|
|
@@ -1710,7 +1710,7 @@ free:
|
|
|
s->write_pending = false;
|
|
|
}
|
|
|
|
|
|
-static void usb_mtp_write_metadata(MTPState *s)
|
|
|
+static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
|
|
|
{
|
|
|
MTPData *d = s->data_out;
|
|
|
ObjectInfo *dataset = (ObjectInfo *)d->data;
|
|
|
@@ -1722,7 +1722,9 @@ static void usb_mtp_write_metadata(MTPState *s)
|
|
|
assert(!s->write_pending);
|
|
|
assert(p != NULL);
|
|
|
|
|
|
- filename = utf16_to_str(dataset->length, dataset->filename);
|
|
|
+ filename = utf16_to_str(MIN(dataset->length,
|
|
|
+ dlen - offsetof(ObjectInfo, filename)),
|
|
|
+ dataset->filename);
|
|
|
|
|
|
if (strchr(filename, '/')) {
|
|
|
usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
|
|
|
@@ -1738,7 +1740,6 @@ static void usb_mtp_write_metadata(MTPState *s)
|
|
|
s->dataset.filename = filename;
|
|
|
s->dataset.format = dataset->format;
|
|
|
s->dataset.size = dataset->size;
|
|
|
- s->dataset.filename = filename;
|
|
|
s->write_pending = true;
|
|
|
|
|
|
if (s->dataset.format == FMT_ASSOCIATION) {
|
|
|
@@ -1807,7 +1808,7 @@ static void usb_mtp_get_data(MTPState *s, mtp_container *container,
|
|
|
if (d->offset == d->length) {
|
|
|
/* The operation might have already failed */
|
|
|
if (!s->result) {
|
|
|
- usb_mtp_write_metadata(s);
|
|
|
+ usb_mtp_write_metadata(s, dlen);
|
|
|
}
|
|
|
usb_mtp_data_free(s->data_out);
|
|
|
s->data_out = NULL;
|
Michael Hanselmann