Commit: ab921321e1ca6303ee0fa2f2de511b490d9d6427
Author: Bastien Montagne
Date: Mon Jun 27 12:38:12 2016 +0200
Branches: master
https://developer.blender.org/rBab921321e1ca6303ee0fa2f2de511b490d9d6427
Fix (unreported) potential buffer overflow with BLO_library_path_explode()
usage.
Also added warning to func doc, let's try to avoid this in future (for until we
pass string length systematically...).
===================================================================
M source/blender/blenloader/intern/readfile.c
M source/blender/editors/space_file/filelist.c
M source/blender/imbuf/intern/thumbs.c
===================================================================
diff --git a/source/blender/blenloader/intern/readfile.c
b/source/blender/blenloader/intern/readfile.c
index 8e69408..323f0a9 100644
--- a/source/blender/blenloader/intern/readfile.c
+++ b/source/blender/blenloader/intern/readfile.c
@@ -1326,6 +1326,7 @@ bool BLO_has_bfile_extension(const char *str)
*
* \param path the full path to explode.
* \param r_dir the string that'll contain path up to blend file itself
('library' path).
+ * WARNING! Must be FILE_MAX_LIBEXTRA long (it also stores group
and name strings)!
* \param r_group the string that'll contain 'group' part of the path, if any.
May be NULL.
* \param r_name the string that'll contain data's name part of the path, if
any. May be NULL.
* \return true if path contains a blend file.
diff --git a/source/blender/editors/space_file/filelist.c
b/source/blender/editors/space_file/filelist.c
index fc3341b..5e9eb1f 100644
--- a/source/blender/editors/space_file/filelist.c
+++ b/source/blender/editors/space_file/filelist.c
@@ -624,7 +624,7 @@ static bool is_filtered_file(FileListInternEntry *file,
const char *UNUSED(root)
static bool is_filtered_lib(FileListInternEntry *file, const char *root,
FileListFilter *filter)
{
bool is_filtered;
- char path[FILE_MAX_LIBEXTRA], dir[FILE_MAXDIR], *group, *name;
+ char path[FILE_MAX_LIBEXTRA], dir[FILE_MAX_LIBEXTRA], *group, *name;
BLI_join_dirfile(path, sizeof(path), root, file->relpath);
@@ -697,7 +697,7 @@ void filelist_filter(FileList *filelist)
if (filelist->max_recursion) {
/* Never show lib ID 'categories' directories when we are in
'flat' mode, unless
* root path is a blend file. */
- char dir[FILE_MAXDIR];
+ char dir[FILE_MAX_LIBEXTRA];
if (!filelist_islibrary(filelist, dir, NULL)) {
filelist->filter_data.flags |= FLF_HIDE_LIB_DIR;
}
@@ -947,7 +947,7 @@ static void filelist_checkdir_dir(struct FileList
*UNUSED(filelist), char *r_dir
static void filelist_checkdir_lib(struct FileList *UNUSED(filelist), char
*r_dir)
{
- char dir[FILE_MAXDIR];
+ char dir[FILE_MAX_LIBEXTRA];
if (!BLO_library_path_explode(r_dir, dir, NULL, NULL)) {
/* if not a valid library, we need it to be a valid directory!
*/
BLI_make_exist(r_dir);
@@ -2113,6 +2113,7 @@ unsigned int filelist_entry_select_index_get(FileList
*filelist, const int index
return 0;
}
+/* WARNING! dir must be FILE_MAX_LIBEXTRA long! */
bool filelist_islibrary(struct FileList *filelist, char *dir, char **group)
{
return BLO_library_path_explode(filelist->filelist.root, dir, group,
NULL);
@@ -2208,7 +2209,7 @@ static int filelist_readjob_list_lib(const char *root,
ListBase *entries, const
FileListInternEntry *entry;
LinkNode *ln, *names;
int i, nnames, idcode = 0, nbr_entries = 0;
- char dir[FILE_MAX], *group;
+ char dir[FILE_MAX_LIBEXTRA], *group;
bool ok;
struct BlendHandle *libfiledata = NULL;
diff --git a/source/blender/imbuf/intern/thumbs.c
b/source/blender/imbuf/intern/thumbs.c
index 95d061b..3629332 100644
--- a/source/blender/imbuf/intern/thumbs.c
+++ b/source/blender/imbuf/intern/thumbs.c
@@ -46,6 +46,8 @@
#include "BLO_readfile.h"
+#include "DNA_space_types.h" /* For FILE_MAX_LIBEXTRA */
+
#include "IMB_imbuf_types.h"
#include "IMB_imbuf.h"
#include "IMB_thumbs.h"
@@ -533,7 +535,7 @@ ImBuf *IMB_thumb_manage(const char *org_path, ThumbSize
size, ThumbSource source
char thumb_path[FILE_MAX];
char thumb_name[40];
char uri[URI_MAX];
- char path_buff[FILE_MAX];
+ char path_buff[FILE_MAX_LIBEXTRA];
const char *file_path;
const char *path;
BLI_stat_t st;
_______________________________________________
Bf-blender-cvs mailing list
[email protected]
https://lists.blender.org/mailman/listinfo/bf-blender-cvs
