%s$%llX", last_cam.parentID, parentID);
last_camdate.objectID = objectID; last_camdate.objectID = objectID;
strcpy(last_camdate.name, date_taken); strncpyt(last_camdate.name, date_taken, sizeof(last_camdate.name));
//DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached camdate item: %s/%s/%s/%X\n", camera, last_camdate.name, last_camdate.parentID, last_camdate.objectID); //DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached camdate item: %s/%s/%s/%X\n", camera, last_camdate.name, last_camdate.parentID, last_camdate.objectID);
} }
sql_exec(db, "INSERT into OBJECTS" sql_exec(db, "INSERT into OBJECTS"
@ -287,7 +275,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
} }
else else
{ {
strcpy(last_album.name, album); strncpyt(last_album.name, album, sizeof(last_album.name));
insert_container(album, MUSIC_ALBUM_ID, NULL, "album.musicAlbum", artist, genre, album_art, &objectID, &parentID); insert_container(album, MUSIC_ALBUM_ID, NULL, "album.musicAlbum", artist, genre, album_art, &objectID, &parentID);
sprintf(last_album.parentID, MUSIC_ALBUM_ID"$%llX", parentID); sprintf(last_album.parentID, MUSIC_ALBUM_ID"$%llX", parentID);
last_album.objectID = objectID; last_album.objectID = objectID;
@ -305,7 +293,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
{ {
insert_container(artist, MUSIC_ARTIST_ID, NULL, "person.musicArtist", NULL, genre, NULL, &objectID, &parentID); insert_container(artist, MUSIC_ARTIST_ID, NULL, "person.musicArtist", NULL, genre, NULL, &objectID, &parentID);
sprintf(last_artist.parentID, MUSIC_ARTIST_ID"$%llX", parentID); sprintf(last_artist.parentID, MUSIC_ARTIST_ID"$%llX", parentID);
strcpy(last_artist.name, artist); strncpyt(last_artist.name, artist, sizeof(last_artist.name));
last_artistAlbum.name[0] = '\0'; last_artistAlbum.name[0] = '\0';
/* Add this file to the "- All Albums -" container as well */ /* Add this file to the "- All Albums -" container as well */
insert_container(_("- All Albums -"), last_artist.parentID, NULL, "album", artist, genre, NULL, &objectID, &parentID); insert_container(_("- All Albums -"), last_artist.parentID, NULL, "album", artist, genre, NULL, &objectID, &parentID);
@ -327,7 +315,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
"album.musicAlbum", artist, genre, album_art, &objectID, &parentID); "album.musicAlbum", artist, genre, album_art, &objectID, &parentID);
sprintf(last_artistAlbum.parentID, "%s$%llX", last_artist.parentID, parentID); sprintf(last_artistAlbum.parentID, "%s$%llX", last_artist.parentID, parentID);
last_artistAlbum.objectID = objectID; last_artistAlbum.objectID = objectID;
strcpy(last_artistAlbum.name, album?album:_("Unknown Album")); strncpyt(last_artistAlbum.name, album ? album : _("Unknown Album"), sizeof(last_artistAlbum.name));
//DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached artist/album item: %s/%s/%X\n", last_artist.name, last_artist.parentID, last_artist.objectID); //DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached artist/album item: %s/%s/%X\n", last_artist.name, last_artist.parentID, last_artist.objectID);
} }
sql_exec(db, "INSERT into OBJECTS" sql_exec(db, "INSERT into OBJECTS"
@ -347,8 +335,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
{ {
insert_container(genre, MUSIC_GENRE_ID, NULL, "genre.musicGenre", NULL, NULL, NULL, &objectID, &parentID); insert_container(genre, MUSIC_GENRE_ID, NULL, "genre.musicGenre", NULL, NULL, NULL, &objectID, &parentID);
sprintf(last_genre.parentID, MUSIC_GENRE_ID"$%llX", parentID); sprintf(last_genre.parentID, MUSIC_GENRE_ID"$%llX", parentID);
strcpy(last_genre.name, genre); strncpyt(last_genre.name, genre, sizeof(last_genre.name));
last_genreArtist.name[0] = '\0';
/* Add this file to the "- All Artists -" container as well */ /* Add this file to the "- All Artists -" container as well */
insert_container(_("- All Artists -"), last_genre.parentID, NULL, "person", NULL, genre, NULL, &objectID, &parentID); insert_container(_("- All Artists -"), last_genre.parentID, NULL, "person", NULL, genre, NULL, &objectID, &parentID);
sprintf(last_genreArtistAll.parentID, "%s$%llX", last_genre.parentID, parentID); sprintf(last_genreArtistAll.parentID, "%s$%llX", last_genre.parentID, parentID);
@ -368,7 +355,7 @@ insert_containers(const char * name, const char *path, const char * refID, const
"person.musicArtist", NULL, genre, NULL, &objectID, &parentID); "person.musicArtist", NULL, genre, NULL, &objectID, &parentID);
