godzil/dorayme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix some potential buffer overflow issues.

Browse Source 
Not critical, but better to avoid them!
This commit is contained in:
Godzil
2020-03-09 14:16:05 +00:00
parent e653855556
commit efa47f28ca
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/shapes/objfile.cpp
View File

@@ -53,7 +53,8 @@ OBJFile::OBJFile(const char *filepath) : OBJFile()
{ {
fseek(fp, 0, SEEK_END); fseek(fp, 0, SEEK_END);
fileSize = ftell(fp); fileSize = ftell(fp);
fileBuff = (char *)calloc(fileSize, 1); /* Add one byte to the size to make sure it is null terminated */
fileBuff = (char *)calloc(fileSize + 1, 1);
fseek(fp, 0, SEEK_SET); fseek(fp, 0, SEEK_SET);
fileSize = fread(fileBuff, 1, fileSize, fp); fileSize = fread(fileBuff, 1, fileSize, fp);
fclose(fp); fclose(fp);
@@ -221,7 +222,7 @@ int OBJFile::parseOBJFile(const char *content)
/* I don't think we will handle lines of more than 512 characters... */ /* I don't think we will handle lines of more than 512 characters... */
char lineBuff[MAX_LINE_LENGTH]; char lineBuff[MAX_LINE_LENGTH];
uint32_t currentLineNum = 1; uint32_t currentLineNum = 1;
uint32_t totalLength = strlen(content);
/* Need to process line by line */ /* Need to process line by line */
const char *bufferPos = content; const char *bufferPos = content;
const char *lineNewline; const char *lineNewline;
@@ -249,6 +250,12 @@ int OBJFile::parseOBJFile(const char *content)
this->parseLine(lineBuff, currentLineNum); this->parseLine(lineBuff, currentLineNum);
bufferPos += lineLength + 1; bufferPos += lineLength + 1;
if ((bufferPos - content) >= totalLength)
{
/* We are past the length of the buffer, don't need to continue */
break;
}
currentLineNum++; currentLineNum++;
} }
return 0; return 0;