From cf2f8f6489c3300309cff662513975a76e6e20f4 Mon Sep 17 00:00:00 2001
From: twinaphex <libretro@gmail.com>
Date: Sun, 28 May 2017 18:07:00 +0200
Subject: [PATCH] Prevent passing NULL/empty strings to memcmp

---
 tasks/task_database_cue.c | 155 ++++++++++++++++++++------------------
 1 file changed, 83 insertions(+), 72 deletions(-)

diff --git a/tasks/task_database_cue.c b/tasks/task_database_cue.c
index 663583c0aa..08cc1f08e3 100644
--- a/tasks/task_database_cue.c
+++ b/tasks/task_database_cue.c
@@ -277,46 +277,50 @@ int detect_psp_game(const char *track_path, char *game_id)
       if (filestream_read(fd, game_id, 5) > 0)
       {
          game_id[5] = '\0';
-         if (
-             (string_is_equal_fast(game_id, "ULES-", 5))
-          || (string_is_equal_fast(game_id, "ULUS-", 5))
-          || (string_is_equal_fast(game_id, "ULJS-", 5))
 
-          || (string_is_equal_fast(game_id, "ULEM-", 5))
-          || (string_is_equal_fast(game_id, "ULUM-", 5))
-          || (string_is_equal_fast(game_id, "ULJM-", 5))
-
-          || (string_is_equal_fast(game_id, "UCES-", 5))
-          || (string_is_equal_fast(game_id, "UCUS-", 5))
-          || (string_is_equal_fast(game_id, "UCJS-", 5))
-          || (string_is_equal_fast(game_id, "UCAS-", 5))
-
-          || (string_is_equal_fast(game_id, "NPEH-", 5))
-          || (string_is_equal_fast(game_id, "NPUH-", 5))
-          || (string_is_equal_fast(game_id, "NPJH-", 5))
-
-          || (string_is_equal_fast(game_id, "NPEG-", 5))
-          || (string_is_equal_fast(game_id, "NPUG-", 5))
-          || (string_is_equal_fast(game_id, "NPJG-", 5))
-          || (string_is_equal_fast(game_id, "NPHG-", 5))
-
-          || (string_is_equal_fast(game_id, "NPEZ-", 5))
-          || (string_is_equal_fast(game_id, "NPUZ-", 5))
-          || (string_is_equal_fast(game_id, "NPJZ-", 5))
-         )
+         if (!string_is_empty(game_id))
          {
-            filestream_seek(fd, pos, SEEK_SET);
-            if (filestream_read(fd, game_id, 10) > 0)
-            {
+            if (
+                     (string_is_equal_fast(game_id, "ULES-", 5))
+                  || (string_is_equal_fast(game_id, "ULUS-", 5))
+                  || (string_is_equal_fast(game_id, "ULJS-", 5))
+
+                  || (string_is_equal_fast(game_id, "ULEM-", 5))
+                  || (string_is_equal_fast(game_id, "ULUM-", 5))
+                  || (string_is_equal_fast(game_id, "ULJM-", 5))
+
+                  || (string_is_equal_fast(game_id, "UCES-", 5))
+                  || (string_is_equal_fast(game_id, "UCUS-", 5))
+                  || (string_is_equal_fast(game_id, "UCJS-", 5))
+                  || (string_is_equal_fast(game_id, "UCAS-", 5))
+
+                  || (string_is_equal_fast(game_id, "NPEH-", 5))
+                  || (string_is_equal_fast(game_id, "NPUH-", 5))
+                  || (string_is_equal_fast(game_id, "NPJH-", 5))
+
+                  || (string_is_equal_fast(game_id, "NPEG-", 5))
+                  || (string_is_equal_fast(game_id, "NPUG-", 5))
+                  || (string_is_equal_fast(game_id, "NPJG-", 5))
+                  || (string_is_equal_fast(game_id, "NPHG-", 5))
+
+                  || (string_is_equal_fast(game_id, "NPEZ-", 5))
+                  || (string_is_equal_fast(game_id, "NPUZ-", 5))
+                  || (string_is_equal_fast(game_id, "NPJZ-", 5))
+                  )
+                  {
+                     filestream_seek(fd, pos, SEEK_SET);
+                     if (filestream_read(fd, game_id, 10) > 0)
+                     {
 #if 0
-               game_id[4] = '-';
-               game_id[8] = game_id[9];
-               game_id[9] = game_id[10];
+                        game_id[4] = '-';
+                        game_id[8] = game_id[9];
+                        game_id[9] = game_id[10];
 #endif
-               game_id[10] = '\0';
-               rv = true;
-            }
-            break;
+                        game_id[10] = '\0';
+                        rv = true;
+                     }
+                     break;
+                  }
          }
       }
       else
@@ -346,6 +350,7 @@ int detect_system(const char *track_path, const char **system_name)
    for (i = 0; MAGIC_NUMBERS[i].system_name != NULL; i++)
    {
       filestream_seek(fd, MAGIC_NUMBERS[i].offset, SEEK_SET);
+
       if (filestream_read(fd, magic, MAGIC_LEN) < MAGIC_LEN)
       {
          RARCH_LOG("Could not read data from file '%s' at offset %d: %s\n",
@@ -354,7 +359,9 @@ int detect_system(const char *track_path, const char **system_name)
          goto clean;
       }
 
