checks against stack overflows added. If put strings into stack, limit the access by their size, not by the size of unknown and possible corrupt input
This commit is contained in:
parent
dfb56b1662
commit
af2b5e4f14
|
@ -19,12 +19,12 @@
|
||||||
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
#include "fs.h"
|
#include "fs.h"
|
||||||
#include "cflash.h"
|
#include "cflash.h"
|
||||||
#include "NDSSystem.h"
|
#include "NDSSystem.h"
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
|
|
||||||
#define SECPERFAT 128
|
#define SECPERFAT 128
|
||||||
|
@ -193,7 +193,8 @@ void list_files(char *fpath) {
|
||||||
maxLevel++;
|
maxLevel++;
|
||||||
fileLevel = maxLevel;
|
fileLevel = maxLevel;
|
||||||
|
|
||||||
strncpy(DirSpec, fpath, strlen(fpath)+1);
|
strncpy(DirSpec, fpath, 255+1); /* if we use strncpy, we use it correct to limit it by the internal, not input size */
|
||||||
|
DirSpec[255] = 0 ; /* hard limit the string here */
|
||||||
|
|
||||||
hFind = FsReadFirst(DirSpec, &entry);
|
hFind = FsReadFirst(DirSpec, &entry);
|
||||||
|
|
||||||
|
@ -210,10 +211,13 @@ void list_files(char *fpath) {
|
||||||
if (numFiles==MAXFILES-1) break;
|
if (numFiles==MAXFILES-1) break;
|
||||||
|
|
||||||
if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) {
|
if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) {
|
||||||
|
if (strlen(fname)+strlen(fpath)+2 < 256)
|
||||||
|
{
|
||||||
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname);
|
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname);
|
||||||
list_files(SubDir);
|
list_files(SubDir);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
dwError = FsError();
|
dwError = FsError();
|
||||||
FsClose(hFind);
|
FsClose(hFind);
|
||||||
|
|
|
@ -31,6 +31,7 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
|
||||||
HANDLE hFind;
|
HANDLE hFind;
|
||||||
HANDLE * ret;
|
HANDLE * ret;
|
||||||
char path[1024];
|
char path[1024];
|
||||||
|
if (strlen(p)+3 >sizeof(path)) return NULL ;
|
||||||
|
|
||||||
sprintf(path, "%s\\*", p);
|
sprintf(path, "%s\\*", p);
|
||||||
|
|
||||||
|
@ -38,8 +39,10 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
|
||||||
if (hFind == INVALID_HANDLE_VALUE)
|
if (hFind == INVALID_HANDLE_VALUE)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
strcpy(entry->cFileName, FindFileData.cFileName);
|
strncpy(entry->cFileName, FindFileData.cFileName,256);
|
||||||
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName);
|
entry->cFileName[255] = 0 ;
|
||||||
|
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
|
||||||
|
entry->cAlternateFileName[14] = 0 ;
|
||||||
entry->flags = 0;
|
entry->flags = 0;
|
||||||
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
|
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
|
||||||
entry->flags = FS_IS_DIR;
|
entry->flags = FS_IS_DIR;
|
||||||
|
@ -57,8 +60,10 @@ int FsReadNext(void * search, FsEntry * entry) {
|
||||||
|
|
||||||
ret = FindNextFile(*h, &FindFileData);
|
ret = FindNextFile(*h, &FindFileData);
|
||||||
|
|
||||||
strcpy(entry->cFileName, FindFileData.cFileName);
|
strncpy(entry->cFileName, FindFileData.cFileName,256);
|
||||||
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName);
|
entry->cFileName[255] = 0 ;
|
||||||
|
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
|
||||||
|
entry->cAlternateFileName[14] = 0 ;
|
||||||
entry->flags = 0;
|
entry->flags = 0;
|
||||||
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
|
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
|
||||||
entry->flags = FS_IS_DIR;
|
entry->flags = FS_IS_DIR;
|
||||||
|
|
Loading…
Reference in New Issue