[Scummvm-cvs-logs] SF.net SVN: scummvm:[35072] scummvm/trunk

lordhoto at users.sourceforge.net lordhoto at users.sourceforge.net
Sat Nov 15 04:16:41 CET 2008


Revision: 35072
          http://scummvm.svn.sourceforge.net/scummvm/?rev=35072&view=rev
Author:   lordhoto
Date:     2008-11-15 03:16:41 +0000 (Sat, 15 Nov 2008)

Log Message:
-----------
Paranoia: Add destination buffer size to Engine::errorString to help avoiding buffer overflows.

Modified Paths:
--------------
    scummvm/trunk/common/util.cpp
    scummvm/trunk/engines/engine.cpp
    scummvm/trunk/engines/engine.h
    scummvm/trunk/engines/scumm/scumm.cpp
    scummvm/trunk/engines/scumm/scumm.h

Modified: scummvm/trunk/common/util.cpp
===================================================================
--- scummvm/trunk/common/util.cpp	2008-11-15 02:58:54 UTC (rev 35071)
+++ scummvm/trunk/common/util.cpp	2008-11-15 03:16:41 UTC (rev 35072)
@@ -465,7 +465,7 @@
 
 	// Next, give the active engine (if any) a chance to augment the message
 	if (g_engine) {
-		g_engine->errorString(in_buf, buf);
+		g_engine->errorString(in_buf, buf, STRINGBUFLEN);
 	} else {
 		strcpy(buf, in_buf);
 	}
@@ -583,7 +583,7 @@
 
 	// Next, give the active engine (if any) a chance to augment the message
 	if (g_engine) {
-		g_engine->errorString(buf_input, buf_output);
+		g_engine->errorString(buf_input, buf_output, STRINGBUFLEN);
 	} else {
 		strcpy(buf_output, buf_input);
 	}

Modified: scummvm/trunk/engines/engine.cpp
===================================================================
--- scummvm/trunk/engines/engine.cpp	2008-11-15 02:58:54 UTC (rev 35071)
+++ scummvm/trunk/engines/engine.cpp	2008-11-15 03:16:41 UTC (rev 35072)
@@ -251,8 +251,8 @@
 	return autosavePeriod != 0 && diff > autosavePeriod * 1000;
 }
 
-void Engine::errorString(const char *buf1, char *buf2) {
-	strcpy(buf2, buf1);
+void Engine::errorString(const char *buf1, char *buf2, int size) {
+	strncpy(buf2, buf1, size);
 }
 
 void Engine::pauseEngine(bool pause) {

Modified: scummvm/trunk/engines/engine.h
===================================================================
--- scummvm/trunk/engines/engine.h	2008-11-15 02:58:54 UTC (rev 35071)
+++ scummvm/trunk/engines/engine.h	2008-11-15 03:16:41 UTC (rev 35072)
@@ -154,7 +154,7 @@
 	/**
 	 * Prepare an error string, which is printed by the error() function.
 	 */
-	virtual void errorString(const char *buf_input, char *buf_output);
+	virtual void errorString(const char *buf_input, char *buf_output, int buf_output_size);
 
 	/**
 	 * Return the engine's debugger instance, if any. Used by error() to

Modified: scummvm/trunk/engines/scumm/scumm.cpp
===================================================================
--- scummvm/trunk/engines/scumm/scumm.cpp	2008-11-15 02:58:54 UTC (rev 35071)
+++ scummvm/trunk/engines/scumm/scumm.cpp	2008-11-15 03:16:41 UTC (rev 35072)
@@ -2338,9 +2338,9 @@
 	return _debugger;
 }
 
-void ScummEngine::errorString(const char *buf1, char *buf2) {
+void ScummEngine::errorString(const char *buf1, char *buf2, int buf2Size) {
 	if (_currentScript != 0xFF) {
-		sprintf(buf2, "(%d:%d:0x%lX): %s", _roomResource,
+		snprintf(buf2, buf2Size, "(%d:%d:0x%lX): %s", _roomResource,
 			vm.slot[_currentScript].number, (long)(_scriptPointer - _scriptOrgPointer), buf1);
 	} else {
 		strcpy(buf2, buf1);

Modified: scummvm/trunk/engines/scumm/scumm.h
===================================================================
--- scummvm/trunk/engines/scumm/scumm.h	2008-11-15 02:58:54 UTC (rev 35071)
+++ scummvm/trunk/engines/scumm/scumm.h	2008-11-15 03:16:41 UTC (rev 35072)
@@ -445,7 +445,7 @@
 	// Engine APIs
 	virtual Common::Error init();
 	virtual Common::Error go();
-	virtual void errorString(const char *buf_input, char *buf_output);
+	virtual void errorString(const char *buf_input, char *buf_output, int buf_output_size);
 	virtual GUI::Debugger *getDebugger();
 	virtual bool hasFeature(EngineFeature f) const;
 	virtual void syncSoundSettings();


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.




More information about the Scummvm-git-logs mailing list