[PATCH 04/11] wrlib: added a limit to the image cache size (Coverity #50223)

Sat, 14 Jun 2014 10:35:07 -0700 

From: Christophe CURIS <christophe.cu...@free.fr>

As pointed by Coverity, environment variables cannot be considered
trustworthy ("tainted"), so we need to make sure the values provided are
within reasonable bounds for safe operations.

Seized the opportunity to try to provide clearer name for the constants
defining the default value.

Signed-off-by: Christophe CURIS <christophe.cu...@free.fr>
---
 wrlib/load.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/wrlib/load.c b/wrlib/load.c
index b31e6b2..d67a6ec 100644
--- a/wrlib/load.c
+++ b/wrlib/load.c
@@ -46,18 +46,21 @@ typedef struct RCachedImage {
 } RCachedImage;
 
 /*
- * Size of image cache
+ * Number of image to keep in the cache
  */
 static int RImageCacheSize = -1;
 
+#define IMAGE_CACHE_DEFAULT_NBENTRIES    8
+#define IMAGE_CACHE_MAXIMUM_NBENTRIES  256
+
 /*
- * Max. size of image to store in cache
+ * Max. size of image (in pixels) to store in the cache
  */
 static int RImageCacheMaxImage = -1;   /* 0 = any size */
 
-#define IMAGE_CACHE_SIZE       8
+#define IMAGE_CACHE_DEFAULT_MAXPIXELS  (64 * 64)
+#define IMAGE_CACHE_MAXIMUM_MAXPIXELS  (256 * 256)
 
-#define IMAGE_CACHE_MAX_IMAGE  64*64
 
 static RCachedImage *RImageCache;
 
@@ -106,14 +109,19 @@ static void init_cache(void)
 
        tmp = getenv("RIMAGE_CACHE");
        if (!tmp || sscanf(tmp, "%i", &RImageCacheSize) != 1)
-               RImageCacheSize = IMAGE_CACHE_SIZE;
-
+               RImageCacheSize = IMAGE_CACHE_DEFAULT_NBENTRIES;
        if (RImageCacheSize < 0)
                RImageCacheSize = 0;
+       if (RImageCacheSize > IMAGE_CACHE_MAXIMUM_NBENTRIES)
+               RImageCacheSize = IMAGE_CACHE_MAXIMUM_NBENTRIES;
 
        tmp = getenv("RIMAGE_CACHE_SIZE");
        if (!tmp || sscanf(tmp, "%i", &RImageCacheMaxImage) != 1)
-               RImageCacheMaxImage = IMAGE_CACHE_MAX_IMAGE;
+               RImageCacheMaxImage = IMAGE_CACHE_DEFAULT_MAXPIXELS;
+       if (RImageCacheMaxImage < 0)
+               RImageCacheMaxImage = 0;
+       if (RImageCacheMaxImage > IMAGE_CACHE_MAXIMUM_MAXPIXELS)
+               RImageCacheMaxImage = IMAGE_CACHE_MAXIMUM_MAXPIXELS;
 
        if (RImageCacheSize > 0) {
                RImageCache = malloc(sizeof(RCachedImage) * RImageCacheSize);
-- 
1.9.2


-- 
To unsubscribe, send mail to wmaker-dev-unsubscr...@lists.windowmaker.org.

Reply via email to