[Bf-blender-cvs] SVN commit: /data/svn/bf-blender [58254] trunk/blender/source/blender: fix for error in string copy
Campbell Barton
ideasman42 at gmail.com
Mon Jul 15 07:09:08 CEST 2013
Revision: 58254
http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=58254
Author: campbellbarton
Date: 2013-07-15 05:09:06 +0000 (Mon, 15 Jul 2013)
Log Message:
-----------
fix for error in string copy
- BLI_strncpy_wchar_from_utf8 wasn't NULL terminating the destination string, caused uninitialized memory use in BPY_python_start().
- BLI_strncpy_wchar_as_utf8 could write one byte past the buffer bounds.
Modified Paths:
--------------
trunk/blender/source/blender/blenkernel/intern/font.c
trunk/blender/source/blender/blenlib/intern/string_utf8.c
trunk/blender/source/blender/editors/curve/editfont.c
Modified: trunk/blender/source/blender/blenkernel/intern/font.c
===================================================================
--- trunk/blender/source/blender/blenkernel/intern/font.c 2013-07-15 04:38:35 UTC (rev 58253)
+++ trunk/blender/source/blender/blenkernel/intern/font.c 2013-07-15 05:09:06 UTC (rev 58254)
@@ -516,7 +516,7 @@
/* Create unicode string */
utf8len = BLI_strlen_utf8(cu->str);
- mem = MEM_callocN(((utf8len + 1) * sizeof(wchar_t)), "convertedmem");
+ mem = MEM_mallocN(((utf8len + 1) * sizeof(wchar_t)), "convertedmem");
BLI_strncpy_wchar_from_utf8(mem, cu->str, utf8len + 1);
Modified: trunk/blender/source/blender/blenlib/intern/string_utf8.c
===================================================================
--- trunk/blender/source/blender/blenlib/intern/string_utf8.c 2013-07-15 04:38:35 UTC (rev 58253)
+++ trunk/blender/source/blender/blenlib/intern/string_utf8.c 2013-07-15 05:09:06 UTC (rev 58254)
@@ -197,6 +197,10 @@
BLI_assert(maxncpy != 0);
+#ifdef DEBUG_STRSIZE
+ memset(dst, 0xff, sizeof(*dst) * maxncpy);
+#endif
+
/* note: currently we don't attempt to deal with invalid utf8 chars */
BLI_STR_UTF8_CPY(dst, src, maxncpy);
@@ -226,6 +230,7 @@
size_t BLI_strncpy_wchar_as_utf8(char *__restrict dst, const wchar_t *__restrict src, const size_t maxncpy)
{
+ const size_t maxlen = maxncpy - 1;
size_t len = 0;
BLI_assert(maxncpy != 0);
@@ -234,7 +239,7 @@
memset(dst, 0xff, sizeof(*dst) * maxncpy);
#endif
- while (*src && len < maxncpy) { /* XXX can still run over the buffer because utf8 size isn't known :| */
+ while (*src && len != maxlen) { /* XXX can still run over the buffer because utf8 size isn't known :| */
len += BLI_str_utf8_from_unicode((unsigned int)*src++, dst + len);
}
@@ -310,6 +315,7 @@
size_t BLI_strncpy_wchar_from_utf8(wchar_t *__restrict dst_w, const char *__restrict src_c, const size_t maxncpy)
{
+ const size_t maxlen = maxncpy - 1;
size_t len = 0;
BLI_assert(maxncpy != 0);
@@ -318,11 +324,7 @@
memset(dst_w, 0xff, sizeof(*dst_w) * maxncpy);
#endif
- if (dst_w == NULL || src_c == NULL) {
- return 0;
- }
-
- while (*src_c && len < maxncpy) {
+ while (*src_c && len != maxlen) {
size_t step = 0;
unsigned int unicode = BLI_str_utf8_as_unicode_and_size(src_c, &step);
if (unicode != BLI_UTF8_ERR) {
@@ -336,6 +338,9 @@
dst_w++;
len++;
}
+
+ *dst_w = 0;
+
return len;
}
Modified: trunk/blender/source/blender/editors/curve/editfont.c
===================================================================
--- trunk/blender/source/blender/editors/curve/editfont.c 2013-07-15 04:38:35 UTC (rev 58253)
+++ trunk/blender/source/blender/editors/curve/editfont.c 2013-07-15 05:09:06 UTC (rev 58254)
@@ -380,7 +380,7 @@
if (cu->len + filelen < MAXTEXT) {
int tmplen;
- wchar_t *mem = MEM_callocN((sizeof(wchar_t) * filelen) + (4 * sizeof(wchar_t)), "temporary");
+ wchar_t *mem = MEM_mallocN((sizeof(wchar_t) * filelen) + (4 * sizeof(wchar_t)), "temporary");
tmplen = BLI_strncpy_wchar_from_utf8(mem, strp, filelen + 1);
wcscat(ef->textbuf, mem);
MEM_freeN(mem);
More information about the Bf-blender-cvs
mailing list