From af2b5e4f1406be8f3a68e1456d3c4baff3101404 Mon Sep 17 00:00:00 2001 From: mightymax Date: Sat, 20 Jan 2007 15:07:51 +0000 Subject: [PATCH] checks against stack overflows added. If put strings into stack, limit the access by their size, not by the size of unknown and possible corrupt input --- desmume/src/cflash.c | 12 ++++++++---- desmume/src/fs-windows.c | 13 +++++++++---- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/desmume/src/cflash.c b/desmume/src/cflash.c index 75192faed..86754ce33 100644 --- a/desmume/src/cflash.c +++ b/desmume/src/cflash.c @@ -19,12 +19,12 @@ */ +#include #include "fs.h" #include "cflash.h" #include "NDSSystem.h" #include #include -#include #define SECPERFAT 128 @@ -193,7 +193,8 @@ void list_files(char *fpath) { maxLevel++; fileLevel = maxLevel; - strncpy(DirSpec, fpath, strlen(fpath)+1); + strncpy(DirSpec, fpath, 255+1); /* if we use strncpy, we use it correct to limit it by the internal, not input size */ + DirSpec[255] = 0 ; /* hard limit the string here */ hFind = FsReadFirst(DirSpec, &entry); @@ -210,8 +211,11 @@ void list_files(char *fpath) { if (numFiles==MAXFILES-1) break; if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) { - sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname); - list_files(SubDir); + if (strlen(fname)+strlen(fpath)+2 < 256) + { + sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname); + list_files(SubDir); + } } } diff --git a/desmume/src/fs-windows.c b/desmume/src/fs-windows.c index 5de81a116..a2199f451 100644 --- a/desmume/src/fs-windows.c +++ b/desmume/src/fs-windows.c @@ -31,6 +31,7 @@ void * FsReadFirst(const char * p, FsEntry * entry) { HANDLE hFind; HANDLE * ret; char path[1024]; + if (strlen(p)+3 >sizeof(path)) return NULL ; sprintf(path, "%s\\*", p); @@ -38,8 +39,10 @@ void * FsReadFirst(const char * p, FsEntry * entry) { if (hFind == INVALID_HANDLE_VALUE) return NULL; - strcpy(entry->cFileName, FindFileData.cFileName); - strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName); + strncpy(entry->cFileName, FindFileData.cFileName,256); + entry->cFileName[255] = 0 ; + strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14); + entry->cAlternateFileName[14] = 0 ; entry->flags = 0; if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { entry->flags = FS_IS_DIR; @@ -57,8 +60,10 @@ int FsReadNext(void * search, FsEntry * entry) { ret = FindNextFile(*h, &FindFileData); - strcpy(entry->cFileName, FindFileData.cFileName); - strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName); + strncpy(entry->cFileName, FindFileData.cFileName,256); + entry->cFileName[255] = 0 ; + strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14); + entry->cAlternateFileName[14] = 0 ; entry->flags = 0; if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { entry->flags = FS_IS_DIR;