Fix possible buffer overflow (thanks to Mikkel Kamstrup for pointing that out!)

commit: 613ec55ae6441c0177859ac7f49b92a133979465 [log] [tgz]
author: Nikias Bassen <nikias@gmx.li> Fri Mar 14 10:41:52 2014 +0100
committer: Nikias Bassen <nikias@gmx.li> Fri Mar 14 10:41:52 2014 +0100
tree: b15232d9b3f5a71f2f2b7ace53e681dc94730b78
parent: 00ab62a8ea9518b73f1ad98fbbf504b9d54d920c [diff]
diff --git a/src/ideviceinstaller.c b/src/ideviceinstaller.c
index 81ce145..e1f995b 100644
--- a/src/ideviceinstaller.c
+++ b/src/ideviceinstaller.c

@@ -913,8 +913,7 @@
 			zbuf = NULL;
 			len = 0;
 			plist_t info = NULL;
-			char filename[256];
-			filename[0] = '\0';
+			char* filename = NULL;
 			char* app_directory_name = NULL;
 
 			if (zip_get_app_directory(zf, &app_directory_name)) {
@@ -923,6 +922,7 @@
 			}
 
 			/* construct full filename to Info.plist */
+			filename = (char*)malloc(strlen(app_directory_name)+10+1);
 			strcpy(filename, app_directory_name);
 			free(app_directory_name);
 			app_directory_name = NULL;
@@ -930,10 +930,12 @@
 
 			if (zip_get_contents(zf, filename, 0, &zbuf, &len) < 0) {
 				fprintf(stderr, "WARNING: could not locate %s in archive!\n", filename);
+				free(filename);
 				zip_unchange_all(zf);
 				zip_close(zf);
 				goto leave_cleanup;
 			}
+			free(filename);
 			if (memcmp(zbuf, "bplist00", 8) == 0) {
 				plist_from_bin(zbuf, len, &info);
 			} else {
commit	613ec55ae6441c0177859ac7f49b92a133979465	[log] [tgz]
author	Nikias Bassen <nikias@gmx.li>	Fri Mar 14 10:41:52 2014 +0100
committer	Nikias Bassen <nikias@gmx.li>	Fri Mar 14 10:41:52 2014 +0100
tree	b15232d9b3f5a71f2f2b7ace53e681dc94730b78
parent	00ab62a8ea9518b73f1ad98fbbf504b9d54d920c [diff]