G'day,
Thanks for processing my previous patch.
Here is another patch that uses snprintf(3) to avoid potential
buffer overflow cases (and GCC 10.3 warnings):
There's two instances of "%str" as part of a format specifier for
the original "sprintf" code... These probably should be "%s".
The error recovery code I've used in the change comes from code used
a little further down the function... I'm not sure if I've tackled
this the right way (and I haven't tried to comprehend the comments!)
A patch is attached. The "%str"/"%s" discontinuity was only noticed
late in the process, but I think I've caught it in the patch.
cheers,
s-b etc.
--------
-- (Original start of cdCanvasVectorFont (rather long, sigh)) --
char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
{
cdVectorFont* vector_font;
assert(canvas);
assert(file);
if (!_cdCheckCanvas(canvas)) return NULL;
vector_font = canvas->vector_font;
if (!file || file[0] == 0)
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
}
else
{
FILE *font = NULL;
int read_ok;
char *env;
/* se arquivo foi o mesmo que o arq. corrente, entao retorna */
if (strcmp (file, vector_font->file_name) == 0)
return vector_font->name;
/* abre arq. no dir. corrente */
font = fopen(file, "r");
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
if (!font && env && strlen(file)<10240)
{
char filename[10240];
sprintf(filename, "%str/%str", env, file);
font = fopen(filename, "r");
}
if (font)
read_ok = vf_readfontfile(font, vector_font);
else
read_ok = vf_readfontstring(file, vector_font);
if (!read_ok)
{
if (font) fclose(font);
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
/* ... remainder of function elided ... */
--------
char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
{
cdVectorFont* vector_font;
assert(canvas);
assert(file);
if (!_cdCheckCanvas(canvas)) return NULL;
vector_font = canvas->vector_font;
if (!file || file[0] == 0)
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
}
else
{
FILE *font = NULL;
int read_ok;
char *env;
/* se arquivo foi o mesmo que o arq. corrente, entao retorna */
if (strcmp (file, vector_font->file_name) == 0)
return vector_font->name;
/* abre arq. no dir. corrente */
font = fopen(file, "r");
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
if (!font && env)
{
char filename[10240];
int result;
result = snprintf(filename, sizeof(filename),
"%s/%s",
env, file);
if ((result < 0) || (result >= sizeof(filename)))
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
font = fopen(filename, "r");
}
if (font)
read_ok = vf_readfontfile(font, vector_font);
else
read_ok = vf_readfontstring(file, vector_font);
if (!read_ok)
{
if (font) fclose(font);
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
/* ... remainder of function elided ... */
-- (End of text.) --
Index: cd/src/cd_vectortext.c
===================================================================
--- cd/src/cd_vectortext.c (revision 898)
+++ cd/src/cd_vectortext.c (working copy)
@@ -4798,9 +4798,19 @@
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
- if (!font && env && strlen(file)<10240)
+ if (!font && env)
{
char filename[10240];
- sprintf(filename, "%str/%str", env, file);
+ int result;
+
+ result = snprintf(filename, sizeof(filename),
+ "%s/%s",
+ env, file);
+ if ((result < 0) || (result >= sizeof(filename)))
+ {
+ vf_setdefaultfont(vector_font);
+ vector_font->file_name[0] = 0;
+ return NULL;
+ }
font = fopen(filename, "r");
}
_______________________________________________
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users
