mirror of
https://github.com/Tha14/toxic.git
synced 2024-11-22 21:43:02 +01:00
Fix potential int truncation and double-check lengths before copy
This commit is contained in:
parent
80c0500299
commit
52dd60dc86
@ -153,10 +153,14 @@ static int save_blocklist(char *path)
|
||||
}
|
||||
|
||||
if (Blocked.list[i].active) {
|
||||
if (Blocked.list[i].namelength > TOXIC_MAX_NAME_LENGTH) {
|
||||
continue;
|
||||
}
|
||||
|
||||
BlockedFriend tmp;
|
||||
memset(&tmp, 0, sizeof(BlockedFriend));
|
||||
tmp.namelength = htons(Blocked.list[i].namelength);
|
||||
memcpy(tmp.name, Blocked.list[i].name, Blocked.list[i].namelength + 1);
|
||||
memcpy(tmp.name, Blocked.list[i].name, Blocked.list[i].namelength + 1); // Include null byte
|
||||
memcpy(tmp.pub_key, Blocked.list[i].pub_key, TOX_PUBLIC_KEY_SIZE);
|
||||
|
||||
uint8_t lastonline[sizeof(uint64_t)];
|
||||
@ -250,10 +254,15 @@ int load_blocklist(char *path)
|
||||
memset(&Blocked.list[i], 0, sizeof(BlockedFriend));
|
||||
|
||||
memcpy(&tmp, data + i * sizeof(BlockedFriend), sizeof(BlockedFriend));
|
||||
Blocked.list[i].namelength = ntohs(tmp.namelength);
|
||||
|
||||
if (Blocked.list[i].namelength > TOXIC_MAX_NAME_LENGTH) {
|
||||
continue;
|
||||
}
|
||||
|
||||
Blocked.list[i].active = true;
|
||||
Blocked.list[i].num = i;
|
||||
Blocked.list[i].namelength = MIN(TOXIC_MAX_NAME_LENGTH, ntohs(tmp.namelength));
|
||||
memcpy(Blocked.list[i].name, tmp.name, Blocked.list[i].namelength + 1);
|
||||
memcpy(Blocked.list[i].name, tmp.name, Blocked.list[i].namelength + 1); // copy null byte
|
||||
memcpy(Blocked.list[i].pub_key, tmp.pub_key, TOX_PUBLIC_KEY_SIZE);
|
||||
|
||||
uint8_t lastonline[sizeof(uint64_t)];
|
||||
|
@ -44,7 +44,7 @@ struct GroupChatInvite {
|
||||
|
||||
typedef struct {
|
||||
char name[TOXIC_MAX_NAME_LENGTH + 1];
|
||||
int namelength;
|
||||
uint16_t namelength;
|
||||
char statusmsg[TOX_MAX_STATUS_MESSAGE_LENGTH + 1];
|
||||
size_t statusmsg_len;
|
||||
char pub_key[TOX_PUBLIC_KEY_SIZE];
|
||||
@ -65,7 +65,7 @@ typedef struct {
|
||||
|
||||
typedef struct {
|
||||
char name[TOXIC_MAX_NAME_LENGTH + 1];
|
||||
int namelength;
|
||||
uint16_t namelength;
|
||||
char pub_key[TOX_PUBLIC_KEY_SIZE];
|
||||
uint32_t num;
|
||||
bool active;
|
||||
|
Loading…
Reference in New Issue
Block a user