A buffer overflow occurs in cdfs_open_cue_track due to memcpy(current_track_path, file, file_end - file);
using the source size, which may exceed the destination buffer (PATH_MAX_LENGTH).

Location:
https://github.com/libretro/libretro-common/blob/master/formats/cdfs/cdfs.c#L471

Impact:
A crafted .cue file like:
FILE "A_VERY_LONG_STRING_EXCEEDING_PATH_MAX_LENGTH" BINARY
TRACK 01 AUDIO
INDEX 01 00:00:00
can trigger a stack-based buffer overflow and allow attacker code execution.

Mitigation:
Limit the memcpy size to PATH_MAX_LENGTH - 1 and ensure null termination.