chore/CVE-2023-5217: brings in more buffer-overflow mitigation

gabrielfalcao · gabrielfalcao · commit 980207af3f25 · 2023-10-14T00:10:46.000Z
IOW: synchronizes lines of Track::Info::CopyStr from upstream - nothing new
diff --git a/third_party/libwebm/mkvparser/mkvparser.cc b/third_party/libwebm/mkvparser/mkvparser.cc
@@ -4569,7 +4569,8 @@ int Track::Info::CopyStr(char* Info::*str, Info& dst_) const {
   if (dst == NULL)
     return -1;
 
-  strcpy(dst, src);
+  memcpy(dst, src, len);
+  dst[len] = '\0';
 
   return 0;
 }

Original file line number	Diff line number	Diff line change
`@@ -4569,7 +4569,8 @@ int Track::Info::CopyStr(char* Info::*str, Info& dst_) const {`
`4569`	`4569`	`if (dst == NULL)`
`4570`	`4570`	`return -1;`
`4571`	`4571`
`4572`		`- strcpy(dst, src);`
	`4572`	`+ memcpy(dst, src, len);`
	`4573`	`+ dst[len] = '\0';`
`4573`	`4574`
`4574`	`4575`	`return 0;`
`4575`	`4576`	`}`