[Bf-blender-cvs] SVN commit: /data/svn/bf-blender [41021] trunk/blender/source: fix for buffer overrun with BLI_split_dirfile(...), was simple to do since many places don' t check for filename lengyj of 79 chars which is the limit for the file selector .
Campbell Barton
ideasman42 at gmail.com
Sat Oct 15 05:56:11 CEST 2011
Revision: 41021
http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=41021
Author: campbellbarton
Date: 2011-10-15 03:56:05 +0000 (Sat, 15 Oct 2011)
Log Message:
-----------
fix for buffer overrun with BLI_split_dirfile(...), was simple to do since many places don't check for filename lengyj of 79 chars which is the limit for the file selector.
Add max dir and file length args.
Modified Paths:
--------------
trunk/blender/source/blender/blenkernel/intern/pointcache.c
trunk/blender/source/blender/blenkernel/intern/sequencer.c
trunk/blender/source/blender/blenlib/BLI_path_util.h
trunk/blender/source/blender/blenlib/intern/bpath.c
trunk/blender/source/blender/blenlib/intern/path_util.c
trunk/blender/source/blender/blenlib/intern/winstuff.c
trunk/blender/source/blender/blenloader/intern/writefile.c
trunk/blender/source/blender/collada/DocumentImporter.cpp
trunk/blender/source/blender/collada/ImageExporter.cpp
trunk/blender/source/blender/editors/space_file/file_ops.c
trunk/blender/source/blender/editors/space_file/filesel.c
trunk/blender/source/blender/editors/space_sequencer/sequencer_add.c
trunk/blender/source/blender/editors/space_sequencer/space_sequencer.c
trunk/blender/source/blender/makesrna/intern/rna_sequencer.c
trunk/blender/source/gameengine/Ketsji/KX_PythonInit.cpp
Modified: trunk/blender/source/blender/blenkernel/intern/pointcache.c
===================================================================
--- trunk/blender/source/blender/blenkernel/intern/pointcache.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenkernel/intern/pointcache.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -910,7 +910,7 @@
else if (G.relbase_valid || lib) {
char file[MAX_PTCACHE_PATH]; /* we dont want the dir, only the file */
- BLI_split_dirfile(blendfilename, NULL, file);
+ BLI_split_dirfile(blendfilename, NULL, file, 0, sizeof(file));
i = strlen(file);
/* remove .blend */
Modified: trunk/blender/source/blender/blenkernel/intern/sequencer.c
===================================================================
--- trunk/blender/source/blender/blenkernel/intern/sequencer.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenkernel/intern/sequencer.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -3647,7 +3647,7 @@
/* we only need 1 element to store the filename */
strip->stripdata= se= MEM_callocN(sizeof(StripElem), "stripelem");
- BLI_split_dirfile(seq_load->path, strip->dir, se->name);
+ BLI_split_dirfile(seq_load->path, strip->dir, se->name, sizeof(strip->dir), sizeof(se->name));
seq->scene_sound = sound_add_scene_sound(scene, seq, seq_load->start_frame, seq_load->start_frame + strip->len, 0);
@@ -3706,7 +3706,7 @@
/* we only need 1 element for MOVIE strips */
strip->stripdata= se= MEM_callocN(sizeof(StripElem), "stripelem");
- BLI_split_dirfile(seq_load->path, strip->dir, se->name);
+ BLI_split_dirfile(seq_load->path, strip->dir, se->name, sizeof(strip->dir), sizeof(se->name));
calc_sequence_disp(scene, seq);
Modified: trunk/blender/source/blender/blenlib/BLI_path_util.h
===================================================================
--- trunk/blender/source/blender/blenlib/BLI_path_util.h 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenlib/BLI_path_util.h 2011-10-15 03:56:05 UTC (rev 41021)
@@ -103,7 +103,7 @@
void BLI_make_file_string(const char *relabase, char *string, const char *dir, const char *file);
void BLI_make_exist(char *dir);
void BLI_make_existing_file(const char *name);
-void BLI_split_dirfile(const char *string, char *dir, char *file);