sprintf(last_genreArtist.parentID, "%s$%llX", last_genre.parentID, parentID); sprintf(last_genreArtist.parentID, "%s$%llX", last_genre.parentID, parentID);
last_genreArtist.objectID = objectID; last_genreArtist.objectID = objectID;
strcpy(last_genreArtist.name, artist?artist:_("Unknown Artist")); strncpyt(last_genreArtist.name, artist ? artist : _("Unknown Artist"), sizeof(last_genreArtist.name));
//DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached genre/artist item: %s/%s/%X\n", last_genreArtist.name, last_genreArtist.parentID, last_genreArtist.objectID); //DEBUG DPRINTF(E_DEBUG, L_SCANNER, "Creating cached genre/artist item: %s/%s/%X\n", last_genreArtist.name, last_genreArtist.parentID, last_genreArtist.objectID);
} }
sql_exec(db, "INSERT into OBJECTS" sql_exec(db, "INSERT into OBJECTS"
@ -420,25 +407,20 @@ insert_containers(const char * name, const char *path, const char * refID, const
int int
insert_directory(const char * name, const char * path, const char * base, const char * parentID, int objectID) insert_directory(const char * name, const char * path, const char * base, const char * parentID, int objectID)
{ {
int found = 0;
sqlite_int64 detailID = 0; sqlite_int64 detailID = 0;
char * refID = NULL;
char class[] = "container.storageFolder"; char class[] = "container.storageFolder";
char *result, *p; char *result, *p;
static char last_found[256] = "-1"; static char last_found[256] = "-1";
if( strcmp(base, BROWSEDIR_ID) != 0 ) if( strcmp(base, BROWSEDIR_ID) != 0 )
{ {
if( asprintf(&refID, "%s%s$%X", BROWSEDIR_ID, parentID, objectID) == -1 ) int found = 0;
return 1; char id_buf[64], parent_buf[64], refID[64];
}
if( refID )
{
char id_buf[64], parent_buf[64];
char *dir_buf, *dir; char *dir_buf, *dir;
dir_buf = strdup(path); dir_buf = strdup(path);
dir = dirname(dir_buf); dir = dirname(dir_buf);
snprintf(refID, sizeof(refID), "%s%s$%X", BROWSEDIR_ID, parentID, objectID);
snprintf(id_buf, sizeof(id_buf), "%s%s$%X", base, parentID, objectID); snprintf(id_buf, sizeof(id_buf), "%s%s$%X", base, parentID, objectID);
snprintf(parent_buf, sizeof(parent_buf), "%s%s", base, parentID); snprintf(parent_buf, sizeof(parent_buf), "%s%s", base, parentID);
while( !found ) while( !found )
@ -470,19 +452,16 @@ insert_directory(const char * name, const char * path, const char * base, const
*p = '\0'; *p = '\0';
dir = dirname(dir); dir = dirname(dir);
} }
free(refID);
free(dir_buf); free(dir_buf);
return 0; return 0;
} }
detailID = GetFolderMetadata(name, path, NULL, NULL, find_album_art(path, NULL, 0)); detailID = GetFolderMetadata(name, path, NULL, NULL, find_album_art(path, NULL, 0));
sql_exec(db, "INSERT into OBJECTS" sql_exec(db, "INSERT into OBJECTS"
" (OBJECT_ID, PARENT_ID, REF_ID, DETAIL_ID, CLASS, NAME) " " (OBJECT_ID, PARENT_ID, DETAIL_ID, CLASS, NAME) "
"VALUES" "VALUES"
" ('%s%s$%X', '%s%s', %Q, %lld, '%s', '%q')", " ('%s%s$%X', '%s%s', %lld, '%s', '%q')",
base, parentID, objectID, base, parentID, refID, detailID, class, name); base, parentID, objectID, base, parentID, detailID, class, name);
free(refID);
return 0; return 0;
} }
@ -494,7 +473,6 @@ insert_file(char * name, const char * path, const char * parentID, int object)
sqlite_int64 detailID = 0; sqlite_int64 detailID = 0;
char base[8]; char base[8];
char * typedir_parentID; char * typedir_parentID;
int typedir_objectID;
char * baseid; char * baseid;
char * orig_name = NULL; char * orig_name = NULL;
@ -543,7 +521,7 @@ insert_file(char * name, const char * path, const char * parentID, int object)
if( *parentID ) if( *parentID )
{ {
typedir_objectID = 0; int typedir_objectID = 0;
typedir_parentID = strdup(parentID); typedir_parentID = strdup(parentID);
baseid = strrchr(typedir_parentID, '$'); baseid = strrchr(typedir_parentID, '$');
if( baseid ) if( baseid )
@ -794,7 +772,7 @@ start_scanner()
av_log_set_level(AV_LOG_PANIC); av_log_set_level(AV_LOG_PANIC);
while( media_path ) while( media_path )
{ {
strncpy(name, media_path->path, sizeof(name)); strncpyt(name, media_path->path, sizeof(name));
GetFolderMetadata(basename(name), media_path->path, NULL, NULL, 0); GetFolderMetadata(basename(name), media_path->path, NULL, NULL, 0);
ScanDirectory(media_path->path, NULL, media_path->type); ScanDirectory(media_path->path, NULL, media_path->type);
media_path = media_path->next; media_path = media_path->next;