This is an automated email from the git hooks/post-receive script.
smcv pushed a commit to annotated tag 1.42d
in repository iortcw.
commit 1ba3705c9104748ecf4bc7365752b7e5142a8d47
Author: m4n4t4...@gmail.com
<m4n4t4...@gmail.com@e65d2741-a53d-b2dc-ae96-bb75fa5e4c4a>
Date: Mon May 26 10:07:34 2014 +0000
All: Fix unchecked buffer size issues in l_script.c and l_precomp.c
---
MP/code/botlib/l_precomp.c | 20 +++++++++++++-------
MP/code/botlib/l_script.c | 12 +++++++-----
SP/code/botlib/l_precomp.c | 20 +++++++++++++-------
SP/code/botlib/l_script.c | 12 +++++++-----
4 files changed, 40 insertions(+), 24 deletions(-)
diff --git a/MP/code/botlib/l_precomp.c b/MP/code/botlib/l_precomp.c
index 516ab02..8bcc47e 100644
--- a/MP/code/botlib/l_precomp.c
+++ b/MP/code/botlib/l_precomp.c
@@ -978,13 +978,13 @@ int PC_Directive_include( source_t *source ) {
PC_ConvertPath( token.string );
script = LoadScriptFile( token.string );
if ( !script ) {
- strcpy( path, source->includepath );
- strcat( path, token.string );
+ Q_strncpyz(path, source->includepath, sizeof(path));
+ Q_strcat(path, sizeof(path), token.string);
script = LoadScriptFile( path );
} //end if
} //end if
else if ( token.type == TT_PUNCTUATION && *token.string == '<' ) {
- strcpy( path, source->includepath );
+ Q_strncpyz(path, source->includepath, sizeof(path));
while ( PC_ReadSourceToken( source, &token ) )
{
if ( token.linescrossed > 0 ) {
@@ -994,7 +994,7 @@ int PC_Directive_include( source_t *source ) {
if ( token.type == TT_PUNCTUATION && *token.string ==
'>' ) {
break;
}
- strncat(path, token.string, _MAX_PATH - 1);
+ Q_strcat(path, sizeof(path), token.string);
} //end while
if ( *token.string != '>' ) {
SourceWarning( source, "#include missing trailing >" );
@@ -2812,6 +2812,7 @@ int PC_ExpectTokenType( source_t *source, int type, int
subtype, token_t *token
} //end if
if ( token->type == TT_NUMBER ) {
if ( ( token->subtype & subtype ) != subtype ) {
+ strcpy(str, "");
if ( subtype & TT_DECIMAL ) {
strcpy( str, "decimal" );
}
@@ -2948,10 +2949,15 @@ void PC_UnreadToken( source_t *source, token_t *token )
{
// Changes Globals: -
//============================================================================
void PC_SetIncludePath( source_t *source, char *path ) {
- strncpy( source->includepath, path, _MAX_PATH );
+ size_t len;
+
+ Q_strncpyz(source->includepath, path, _MAX_PATH-1);
+
+ len = strlen(source->includepath);
//add trailing path seperator
- if ( source->includepath[strlen( source->includepath ) - 1] != '\\' &&
- source->includepath[strlen( source->includepath ) - 1] != '/'
) {
+ if (len > 0 && source->includepath[len-1] != '\\' &&
+ source->includepath[len-1] != '/')
+ {
strcat( source->includepath, PATHSEPERATOR_STR );
} //end if
} //end of the function PC_SetIncludePath
diff --git a/MP/code/botlib/l_script.c b/MP/code/botlib/l_script.c
index 89d678e..7ce27f7 100644
--- a/MP/code/botlib/l_script.c
+++ b/MP/code/botlib/l_script.c
@@ -958,6 +958,7 @@ int PS_ExpectTokenType( script_t *script, int type, int
subtype, token_t *token
} //end if
if ( token->type != type ) {
+ strcpy(str, "");
if ( type == TT_STRING ) {
strcpy( str, "string" );
}
@@ -978,6 +979,7 @@ int PS_ExpectTokenType( script_t *script, int type, int
subtype, token_t *token
} //end if
if ( token->type == TT_NUMBER ) {
if ( ( token->subtype & subtype ) != subtype ) {
+ strcpy(str, "");
if ( subtype & TT_DECIMAL ) {
strcpy( str, "decimal" );
}
@@ -1361,8 +1363,8 @@ script_t *LoadScriptFile( const char *filename ) {
buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
script = (script_t *) buffer;
- memset( script, 0, sizeof( script_t ) );
- strcpy( script->filename, filename );
+ Com_Memset(script, 0, sizeof(script_t));
+ Q_strncpyz(script->filename, filename, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof( script_t );
script->buffer[length] = 0;
script->length = length;
@@ -1406,8 +1408,8 @@ script_t *LoadScriptMemory( char *ptr, int length, char
*name ) {
buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
script = (script_t *) buffer;
- memset( script, 0, sizeof( script_t ) );
- strcpy( script->filename, name );
+ Com_Memset(script, 0, sizeof(script_t));
+ Q_strncpyz(script->filename, name, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof( script_t );
script->buffer[length] = 0;
script->length = length;
@@ -1425,7 +1427,7 @@ script_t *LoadScriptMemory( char *ptr, int length, char