+void BLI_split_dirfile(const char *string, char *dir, char *file, const size_t dirlen, const size_t filelen);
void BLI_join_dirfile(char *string, const size_t maxlen, const char *dir, const char *file);
char *BLI_path_basename(char *path);
int BKE_rebase_path(char *abs, size_t abs_len, char *rel, size_t rel_len, const char *base_dir, const char *src_dir, const char *dest_dir);
Modified: trunk/blender/source/blender/blenlib/intern/bpath.c
===================================================================
--- trunk/blender/source/blender/blenlib/intern/bpath.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenlib/intern/bpath.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -400,7 +400,7 @@
if (SEQ_HAS_PATH(seq)) {
if (ELEM3(seq->type, SEQ_IMAGE, SEQ_MOVIE, SEQ_SOUND)) {
- BLI_split_dirfile(path, seq->strip->dir, seq->strip->stripdata->name);
+ BLI_split_dirfile(path, seq->strip->dir, seq->strip->stripdata->name, sizeof(seq->strip->dir), sizeof(seq->strip->stripdata->name));
}
else {
/* simple case */
@@ -903,7 +903,7 @@
//XXX waitcursor( 1 );
- BLI_split_dirfile(str, dirname, NULL);
+ BLI_split_dirfile(str, dirname, NULL, sizeof(dirname), 0);
BLI_bpathIterator_init(&bpi, bmain, bmain->name, 0);
Modified: trunk/blender/source/blender/blenlib/intern/path_util.c
===================================================================
--- trunk/blender/source/blender/blenlib/intern/path_util.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenlib/intern/path_util.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -894,7 +894,7 @@
}
/* use argv[0] (bprogname) to get the path to the executable */
- BLI_split_dirfile(bprogname, bprogdir, NULL);
+ BLI_split_dirfile(bprogname, bprogdir, NULL, sizeof(bprogdir), 0);
/* try EXECUTABLE_DIR/2.5x/folder_name - new default directory for local blender installed files */
if(test_path(targetpath, bprogdir, blender_version_decimal(ver), relfolder))
@@ -966,7 +966,7 @@
char bprogdir[FILE_MAX];
/* use argv[0] (bprogname) to get the path to the executable */
- BLI_split_dirfile(bprogname, bprogdir, NULL);
+ BLI_split_dirfile(bprogname, bprogdir, NULL, sizeof(bprogdir), 0);
if(folder_name) {
if (subfolder_name) {
@@ -1411,21 +1411,22 @@
* - dosnt use CWD, or deal with relative paths.
* - Only fill's in *dir and *file when they are non NULL
* */
-void BLI_split_dirfile(const char *string, char *dir, char *file)
+void BLI_split_dirfile(const char *string, char *dir, char *file, const size_t dirlen, const size_t filelen)
{
char *lslash_str = BLI_last_slash(string);
- int lslash= lslash_str ? (int)(lslash_str - string) + 1 : 0;
+ size_t lslash= lslash_str ? (size_t)(lslash_str - string) + 1 : 0;
if (dir) {
if (lslash) {
- BLI_strncpy( dir, string, lslash + 1); /* +1 to include the slash and the last char */
- } else {
+ BLI_strncpy( dir, string, MIN2(dirlen, lslash + 1)); /* +1 to include the slash and the last char */
+ }
+ else {
dir[0] = '\0';
}
}
if (file) {
- strcpy( file, string+lslash);
+ BLI_strncpy(file, string+lslash, filelen);
}
}
@@ -1515,7 +1516,7 @@
if (rel)
rel[0]= 0;
- BLI_split_dirfile(base_dir, blend_dir, NULL);
+ BLI_split_dirfile(base_dir, blend_dir, NULL, sizeof(blend_dir), 0);
if (src_dir[0]=='\0')
return 0;
@@ -1526,7 +1527,7 @@
BLI_path_abs(path, base_dir);
/* get the directory part */
- BLI_split_dirfile(path, dir, base);
+ BLI_split_dirfile(path, dir, base, sizeof(dir), sizeof(base));
len= strlen(blend_dir);
Modified: trunk/blender/source/blender/blenlib/intern/winstuff.c
===================================================================
--- trunk/blender/source/blender/blenlib/intern/winstuff.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenlib/intern/winstuff.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -53,11 +53,10 @@
int BLI_getInstallationDir( char * str ) {
char dir[FILE_MAXDIR];
- char file[FILE_MAXFILE];
int a;
GetModuleFileName(NULL,str,FILE_MAXDIR+FILE_MAXFILE);
