Re: [Iup-users] Another cd-r898 "-Wformat-overflow" patch: cd/src/cd_vectortext.c
Applied with a few changes. Just commited to the CD SVN.
Thanks,
Scuri
Em qua., 8 de set. de 2021 às 00:05, sur-behoffski <
sur_behoff...@grouse.com.au> escreveu:
> G'day,
>
> Thanks for processing my previous patch.
>
> Here is another patch that uses snprintf(3) to avoid potential
> buffer overflow cases (and GCC 10.3 warnings):
>
> There's two instances of "%str" as part of a format specifier for
> the original "sprintf" code... These probably should be "%s".
>
> The error recovery code I've used in the change comes from code used
> a little further down the function... I'm not sure if I've tackled
> this the right way (and I haven't tried to comprehend the comments!)
>
> A patch is attached. The "%str"/"%s" discontinuity was only noticed
> late in the process, but I think I've caught it in the patch.
>
> cheers,
>
> s-b etc.
>
>
>
>
>
> -- (Original start of cdCanvasVectorFont (rather long, sigh)) --
>
>
> char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
> {
> cdVectorFont* vector_font;
>
> assert(canvas);
> assert(file);
> if (!_cdCheckCanvas(canvas)) return NULL;
>
> vector_font = canvas->vector_font;
> if (!file || file[0] == 0)
> {
> vf_setdefaultfont(vector_font);
> vector_font->file_name[0] = 0;
> }
> else
> {
> FILE *font = NULL;
> int read_ok;
> char *env;
>
> /* se arquivo foi o mesmo que o arq. corrente, entao retorna */
> if (strcmp (file, vector_font->file_name) == 0)
> return vector_font->name;
>
> /* abre arq. no dir. corrente */
> font = fopen(file, "r");
>
> /* se nao conseguiu, abre arq. no dir. do cd, */
> env = getenv("CDDIR");
> if (!font && env && strlen(file)<10240)
> {
> char filename[10240];
> sprintf(filename, "%str/%str", env, file);
> font = fopen(filename, "r");
> }
>
> if (font)
> read_ok = vf_readfontfile(font, vector_font);
> else
> read_ok = vf_readfontstring(file, vector_font);
>
> if (!read_ok)
> {
> if (font) fclose(font);
> vf_setdefaultfont(vector_font);
> vector_font->file_name[0] = 0;
> return NULL;
> }
>
> /* ... remainder of function elided ... */
>
>
>
>
>
>
>
> char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
> {
> cdVectorFont* vector_font;
>
> assert(canvas);
> assert(file);
> if (!_cdCheckCanvas(canvas)) return NULL;
>
> vector_font = canvas->vector_font;
> if (!file || file[0] == 0)
> {
> vf_setdefaultfont(vector_font);
> vector_font->file_name[0] = 0;
> }
> else
> {
> FILE *font = NULL;
> int read_ok;
> char *env;
>
> /* se arquivo foi o mesmo que o arq. corrente, entao retorna */
> if (strcmp (file, vector_font->file_name) == 0)
> return vector_font->name;
>
> /* abre arq. no dir. corrente */
> font = fopen(file, "r");
>
> /* se nao conseguiu, abre arq. no dir. do cd, */
> env = getenv("CDDIR");
> if (!font && env)
> {
> char filename[10240];
> int result;
>
> result = snprintf(filename, sizeof(filename),
> "%s/%s",
> env, file);
> if ((result < 0) || (result >= sizeof(filename)))
> {
> vf_setdefaultfont(vector_font);
> vector_font->file_name[0] = 0;
> return NULL;
> }
> font = fopen(filename, "r");
> }
>
> if (font)
> read_ok = vf_readfontfile(font, vector_font);
> else
> read_ok = vf_readfontstring(file, vector_font);
>
> if (!read_ok)
> {
> if (font) fclose(font);
> vf_setdefaultfont(vector_font);
> vector_font->file_name[0] = 0;
> return NULL;
> }
>
> /* ... remainder of function elided ... */
>
> -- (End of text.) --
> ___
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>
___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users
[Iup-users] Another cd-r898 "-Wformat-overflow" patch: cd/src/cd_vectortext.c
G'day,
Thanks for processing my previous patch.
Here is another patch that uses snprintf(3) to avoid potential
buffer overflow cases (and GCC 10.3 warnings):
There's two instances of "%str" as part of a format specifier for
the original "sprintf" code... These probably should be "%s".
The error recovery code I've used in the change comes from code used
a little further down the function... I'm not sure if I've tackled
this the right way (and I haven't tried to comprehend the comments!)
A patch is attached. The "%str"/"%s" discontinuity was only noticed
late in the process, but I think I've caught it in the patch.
cheers,
s-b etc.
-- (Original start of cdCanvasVectorFont (rather long, sigh)) --
char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
{
cdVectorFont* vector_font;
assert(canvas);
assert(file);
if (!_cdCheckCanvas(canvas)) return NULL;
vector_font = canvas->vector_font;
if (!file || file[0] == 0)
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
}
else
{
FILE *font = NULL;
int read_ok;
char *env;
/* se arquivo foi o mesmo que o arq. corrente, entao retorna */
if (strcmp (file, vector_font->file_name) == 0)
return vector_font->name;
/* abre arq. no dir. corrente */
font = fopen(file, "r");
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
if (!font && env && strlen(file)<10240)
{
char filename[10240];
sprintf(filename, "%str/%str", env, file);
font = fopen(filename, "r");
}
if (font)
read_ok = vf_readfontfile(font, vector_font);
else
read_ok = vf_readfontstring(file, vector_font);
if (!read_ok)
{
if (font) fclose(font);
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
/* ... remainder of function elided ... */
char *cdCanvasVectorFont(cdCanvas* canvas, const char *file)
{
cdVectorFont* vector_font;
assert(canvas);
assert(file);
if (!_cdCheckCanvas(canvas)) return NULL;
vector_font = canvas->vector_font;
if (!file || file[0] == 0)
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
}
else
{
FILE *font = NULL;
int read_ok;
char *env;
/* se arquivo foi o mesmo que o arq. corrente, entao retorna */
if (strcmp (file, vector_font->file_name) == 0)
return vector_font->name;
/* abre arq. no dir. corrente */
font = fopen(file, "r");
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
if (!font && env)
{
char filename[10240];
int result;
result = snprintf(filename, sizeof(filename),
"%s/%s",
env, file);
if ((result < 0) || (result >= sizeof(filename)))
{
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
font = fopen(filename, "r");
}
if (font)
read_ok = vf_readfontfile(font, vector_font);
else
read_ok = vf_readfontstring(file, vector_font);
if (!read_ok)
{
if (font) fclose(font);
vf_setdefaultfont(vector_font);
vector_font->file_name[0] = 0;
return NULL;
}
/* ... remainder of function elided ... */
-- (End of text.) --
Index: cd/src/cd_vectortext.c
===
--- cd/src/cd_vectortext.c (revision 898)
+++ cd/src/cd_vectortext.c (working copy)
@@ -4798,9 +4798,19 @@
/* se nao conseguiu, abre arq. no dir. do cd, */
env = getenv("CDDIR");
-if (!font && env && strlen(file)<10240)
+if (!font && env)
{
char filename[10240];
- sprintf(filename, "%str/%str", env, file);
+ int result;
+
+ result = snprintf(filename, sizeof(filename),
+"%s/%s",
+env, file);
+ if ((result < 0) || (result >= sizeof(filename)))
+ {
+vf_setdefaultfont(vector_font);
+vector_font->file_name[0] = 0;
+return NULL;
+ }
font = fopen(filename, "r");
}
___
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users
