This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository enventor.
View the commit online.
commit 2d413edcb9dd94340d7ec7c17bdb474a2391c285
Author: Thanatermesis <[email protected]>
AuthorDate: Mon Feb 23 15:59:36 2026 -0500
fix: Fix memory leak, buffer overflow risk, and hex conversion logic
I have identified a potential memory leak and a buffer overflow risk in src/bin/text_setting.c.
1 In syntax_template_format_create, the variable utf8 is obtained via eina_file_map_all, which returns a pointer to a memory-mapped region. This region should not be freed
using free(). Since the content is copied into syntax_template_format, the mapping should simply be cleaned up using eina_file_map_free.
2 In text_setting_syntax_color_load, strncpy is used with a length of 6 on a buffer of size 7 (SYNTAX_COLOR_LEN). This might leave the string without a null terminator if the
source is not null-terminated within 6 characters. I will ensure the buffer is zero-initialized and properly terminated.
3 In convert_hexadecimal_to_decimal, pow(16, ...) returns a double, and using atoi on a single character pointer is unsafe because atoi expects a null-terminated string. I
will refactor this to a more robust manual calculation.
---
src/bin/text_setting.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/src/bin/text_setting.c b/src/bin/text_setting.c
index c0800da..2f1e995 100644
--- a/src/bin/text_setting.c
+++ b/src/bin/text_setting.c
@@ -278,6 +278,7 @@ text_setting_syntax_color_load(void)
for (; color_type < ENVENTOR_SYNTAX_COLOR_LAST; color_type++)
{
color = config_syntax_color_get(color_type);
+ memset(color_val[color_type], 0, SYNTAX_COLOR_LEN);
if (color) strncpy(color_val[color_type], color, 6);
else strncpy(color_val[color_type], "FFFFFF", 6);
}
@@ -409,6 +410,7 @@ convert_hexadecimal_to_decimal(char *hexadecimal)
int i;
int len;
int decimal = 0;
+ int value = 0;
char digit;
if (!hexadecimal) return 0;
@@ -421,11 +423,15 @@ convert_hexadecimal_to_decimal(char *hexadecimal)
digit = hexadecimal[i];
if ((digit >= 'a') && (digit <= 'f'))
- decimal += ((digit - 'a') + 10) * pow(16, (len - i - 1));
+ value = (digit - 'a') + 10;
else if ((digit >= 'A') && (digit <= 'F'))
- decimal += ((digit - 'A') + 10) * pow(16, (len - i - 1));
+ value = (digit - 'A') + 10;
else if ((digit >= '0') && (digit <= '9'))
- decimal += atoi(&digit) * pow(16, (len - i - 1));
+ value = digit - '0';
+ else
+ continue;
+
+ decimal = (decimal * 16) + value;
}
return decimal;
}
@@ -562,15 +568,16 @@ syntax_template_format_create(text_setting_data *tsd)
tsd->syntax_template_format = syntax_template_format;
+ eina_file_map_free(file, utf8);
eina_file_close(file);
return tsd->syntax_template_format;
err:
mem_fail_msg();
- if (utf8) free(utf8);
+ if (utf8) eina_file_map_free(file, utf8);
- eina_file_close(file);
+ if (file) eina_file_close(file);
return NULL;
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