- BLI_split_dirfile(str,dir,file); /* shouldn't be relative */
+ BLI_split_dirfile(str, dir, NULL, sizeof(dir), 0); /* shouldn't be relative */
a = strlen(dir);
if(dir[a-1] == '\\') dir[a-1]=0;
Modified: trunk/blender/source/blender/blenloader/intern/writefile.c
===================================================================
--- trunk/blender/source/blender/blenloader/intern/writefile.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/blenloader/intern/writefile.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -2678,8 +2678,8 @@
if(write_flags & G_FILE_RELATIVE_REMAP) {
char dir1[FILE_MAXDIR+FILE_MAXFILE];
char dir2[FILE_MAXDIR+FILE_MAXFILE];
- BLI_split_dirfile(filepath, dir1, NULL);
- BLI_split_dirfile(mainvar->name, dir2, NULL);
+ BLI_split_dirfile(filepath, dir1, NULL, sizeof(dir1), 0);
+ BLI_split_dirfile(mainvar->name, dir2, NULL, sizeof(dir2), 0);
/* just incase there is some subtle difference */
BLI_cleanup_dir(mainvar->name, dir1);
Modified: trunk/blender/source/blender/collada/DocumentImporter.cpp
===================================================================
--- trunk/blender/source/blender/collada/DocumentImporter.cpp 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/collada/DocumentImporter.cpp 2011-10-15 03:56:05 UTC (rev 41021)
@@ -884,7 +884,7 @@
char dir[FILE_MAX];
char full_path[FILE_MAX];
- BLI_split_dirfile(filename, dir, NULL);
+ BLI_split_dirfile(filename, dir, NULL, sizeof(dir), 0);
BLI_join_dirfile(full_path, sizeof(full_path), dir, filepath.c_str());
Image *ima = BKE_add_image_file(full_path);
if (!ima) {
Modified: trunk/blender/source/blender/collada/ImageExporter.cpp
===================================================================
--- trunk/blender/source/blender/collada/ImageExporter.cpp 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/collada/ImageExporter.cpp 2011-10-15 03:56:05 UTC (rev 41021)
@@ -97,7 +97,7 @@
char src[FILE_MAX];
char dir[FILE_MAX];
- BLI_split_dirfile(this->export_settings->filepath, dir, NULL);
+ BLI_split_dirfile(this->export_settings->filepath, dir, NULL, sizeof(dir), 0);
BKE_rebase_path(abs, sizeof(abs), rel, sizeof(rel), G.main->name, image->name, dir);
Modified: trunk/blender/source/blender/editors/space_file/file_ops.c
===================================================================
--- trunk/blender/source/blender/editors/space_file/file_ops.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/editors/space_file/file_ops.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -666,7 +666,7 @@
if((prop= RNA_struct_find_property(op->ptr, "filepath"))) {
char filepath[FILE_MAX];
RNA_property_string_get(op->ptr, prop, filepath);
- BLI_split_dirfile(filepath, sfile->params->dir, sfile->params->file);
+ BLI_split_dirfile(filepath, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
}
else {
if((prop= RNA_struct_find_property(op->ptr, "filename"))) {
@@ -1143,7 +1143,7 @@
if(BLI_exists(sfile->params->dir) && BLI_is_dir(sfile->params->dir) == 0) {
char path[sizeof(sfile->params->dir)];
BLI_strncpy(path, sfile->params->dir, sizeof(path));
- BLI_split_dirfile(path, sfile->params->dir, sfile->params->file);
+ BLI_split_dirfile(path, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
}
BLI_cleanup_dir(G.main->name, sfile->params->dir);
Modified: trunk/blender/source/blender/editors/space_file/filesel.c
===================================================================
--- trunk/blender/source/blender/editors/space_file/filesel.c 2011-10-15 01:42:26 UTC (rev 41020)
+++ trunk/blender/source/blender/editors/space_file/filesel.c 2011-10-15 03:56:05 UTC (rev 41021)
@@ -113,7 +113,7 @@
if (!sfile->params) {
sfile->params= MEM_callocN(sizeof(FileSelectParams), "fileselparams");
/* set path to most recently opened .blend */
@@ Diff output truncated at 10240 characters. @@
More information about the Bf-blender-cvs
mailing list