Add size limit of 32768 to strings to guard against corrupt files
Add count limit for bookmarks and bookmark shortcuts
This commit is contained in:
parent
2e70e27ba0
commit
dd35f4b12a
|
@ -145,6 +145,11 @@ static void GetValueR(FILE *fp, char *str, void *v, int c)
|
|||
{
|
||||
if(!c) // String, allocate some memory.
|
||||
{
|
||||
// Windows enforces a 32767 character limit for text boxes by default
|
||||
// If a string exceeds this length, it's probably a corrupt file
|
||||
if (s > 32768)
|
||||
goto gogl;
|
||||
|
||||
if(!(*(char **)v=(char*)malloc(s)))
|
||||
goto gogl;
|
||||
|
||||
|
|
|
@ -254,6 +254,9 @@ int loadDebuggerPreferences(FILE* f)
|
|||
|
||||
// Read the number of CPU bookmarks
|
||||
if (fread(&size, sizeof(unsigned int), 1, f) != 1) return 1;
|
||||
// If there's more than 65536 bookmarks (bookmarking every address in the whole 16-bit address space), we're probably reading a corrupt file
|
||||
if (size > 65536) return 1;
|
||||
|
||||
bookmarks.resize(size);
|
||||
// Read the data of those bookmarks
|
||||
char buffer[256];
|
||||
|
@ -295,6 +298,8 @@ int loadDebuggerPreferences(FILE* f)
|
|||
|
||||
// Read the length of the BP condition
|
||||
if (fread(&len, sizeof(len), 1, f) != 1) return 1;
|
||||
// Windows enforces 32767 max characters for a textbox by default, if it exceeds that, it's probably a corrupt file
|
||||
if (len > 32767) return 1;
|
||||
|
||||
// Delete eventual older conditions
|
||||
if (watchpoint[myNumWPs].condText)
|
||||
|
@ -312,7 +317,9 @@ int loadDebuggerPreferences(FILE* f)
|
|||
|
||||
// Read length of the BP description
|
||||
if (fread(&len, sizeof(len), 1, f) != 1) return 1;
|
||||
|
||||
// Windows enforces 32767 max characters for a textbox by default, if it exceeds that, it's probably a corrupt file
|
||||
if (len > 32767) return 1;
|
||||
|
||||
// Delete eventual older description
|
||||
if (watchpoint[myNumWPs].desc)
|
||||
free(watchpoint[myNumWPs].desc);
|
||||
|
@ -373,6 +380,8 @@ int loadHexPreferences(FILE* f, HexBookmarkList& target = hexBookmarks)
|
|||
if (fread(&target[i].address, sizeof(target[i].address), 1, f) != 1) return 1;
|
||||
// Read length of description
|
||||
if (fread(&len, sizeof(len), 1, f) != 1) return 1;
|
||||
const int max_len = sizeof(target[i].description)/sizeof(target[i].description[0]) - 1; //value of 50
|
||||
if (len > max_len) return 1;
|
||||
// Read the bookmark description
|
||||
if (fread(target[i].description, 1, len, f) != len) return 1;
|
||||
}
|
||||
|
@ -384,6 +393,8 @@ int loadHexPreferences(FILE* f, HexBookmarkList& target = hexBookmarks)
|
|||
if (!feof(f))
|
||||
{
|
||||
fread(&target.shortcutCount, sizeof(target.shortcutCount), 1, f);
|
||||
const int max_shortcuts = sizeof(target.shortcuts) / sizeof(target.shortcuts[0]); //value of 10
|
||||
if (target.shortcutCount > max_shortcuts) return 1;
|
||||
|
||||
unsigned int bookmark_index, shortcut_index;
|
||||
// read the matching index list of the shortcuts
|
||||
|
|
Loading…
Reference in New Issue