mirror of
https://github.com/Tha14/toxic.git
synced 2024-12-23 09:03:25 +01:00
fix possible buffer overflows and undefined behaviour
This commit is contained in:
parent
fb5a9bc043
commit
f630a3e604
@ -178,7 +178,7 @@ int complete_line(ToxWindow *self, const void *list, int n_items, int size)
|
||||
int strt = ctx->pos - s_len;
|
||||
int diff = m_len - s_len + n_endchrs;
|
||||
|
||||
if (ctx->len + diff > MAX_STR_SIZE)
|
||||
if (ctx->len + diff >= MAX_STR_SIZE)
|
||||
return -1;
|
||||
|
||||
char tmpend[MAX_STR_SIZE];
|
||||
@ -220,7 +220,7 @@ static void complt_home_dir(ToxWindow *self, char *path)
|
||||
|
||||
int newlen = wcslen(wline);
|
||||
|
||||
if (ctx->len + newlen > MAX_STR_SIZE)
|
||||
if (ctx->len + newlen >= MAX_STR_SIZE)
|
||||
return;
|
||||
|
||||
wmemcpy(ctx->line, wline, newlen + 1);
|
||||
|
@ -172,7 +172,7 @@ void cmd_sendfile(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv
|
||||
int path_len = strlen(path) - 1;
|
||||
path[path_len] = '\0';
|
||||
|
||||
if (path_len > MAX_STR_SIZE) {
|
||||
if (path_len >= MAX_STR_SIZE) {
|
||||
errmsg = "File path exceeds character limit.";
|
||||
line_info_add(self, NULL, NULL, NULL, SYS_MSG, 0, 0, errmsg);
|
||||
return;
|
||||
@ -190,7 +190,7 @@ void cmd_sendfile(WINDOW *window, ToxWindow *self, Tox *m, int argc, char (*argv
|
||||
uint64_t filesize = ftell(file_to_send);
|
||||
fseek(file_to_send, 0, SEEK_SET);
|
||||
|
||||
char filename[MAX_STR_SIZE];
|
||||
char filename[MAX_STR_SIZE] = {0};
|
||||
get_file_name(filename, sizeof(filename), path);
|
||||
int filenum = tox_new_file_sender(m, self->num, filesize, (const uint8_t *) filename, strlen(filename));
|
||||
|
||||
|
@ -114,7 +114,9 @@ static int parse_command(WINDOW *w, ToxWindow *self, const char *input, char (*a
|
||||
if (cmd[i] == '\0') /* no more args */
|
||||
break;
|
||||
|
||||
strcpy(cmd, &cmd[i + 1]);
|
||||
char tmp[MAX_STR_SIZE];
|
||||
snprintf(tmp, sizeof(tmp), "%s", &cmd[i + 1]);
|
||||
strcpy(cmd, tmp);
|
||||
}
|
||||
|
||||
free(cmd);
|
||||
|
@ -145,16 +145,13 @@ static void input_mv_left(ToxWindow *self, int x, int mx_x)
|
||||
if (ctx->pos <= 0)
|
||||
return;
|
||||
|
||||
int cur_len = wcwidth(ctx->line[ctx->pos - 1]);
|
||||
int cur_len = ctx->pos > 0 ? wcwidth(ctx->line[ctx->pos - 1]) : 0;
|
||||
int s_len = ctx->start > 0 ? wcwidth(ctx->line[ctx->start - 1]) : 0;
|
||||
|
||||
--ctx->pos;
|
||||
|
||||
int s_len = wcwidth(ctx->line[ctx->start - 1]);
|
||||
|
||||
if (ctx->start && (x >= mx_x - cur_len))
|
||||
ctx->start = MAX(0, ctx->start - 1 + (s_len - cur_len));
|
||||
else if (ctx->start && (ctx->pos == ctx->len))
|
||||
ctx->start = MAX(0, ctx->start - cur_len);
|
||||
else if (ctx->start)
|
||||
ctx->start = MAX(0, ctx->start - cur_len);
|
||||
}
|
||||
|
@ -59,7 +59,7 @@ void init_logging_session(char *name, char *key, struct chatlog *log)
|
||||
path_len += strlen(ident) + 1;
|
||||
}
|
||||
|
||||
if (path_len > MAX_STR_SIZE) {
|
||||
if (path_len >= MAX_STR_SIZE) {
|
||||
log->log_on = false;
|
||||
free(user_config_dir);
|
||||
return;
|
||||
|
@ -170,7 +170,7 @@ static void shift_hist_back(ChatContext *ctx)
|
||||
/* adds a line to the ln_history buffer at hst_pos and sets hst_pos to end of history. */
|
||||
void add_line_to_hist(ChatContext *ctx)
|
||||
{
|
||||
if (ctx->len > MAX_STR_SIZE)
|
||||
if (ctx->len >= MAX_STR_SIZE)
|
||||
return;
|
||||
|
||||
if (ctx->hst_tot >= MAX_LINE_HIST)
|
||||
|
Loading…
Reference in New Issue
Block a user