Package: mtp-tools
Version: 0.2.2-2
Tags: patch
The example code which comes with libmtp and which is used to create
the command-line tools in the mtp-tools package uses atoi(3) for some
of its command-line parsing, which has problems if the file ids on the
mtp device are greater than INT_MAX. I managed to crash my mp3 player
by making a playlist with bad data because of this bug.
I've patched the utils to use strtoul instead, and the rebuilt package
is working great here, so I'm sending you the patch. You may want to
forward this to upstream as well.
My patch also fixes a few (though not all) minor memory leaks.
Apparently someone didn't realize that strdup(3) calls malloc(3).
These leaks are probably mostly harmless, since the programs exit
after doing their work, which frees all the leaked memory, but as a
matter of general principle, I tried to fix the most obvious ones I
spotted. If you'd prefer, I can send you a trimmed-down patch which
only fixes the signed/unsigned problems.
cheers
--
Chris Waters | Pneumonoultra- osis is too long
[EMAIL PROTECTED] | microscopicsilico- to fit into a single
or [EMAIL PROTECTED] | volcaniconi- standalone haiku
diff -ur libmtp-0.2.2.old/examples/albumart.c libmtp-0.2.2/examples/albumart.c
--- libmtp-0.2.2.old/examples/albumart.c 2007-03-28 23:00:40.000000000
-0700
+++ libmtp-0.2.2/examples/albumart.c 2007-11-07 22:48:24.000000000 -0800
@@ -43,6 +43,7 @@
char *imagedata = NULL;
char *albumname = NULL;
char *path = NULL;
+ char *rest;
struct stat statbuff;
fprintf(stdout, "libmtp version: " LIBMTP_VERSION_STRING "\n\n");
@@ -58,7 +59,7 @@
return 1;
}
ids = tmp;
- ids[(idcount-1)] = atoi(strdup(optarg));
+ ids[(idcount-1)] = strtoul(optarg, &rest, 0);
break;
case 'n':
albumname = strdup(optarg);
diff -ur libmtp-0.2.2.old/examples/newplaylist.c
libmtp-0.2.2/examples/newplaylist.c
--- libmtp-0.2.2.old/examples/newplaylist.c 2007-03-28 23:00:41.000000000
-0700
+++ libmtp-0.2.2/examples/newplaylist.c 2007-11-07 22:46:39.000000000 -0800
@@ -39,6 +39,7 @@
uint32_t *ids = NULL;
uint32_t *tmp = NULL;
char *playlistname = NULL;
+ char *rest;
fprintf(stdout, "libmtp version: " LIBMTP_VERSION_STRING "\n\n");
@@ -53,7 +54,7 @@
return 1;
}
ids = tmp;
- ids[(idcount-1)] = atoi(strdup(optarg));
+ ids[(idcount-1)] = strtoul(optarg, &rest, 0);
break;
case 'n':
playlistname = strdup(optarg);
diff -ur libmtp-0.2.2.old/examples/pathutils.c libmtp-0.2.2/examples/pathutils.c
--- libmtp-0.2.2.old/examples/pathutils.c 2007-03-16 08:19:44.000000000
-0700
+++ libmtp-0.2.2/examples/pathutils.c 2007-11-07 22:58:01.000000000 -0800
@@ -56,9 +56,11 @@
int
parse_path (char * path, LIBMTP_file_t * files, LIBMTP_folder_t * folders)
{
+ char *rest;
// Check if path is an item_id
if (*path != '/') {
- int item_id = atoi(path);
+ int item_id = strtoul(path, &rest, 0);
+ // really should check contents of "rest" here...
return item_id;
}
// Check if path is a folder
@@ -83,11 +85,13 @@
if (file->parent_id == parent_id) {
if (strcasecmp (file->filename, filename) == 0) {
int item_id = file->item_id;
+ free(dirc); free(basec);
return item_id;
}
}
file = file->next;
}
+ free(dirc); free(basec);
} else {
return item_id;
}
diff -ur libmtp-0.2.2.old/examples/thumb.c libmtp-0.2.2/examples/thumb.c
--- libmtp-0.2.2.old/examples/thumb.c 2007-03-28 23:00:41.000000000 -0700
+++ libmtp-0.2.2/examples/thumb.c 2007-11-07 23:02:36.000000000 -0800
@@ -41,6 +41,7 @@
uint64_t filesize;
uint8_t *imagedata = NULL;
char *path = NULL;
+ char *rest;
struct stat statbuff;
int ret;
@@ -51,7 +52,7 @@
case 'h':
usage();
case 'i':
- id = atoi(strdup(optarg));
+ id = strtoul(optarg, &rest, 0);
break;
default:
usage();
