diff -Naur mp3info-0.8.5a-orig/gmp3info.c mp3info-0.8.5a/gmp3info.c --- mp3info-0.8.5a-orig/gmp3info.c 2006-11-10 02:11:43 +0200 +++ mp3info-0.8.5a/gmp3info.c 2009-05-15 12:41:37 +0300 @@ -66,22 +66,23 @@ int read_only=0; void exit_save( GtkWidget *widget, GtkWidget *data) { - char tmp[31]; - if (mp3.file) { if(!read_only) { - strcpy(mp3.id3.title,gtk_entry_get_text(GTK_ENTRY(id3win_text_title))); - strcpy(mp3.id3.artist,gtk_entry_get_text(GTK_ENTRY(id3win_text_artist))); - strcpy(mp3.id3.album,gtk_entry_get_text(GTK_ENTRY(id3win_text_album))); - strcpy(mp3.id3.year,gtk_entry_get_text(GTK_ENTRY(id3win_text_year))); - strcpy(mp3.id3.comment,gtk_entry_get_text(GTK_ENTRY(id3win_text_comment))); - strcpy(tmp,gtk_entry_get_text(GTK_ENTRY(GTK_COMBO(id3win_combo_genre)->entry))); - mp3.id3.genre[0]=gget_genre(tmp); - strcpy(tmp,gtk_entry_get_text(GTK_ENTRY(id3win_text_track))); - mp3.id3.track[0]=atoi(tmp); -/* if (mp3.id3.track[0] > 255) - mp3.id3.track[0]=255; -*/ + int i; + + memset (&mp3.id3, 0, sizeof(mp3.id3)); + strncat (mp3.id3.title,gtk_entry_get_text(GTK_ENTRY(id3win_text_title)),sizeof(mp3.id3.title)-1); + strncat (mp3.id3.artist,gtk_entry_get_text(GTK_ENTRY(id3win_text_artist)), sizeof(mp3.id3.artist)-1); + strncat (mp3.id3.album,gtk_entry_get_text(GTK_ENTRY(id3win_text_album)), sizeof(mp3.id3.album)-1); + strncat (mp3.id3.year,gtk_entry_get_text(GTK_ENTRY(id3win_text_year)), sizeof(mp3.id3.year)-1); + strncat (mp3.id3.comment,gtk_entry_get_text(GTK_ENTRY(id3win_text_comment)), sizeof(mp3.id3.comment)-1); + mp3.id3.genre[0] = gget_genre (gtk_entry_get_text(GTK_ENTRY(GTK_COMBO(id3win_combo_genre)->entry))); + i = atoi (gtk_entry_get_text (GTK_ENTRY (id3win_text_track))); + if (i < 0) + i = 0; + else if (i > 255) + i = 255; + mp3.id3.track[0] = i; write_tag(&mp3); } @@ -93,7 +94,7 @@ int main(int argc, char *argv[] ) { int i; - char track_text[4]; + char track_text[64]; gtk_init (&argc, &argv); @@ -241,7 +242,7 @@ gtk_entry_set_text(GTK_ENTRY(id3win_text_year),mp3.id3.year); gtk_entry_set_text(GTK_ENTRY(id3win_text_comment),mp3.id3.comment); if(mp3.id3.track[0] > 0) - sprintf(track_text,"%d",(int)mp3.id3.track[0]); + snprintf(track_text,sizeof(track_text),"%d",(int)mp3.id3.track[0]); else track_text[0]=0; gtk_entry_set_text(GTK_ENTRY(id3win_text_track),track_text); @@ -316,47 +317,49 @@ if (mp3.header_isvalid) { - sprintf(buf,"Media Type: MPEG %s Layer %s",mp3.header.version ? ((mp3.header.version==2) ? "2.5" : "1.0") : "2.0", layer_text[header_layer(&mp3.header)-1]); + snprintf(buf,sizeof(buf),"Media Type: MPEG %s Layer %s", + mp3.header.version ? ((mp3.header.version==2) ? "2.5" : "1.0") : "2.0", + layer_text[header_layer(&mp3.header)-1]); infowin_text_media=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_media,TRUE,TRUE,0); - sprintf(buf,"Bitrate: %i KB/s",header_bitrate(&mp3.header)); + snprintf(buf,sizeof(buf),"Bitrate: %i kbps",header_bitrate(&mp3.header)); infowin_text_bitrate=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_bitrate,TRUE,TRUE,0); - sprintf(buf,"Frequency: %iKHz",header_frequency(&mp3.header)/1000); + snprintf(buf,sizeof(buf),"Frequency: %i