checks against stack overflows added. If put strings into stack, limit the access by their size, not by the size of unknown and possible corrupt input

This commit is contained in:
mightymax 2007-01-20 15:07:51 +00:00
parent dfb56b1662
commit af2b5e4f14
2 changed files with 17 additions and 8 deletions

View File

@ -19,12 +19,12 @@
*/ */
#include <string.h>
#include "fs.h" #include "fs.h"
#include "cflash.h" #include "cflash.h"
#include "NDSSystem.h" #include "NDSSystem.h"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h>
#define SECPERFAT 128 #define SECPERFAT 128
@ -193,7 +193,8 @@ void list_files(char *fpath) {
maxLevel++; maxLevel++;
fileLevel = maxLevel; fileLevel = maxLevel;
strncpy(DirSpec, fpath, strlen(fpath)+1); strncpy(DirSpec, fpath, 255+1); /* if we use strncpy, we use it correct to limit it by the internal, not input size */
DirSpec[255] = 0 ; /* hard limit the string here */
hFind = FsReadFirst(DirSpec, &entry); hFind = FsReadFirst(DirSpec, &entry);
@ -210,8 +211,11 @@ void list_files(char *fpath) {
if (numFiles==MAXFILES-1) break; if (numFiles==MAXFILES-1) break;
if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) { if ((entry.flags & FS_IS_DIR) && (strcmp(fname, ".")) && (strcmp(fname, ".."))) {
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname); if (strlen(fname)+strlen(fpath)+2 < 256)
list_files(SubDir); {
sprintf(SubDir, "%s%c%s", fpath, FS_SEPARATOR, fname);
list_files(SubDir);
}
} }
} }

View File

@ -31,6 +31,7 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
HANDLE hFind; HANDLE hFind;
HANDLE * ret; HANDLE * ret;
char path[1024]; char path[1024];
if (strlen(p)+3 >sizeof(path)) return NULL ;
sprintf(path, "%s\\*", p); sprintf(path, "%s\\*", p);
@ -38,8 +39,10 @@ void * FsReadFirst(const char * p, FsEntry * entry) {
if (hFind == INVALID_HANDLE_VALUE) if (hFind == INVALID_HANDLE_VALUE)
return NULL; return NULL;
strcpy(entry->cFileName, FindFileData.cFileName); strncpy(entry->cFileName, FindFileData.cFileName,256);
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName); entry->cFileName[255] = 0 ;
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
entry->cAlternateFileName[14] = 0 ;
entry->flags = 0; entry->flags = 0;
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
entry->flags = FS_IS_DIR; entry->flags = FS_IS_DIR;
@ -57,8 +60,10 @@ int FsReadNext(void * search, FsEntry * entry) {
ret = FindNextFile(*h, &FindFileData); ret = FindNextFile(*h, &FindFileData);
strcpy(entry->cFileName, FindFileData.cFileName); strncpy(entry->cFileName, FindFileData.cFileName,256);
strcpy(entry->cAlternateFileName, FindFileData.cAlternateFileName); entry->cFileName[255] = 0 ;
strncpy(entry->cAlternateFileName, FindFileData.cAlternateFileName,14);
entry->cAlternateFileName[14] = 0 ;
entry->flags = 0; entry->flags = 0;
if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
entry->flags = FS_IS_DIR; entry->flags = FS_IS_DIR;