Resolves CID 10540: Copy into fixed size buffer (STRING_OVERFLOW).

You might overrun the 32 byte fixed-size string "receiveCodec.plname" by copying "payloadName" without checking the length.
Note: This defect has an elevated risk because the source argument is a parameter of the current function.
Review URL: http://webrtc-codereview.appspot.com/352009

git-svn-id: http://webrtc.googlecode.com/svn/trunk@1428 4adac7df-926f-26a2-2b94-8c16560cd09d

src/common_types.h

@@ -25,6 +25,8 @@
     #define NULL 0
 #endif
 
+#define RTP_PAYLOAD_NAME_SIZE 32
+
 namespace webrtc {
 
 class InStream
@@ -203,7 +205,7 @@ protected:
 struct CodecInst
 {
     int pltype;
-    char plname[32];
+    char plname[RTP_PAYLOAD_NAME_SIZE];
     int plfreq;
     int pacsize;
     int channels;

src/modules/rtp_rtcp/interface/rtp_rtcp_defines.h

@@ -20,7 +20,6 @@
 
 #define RTCP_CNAME_SIZE 256    // RFC 3550 page 44, including null termination
 #define IP_PACKET_SIZE 1500    // we assume ethernet
-#define RTP_PAYLOAD_NAME_SIZE 32
 #define MAX_NUMBER_OF_PARALLEL_TELEPHONE_EVENTS 10
 #define TIMEOUT_SEI_MESSAGES_MS 30000   // in milliseconds
 

src/voice_engine/main/source/channel.cc

@@ -645,15 +645,15 @@ Channel::OnInitializeDecoder(
 
     assert(VoEChannelId(id) == _channelId);
 
-    CodecInst receiveCodec;
-    CodecInst dummyCodec;
+    CodecInst receiveCodec = {0};
+    CodecInst dummyCodec = {0};
 
     receiveCodec.pltype = payloadType;
-    strcpy(receiveCodec.plname, payloadName);
     receiveCodec.plfreq = frequency;
     receiveCodec.channels = channels;
     receiveCodec.rate = rate;
-
+    strncpy(receiveCodec.plname, payloadName, RTP_PAYLOAD_NAME_SIZE - 1);
+    
     _audioCodingModule.Codec(payloadName, dummyCodec, frequency);
     receiveCodec.pacsize = dummyCodec.pacsize;