kHz",header_frequency(&mp3.header)/1000); infowin_text_frequency=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_frequency,TRUE,TRUE,0); ibuf=mp3.seconds / 60; ibuf2=mp3.seconds % 60; - sprintf(buf,"Length: %i:%02i",ibuf,ibuf2); + snprintf(buf,sizeof(buf),"Length: %i:%02i",ibuf,ibuf2); infowin_text_length=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_length,TRUE,TRUE,0); - sprintf(buf,"Emphasis: %s",header_emphasis(&mp3.header)); + snprintf(buf,sizeof(buf),"Emphasis: %s",header_emphasis(&mp3.header)); infowin_text_emphasis=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_emphasis,TRUE,TRUE,0); - sprintf(buf,"CRC: %s",!mp3.header.crc ? "Yes" : "No"); + snprintf(buf,sizeof(buf),"CRC: %s",!mp3.header.crc ? "Yes" : "No"); infowin_text_crc=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_crc,TRUE,TRUE,0); - sprintf(buf,"Copyright: %s",mp3.header.copyright ? "Yes" : "No"); + snprintf(buf,sizeof(buf),"Copyright: %s",mp3.header.copyright ? "Yes" : "No"); infowin_text_copyright=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_copyright,TRUE,TRUE,0); - sprintf(buf,"Original: %s",mp3.header.original ? "Yes" : "No"); + snprintf(buf,sizeof(buf),"Original: %s",mp3.header.original ? "Yes" : "No"); infowin_text_original=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_original,TRUE,TRUE,0); - sprintf(buf,"Padding: %s",mp3.header.padding ? "Yes" : "No"); + snprintf(buf,sizeof(buf),"Padding: %s",mp3.header.padding ? "Yes" : "No"); infowin_text_padding=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_padding,TRUE,TRUE,0); } else { - sprintf(buf,"This file's header\nis invalid.\n\nNo information\navailable"); + snprintf(buf,sizeof(buf),"This file's header\nis invalid.\n\nNo information\navailable"); infowin_text_media=gtk_label_new(buf); gtk_box_pack_start(GTK_BOX(infowin_main_frame),infowin_text_media,TRUE,TRUE,0); @@ -410,7 +413,7 @@ gtk_entry_set_text(GTK_ENTRY(id3win_text_album),mp3.id3.album); gtk_entry_set_text(GTK_ENTRY(id3win_text_year),mp3.id3.year); gtk_entry_set_text(GTK_ENTRY(id3win_text_comment),mp3.id3.comment); - gtk_entry_set_text(GTK_ENTRY(id3win_text_track),(char *)mp3.id3.track); + gtk_entry_set_text(GTK_ENTRY(id3win_text_track),(const char *)mp3.id3.track); gtk_entry_set_text(GTK_ENTRY(GTK_COMBO(id3win_combo_genre)->entry), gtext_genre(mp3.id3.genre[0])); } diff -Naur mp3info-0.8.5a-orig/mp3curs.c mp3info-0.8.5a/mp3curs.c --- mp3info-0.8.5a-orig/mp3curs.c 2006-11-06 06:02:35 +0200 +++ mp3info-0.8.5a/mp3curs.c 2009-05-15 12:41:38 +0300 @@ -42,7 +42,7 @@ char *curs_addparam(WINDOW *win, int line, int length, char *buf) { int c; - char string[TEXT_FIELD_LEN]; + char string[TEXT_FIELD_LEN+1]; wmove(win,line,16); c = wgetnstr(win,string,length); diff -Naur mp3info-0.8.5a-orig/mp3info.c mp3info-0.8.5a/mp3info.c --- mp3info-0.8.5a-orig/mp3info.c 2009-05-15 12:41:14 +0300 +++ mp3info-0.8.5a/mp3info.c 2009-05-15 12:43:00 +0300 @@ -44,7 +44,6 @@ int new_track=0,new_genre=0,firstfilearg; id3tag new_tag; char *print_format=NULL; - char error_msg[256]; unsigned int g,n; int vbr_report=VBR_VARIABLE; mp3info mp3; @@ -183,16 +182,14 @@ file_open=0; if (view_only == 1) { if ( !