-      if (string_is_equal_fast(MAGIC_NUMBERS[i].magic, magic, MAGIC_LEN))
+      if (!string_is_empty(MAGIC_NUMBERS[i].magic) &&
+          !string_is_empty(magic) &&
+          string_is_equal_fast(MAGIC_NUMBERS[i].magic, magic, MAGIC_LEN))
       {
          *system_name = MAGIC_NUMBERS[i].system_name;
          rv = 0;
@@ -366,7 +373,8 @@ int detect_system(const char *track_path, const char **system_name)
    if (filestream_read(fd, magic, 8) > 0)
    {
       magic[8] = '\0';
-      if (string_is_equal_fast(magic, "PSP GAME", 8))
+      if (!string_is_empty(magic) &&
+            string_is_equal_fast(magic, "PSP GAME", 8))
       {
          *system_name = "psp\0";
          rv = 0;
@@ -403,46 +411,49 @@ int find_first_data_track(const char *cue_path,
 
    while (get_token(fd, tmp_token, MAX_TOKEN_LEN) > 0)
    {
-      if (string_is_equal_fast(tmp_token, "FILE", 4))
+      if (!string_is_empty(tmp_token))
       {
-         char cue_dir[PATH_MAX_LENGTH];
-
-         cue_dir[0] = '\0';
-
-         fill_pathname_basedir(cue_dir, cue_path, sizeof(cue_dir));
-
-         get_token(fd, tmp_token, MAX_TOKEN_LEN);
-         fill_pathname_join(track_path, cue_dir, tmp_token, max_len);
-
-      }
-      else if (string_is_equal_fast(tmp_token, "TRACK", 5))
-      {
-         int m, s, f;
-         get_token(fd, tmp_token, MAX_TOKEN_LEN);
-         get_token(fd, tmp_token, MAX_TOKEN_LEN);
-
-         if (string_is_equal_fast(tmp_token, "AUDIO", 5))
-            continue;
-
-         find_token(fd, "INDEX");
-         get_token(fd, tmp_token, MAX_TOKEN_LEN);
-         get_token(fd, tmp_token, MAX_TOKEN_LEN);
-
-         if (sscanf(tmp_token, "%02d:%02d:%02d", &m, &s, &f) < 3)
+         if (string_is_equal_fast(tmp_token, "FILE", 4))
          {
-            RARCH_LOG("Error parsing time stamp '%s'\n", tmp_token);
-            filestream_close(fd);
-            return -errno;
+            char cue_dir[PATH_MAX_LENGTH];
+
+            cue_dir[0] = '\0';
+
+            fill_pathname_basedir(cue_dir, cue_path, sizeof(cue_dir));
+
+            get_token(fd, tmp_token, MAX_TOKEN_LEN);
+            fill_pathname_join(track_path, cue_dir, tmp_token, max_len);
+
          }
+         else if (string_is_equal_fast(tmp_token, "TRACK", 5))
+         {
+            int m, s, f;
+            get_token(fd, tmp_token, MAX_TOKEN_LEN);
+            get_token(fd, tmp_token, MAX_TOKEN_LEN);
 
-         *offset = ((m * 60) * (s * 75) * f) * 25;
+            if (string_is_equal_fast(tmp_token, "AUDIO", 5))
+               continue;
 
-         RARCH_LOG("%s '%s+%d'\n",
-               msg_hash_to_str(MSG_FOUND_FIRST_DATA_TRACK_ON_FILE),
-               track_path, *offset);
+            find_token(fd, "INDEX");
+            get_token(fd, tmp_token, MAX_TOKEN_LEN);
+            get_token(fd, tmp_token, MAX_TOKEN_LEN);
 
-         rv = 0;
-         goto clean;
+            if (sscanf(tmp_token, "%02d:%02d:%02d", &m, &s, &f) < 3)
+            {
+               RARCH_LOG("Error parsing time stamp '%s'\n", tmp_token);
+               filestream_close(fd);
+               return -errno;
+            }
+
+            *offset = ((m * 60) * (s * 75) * f) * 25;
+
+            RARCH_LOG("%s '%s+%d'\n",
+                  msg_hash_to_str(MSG_FOUND_FIRST_DATA_TRACK_ON_FILE),
+                  track_path, *offset);
+
+            rv = 0;
+            goto clean;
+         }
       }
    }