mirror/86Box
1
0
Fork 0
mirror of https://github.com/86Box/86Box.git synced 2026-02-22 09:35:32 -07:00
Code Issues Packages Projects Releases Activity

Refactor fdd_audio_load_profiles to simplify path handling

Browse Source
This commit is contained in:
Toni Riikonen
2025-11-28 00:48:11 +02:00
committed by GitHub
parent 03ab1135d7
commit 11edd4ee8a
1 changed files with 5 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/floppy/fdd_audio.c
View File

@@ -194,46 +194,25 @@ fdd_audio_log_active_profiles(void)
void
fdd_audio_load_profiles(void)
{
char config_path[2048];
ini_t profiles_ini;
/* Validate exe_path to prevent directory traversal attacks */
if (exe_path == NULL || strlen(exe_path) == 0) {
fdd_log("FDD Audio: Invalid exe_path\n");
return;
}
/* Check for directory traversal sequences */
if (strstr(exe_path, "..") != NULL) {
fdd_log("FDD Audio: Directory traversal detected in exe_path\n");
return;
}
path_append_filename(config_path, exe_path, "roms/floppy/fdd_audio_profiles.cfg");
/* Additional validation of the final path */
if (strstr(config_path, "..") != NULL) {
fdd_log("FDD Audio: Directory traversal detected in config path: %s\n", config_path);
return;
}
profiles_ini = ini_read(config_path);
profiles_ini = ini_read_ex("roms/floppy/fdd_audio_profiles.cfg", 1);
if (profiles_ini == NULL) {
fdd_log("FDD Audio: Could not load profiles from %s\n", config_path);
return;
}
audio_profile_count = 0;
/* Load profiles by trying known profile section names */
for (int i = 0; i < FDD_AUDIO_PROFILE_MAX && audio_profile_count < FDD_AUDIO_PROFILE_MAX; i++) {
char section_name[64];
snprintf(section_name, sizeof(section_name), "Profile \"%d\"", i);
ini_section_t section = ini_find_section(profiles_ini, section_name);
if (section) {
fdd_audio_profile_config_t *profile = &audio_profiles[audio_profile_count];
/* Load profile configuration */
profile->id = ini_section_get_int(section, "id", audio_profile_count);
@@ -1091,4 +1070,4 @@ fdd_audio_callback(int16_t *buffer, int length)
memset(buffer, 0, length * sizeof(int16_t));
}
#endif /* DISABLE_FDD_AUDIO */
#endif /* DISABLE_FDD_AUDIO */