ShuriZma
/
desmume
mirror of https://github.com/TASEmulators/desmume.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

checks against stack overflows added. If put strings into stack, limit the access by their size, not by the size of unknown and possible corrupt input

This commit is contained in:
mightymax 2007-01-20 15:07:51 +00:00
parent fbcc32c915
commit 6227202031
2 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
trunk/desmume/src/cflash.c
View File

@ -19,12 +19,12 @@
*/
#include <string.h>
#include "fs.h"
#include "cflash.h"
#include "NDSSystem.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define SECPERFAT 128
@ -193,7 +193,8 @@ void list_files(char *fpath) {
maxLevel++;
fileLevel = maxLevel;
strncpy(DirSpec, fpath, strlen(fpath)+1);
strncpy(DirSpec, fpath, 255+1); /* if we use strncpy, we use it correct to limit it by the internal, not input size */
DirSpec[255] = 0 ; /* hard limit the string here */
hFind = FsReadFirst(DirSpec, &entry);
@ -210,8 +211,11 @@ void list_files(char *fpath) {
if (numFiles==MAXFILES-1) break;
if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) {
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname);
list_files(SubDir);
if (strlen(fname)+strlen(fpath)+2 < 256)
{
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname);
list_files(SubDir);
}
}
}

13
trunk/desmume/src/fs-windows.c
View File

@ -31,6 +31,7 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
HANDLE hFind;
HANDLE * ret;
char path[1024];
if (strlen(p)+3 >sizeof(path)) return NULL ;
sprintf(path, "%s\\*", p);
@ -38,8 +39,10 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
if (hFind == INVALID_HANDLE_VALUE)
return NULL;
strcpy(entry->cFileName, FindFileData.cFileName);
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName);
strncpy(entry->cFileName, FindFileData.cFileName,256);
entry->cFileName[255] = 0 ;
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
entry->cAlternateFileName[14] = 0 ;
entry->flags = 0;
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
entry->flags = FS_IS_DIR;
@ -57,8 +60,10 @@ int FsReadNext(void * search, FsEntry * entry) {
ret = FindNextFile(*h, &FindFileData);
strcpy(entry->cFileName, FindFileData.cFileName);
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName);
strncpy(entry->cFileName, FindFileData.cFileName,256);
entry->cFileName[255] = 0 ;
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
entry->cAlternateFileName[14] = 0 ;
entry->flags = 0;
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
entry->flags = FS_IS_DIR;