ShuriZma
/
fceux
mirror of https://github.com/TASEmulators/fceux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

win32 - log - Remove potential buffer overflow

This commit is contained in:
mart0258 2009-11-14 03:48:47 +00:00
parent 7774d786cb
commit 0a4a280417
1 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/drivers/win/log.cpp
View File

@ -16,13 +16,13 @@ unsigned int truncated_logcount()
/** /**
* Concatenates formerly logged messages into a single string and * Concatenates formerly logged messages into a single string and
* displays that string in the log window. * displays that string in the log window.
*
* TODO: This function contains a potential buffer overflow
**/ **/
void RedoText(void) void RedoText(void)
{ {
char textbuf[65536] = { 0 }; char textbuf[65536] = { 0 };
unsigned int x; unsigned int x;
int tbs=0; // textbuf size
int cs; // current log size
// TODO: This if can be made much simpler. // TODO: This if can be made much simpler.
if(logcount >= MAXIMUM_NUMBER_OF_LOGS) if(logcount >= MAXIMUM_NUMBER_OF_LOGS)
@ -32,7 +32,17 @@ void RedoText(void)
for(;;) for(;;)
{ {
strcat(textbuf, logtext[x]); cs=strlen(logtext[x]);
if (tbs+cs>=65536)
{
//SetDlgItemText(logwin, LBL_LOG_TEXT, textbuf);
//SendDlgItemMessage(logwin, LBL_LOG_TEXT, EM_LINESCROLL, 0, 200);
//textbuf[0]='\0';
//tbs=0;
break;
}
strcat(textbuf+tbs, logtext[x]);
tbs+=cs;
x = ( x + 1 ) & ( MAXIMUM_NUMBER_OF_LOGS - 1 ); x = ( x + 1 ) & ( MAXIMUM_NUMBER_OF_LOGS - 1 );
if(x == truncated_logcount()) if(x == truncated_logcount())
@ -45,7 +55,13 @@ void RedoText(void)
{ {
for(x = 0; x < logcount; x++) for(x = 0; x < logcount; x++)
{ {
strcat(textbuf,logtext[x]); cs=strlen(logtext[x]);
if (tbs+cs>=65536)
{
break;
}
strcat(textbuf+tbs,logtext[x]);
tbs+=cs;
} }
} }