*name ) {
//
SetScriptPunctuations( script, NULL );
//
- memcpy( script->buffer, ptr, length );
+ Com_Memcpy(script->buffer, ptr, length);
//
return script;
} //end of the function LoadScriptMemory
diff --git a/SP/code/botlib/l_precomp.c b/SP/code/botlib/l_precomp.c
index 31ca0f4..141d65f 100644
--- a/SP/code/botlib/l_precomp.c
+++ b/SP/code/botlib/l_precomp.c
@@ -973,13 +973,13 @@ int PC_Directive_include( source_t *source ) {
PC_ConvertPath( token.string );
script = LoadScriptFile( token.string );
if ( !script ) {
- strcpy( path, source->includepath );
- strcat( path, token.string );
+ Q_strncpyz(path, source->includepath, sizeof(path));
+ Q_strcat(path, sizeof(path), token.string);
script = LoadScriptFile( path );
} //end if
} //end if
else if ( token.type == TT_PUNCTUATION && *token.string == '<' ) {
- strcpy( path, source->includepath );
+ Q_strncpyz(path, source->includepath, sizeof(path));
while ( PC_ReadSourceToken( source, &token ) )
{
if ( token.linescrossed > 0 ) {
@@ -989,7 +989,7 @@ int PC_Directive_include( source_t *source ) {
if ( token.type == TT_PUNCTUATION && *token.string ==
'>' ) {
break;
}
- strncat(path, token.string, _MAX_PATH - 1);
+ Q_strcat(path, sizeof(path), token.string);
} //end while
if ( *token.string != '>' ) {
SourceWarning( source, "#include missing trailing >" );
@@ -2815,6 +2815,7 @@ int PC_ExpectTokenType( source_t *source, int type, int
subtype, token_t *token
} //end if
if ( token->type == TT_NUMBER ) {
if ( ( token->subtype & subtype ) != subtype ) {
+ strcpy(str, "");
if ( subtype & TT_DECIMAL ) {
strcpy( str, "decimal" );
}
@@ -2951,10 +2952,15 @@ void PC_UnreadToken( source_t *source, token_t *token )
{
// Changes Globals: -
//============================================================================
void PC_SetIncludePath( source_t *source, char *path ) {
- strncpy( source->includepath, path, _MAX_PATH );
+ size_t len;
+
+ Q_strncpyz(source->includepath, path, _MAX_PATH-1);
+
+ len = strlen(source->includepath);
//add trailing path seperator
- if ( source->includepath[strlen( source->includepath ) - 1] != '\\' &&
- source->includepath[strlen( source->includepath ) - 1] != '/'
) {
+ if (len > 0 && source->includepath[len-1] != '\\' &&
+ source->includepath[len-1] != '/')
+ {
strcat( source->includepath, PATHSEPERATOR_STR );
} //end if
} //end of the function PC_SetIncludePath
diff --git a/SP/code/botlib/l_script.c b/SP/code/botlib/l_script.c
index 2b3c309..43305f8 100644
--- a/SP/code/botlib/l_script.c
+++ b/SP/code/botlib/l_script.c
@@ -973,6 +973,7 @@ int PS_ExpectTokenType( script_t *script, int type, int
subtype, token_t *token
} //end if
if ( token->type != type ) {
+ strcpy(str, "");
if ( type == TT_STRING ) {
strcpy( str, "string" );
}
@@ -993,6 +994,7 @@ int PS_ExpectTokenType( script_t *script, int type, int
subtype, token_t *token
} //end if
if ( token->type == TT_NUMBER ) {
if ( ( token->subtype & subtype ) != subtype ) {
+ strcpy(str, "");
if ( subtype & TT_DECIMAL ) {
strcpy( str, "decimal" );
}
@@ -1370,8 +1372,8 @@ script_t *LoadScriptFile( const char *filename ) {
buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
script = (script_t *) buffer;
- memset( script, 0, sizeof( script_t ) );
- strcpy( script->filename, filename );
+ Com_Memset(script, 0, sizeof(script_t));
+ Q_strncpyz(script->filename, filename, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof( script_t );
script->buffer[length] = 0;
script->length = length;
@@ -1414,8 +1416,8 @@ script_t *LoadScriptMemory( char *ptr, int length, char
*name ) {
buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
script = (script_t *) buffer;
- memset( script, 0, sizeof( script_t ) );
- strcpy( script->filename, name );
+ Com_Memset(script, 0, sizeof(script_t));
+ Q_strncpyz(script->filename, name, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof( script_t );
script->buffer[length] = 0;
script->length = length;
@@ -1433,7 +1435,7 @@ script_t *LoadScriptMemory( char *ptr, int length, char
*name ) {
//
SetScriptPunctuations( script, NULL );
//
- memcpy( script->buffer, ptr, length );
+ Com_Memcpy(script->buffer, ptr, length);
//
return script;
} //end of the function LoadScriptMemory
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-games/iortcw.git
_______________________________________________
Pkg-games-commits mailing list
Pkg-games-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-games-commits