( fp=fopen(argv[i],"rb") ) ) { - snprintf(error_msg,sizeof(error_msg),"Error opening MP3: %s",argv[i]); - perror(error_msg); + fprintf(stderr, "Error opening MP3: %s: %m", argv[i]); retcode |= 1; } else { file_open=1; } } else { if ( !( fp=fopen(argv[i],"rb+") ) ) { - snprintf(error_msg,sizeof(error_msg),"Error opening MP3: %s",argv[i]); - perror(error_msg); + fprintf(stderr, "Error opening MP3: %s: %m", argv[i]); retcode |= 1; } else { file_open=1; @@ -284,7 +281,8 @@ fclose(mp3.file); if(delete_tag && mp3.id3_isvalid) { - truncate(mp3.filename,mp3.datasize); + if (truncate(mp3.filename,mp3.datasize)) + fprintf(stderr, "Error truncating MP3: %s: %m", mp3.filename); } diff -Naur mp3info-0.8.5a-orig/mp3tech.c mp3info-0.8.5a/mp3tech.c --- mp3info-0.8.5a-orig/mp3tech.c 2006-11-06 06:05:30 +0200 +++ mp3info-0.8.5a/mp3tech.c 2009-05-15 12:41:38 +0300 @@ -294,34 +294,48 @@ } +static int xfread(char *str, size_t size, mp3info *mp3) +{ + if (fread(str, size, 1, mp3->file) == 1) { + if (size > 1) + str[size] = '\0'; + return 0; + } + + fprintf(stderr, "Error reading %s: %m", mp3->filename); + return -1; +} + int get_id3(mp3info *mp3) { - int retcode=0; char fbuf[4]; - if(mp3->datasize >= 128) { + if(mp3->datasize < 128) + return 0; + if(fseek(mp3->file, -128, SEEK_END )) { - fprintf(stderr,"ERROR: Couldn't read last 128 bytes of %s!!\n",mp3->filename); - retcode |= 4; + fprintf(stderr,"ERROR: Couldn't read last 128 bytes of %s: %m",mp3->filename); + return 4; } else { - fread(fbuf,1,3,mp3->file); fbuf[3] = '\0'; + if (xfread(fbuf,3,mp3)) + return 4; mp3->id3.genre[0]=255; - if (!strcmp((const char *)"TAG",(const char *)fbuf)) { - - mp3->id3_isvalid=1; mp3->datasize -= 128; - fseek(mp3->file, -125, SEEK_END); - fread(mp3->id3.title,1,30,mp3->file); mp3->id3.title[30] = '\0'; - fread(mp3->id3.artist,1,30,mp3->file); mp3->id3.artist[30] = '\0'; - fread(mp3->id3.album,1,30,mp3->file); mp3->id3.album[30] = '\0'; - fread(mp3->id3.year,1,4,mp3->file); mp3->id3.year[4] = '\0'; - fread(mp3->id3.comment,1,30,mp3->file); mp3->id3.comment[30] = '\0'; - if(mp3->id3.comment[28] == '\0') { + if (fseek(mp3->file, -125, SEEK_END)) { + fprintf(stderr, "Error seaking %s: %m", mp3->filename); + return 4; + } + if (xfread(mp3->id3.title,30,mp3)) return 4; + if (xfread(mp3->id3.artist,30,mp3)) return 4; + if (xfread(mp3->id3.album,30,mp3)) return 4; + if (xfread(mp3->id3.year,4,mp3)) return 4; + if (xfread(mp3->id3.comment,30,mp3)) return 4; + if (mp3->id3.comment[28] == '\0') { mp3->id3.track[0] = mp3->id3.comment[29]; } - fread(mp3->id3.genre,1,1,mp3->file); + if (xfread((char *)mp3->id3.genre,1,mp3)) return 4; unpad(mp3->id3.title); unpad(mp3->id3.artist); unpad(mp3->id3.album); @@ -329,9 +343,7 @@ unpad(mp3->id3.comment); } } - } - return retcode; - + return 0; } char *pad(char *string, int length) { diff -Naur mp3info-0.8.5a-orig/textfunc.c mp3info-0.8.5a/textfunc.c --- mp3info-0.8.5a-orig/textfunc.c 2009-05-15 12:41:14 +0300 +++ mp3info-0.8.5a/textfunc.c 2009-05-15 12:41:38 +0300 @@ -235,7 +235,8 @@ if(*code) { modlen=code-percent+1; if(modlen > 1000) { - printf("Format modifier beginning at position %d too long!\n",(int)(percent-format)); + fprintf(stderr, "Format modifier beginning at position %d too long!\n", + (int) (percent - format)); exit(5); } strncpy(mod,percent,modlen);