On Jan 23, 2008 8:11 AM, pondlife <[EMAIL PROTECTED]> wrote: > > Even though the strip_extension changes can cause buffer overflows in > > albumart.c...
The version that Nico had in albumart.c of strip_extension() used to take a length argument for the filename. Changing it to use the existing implementation of strip_extension used everywhere else in Rockbox meant ditching that argument - so the strcpy() in the strip_extension() function being used now *could* cause a buffer overflow if the destination buffer you pass in is shorter than the filename. However, as albumart.c only calls strip_extension() once, and the destination buffer's size is MAX_PATH + 1, I don't really see how this could actually occur. Bry
