[iortcw] 120/497: All: Fix unchecked buffer size issues in l_script.c and l_precomp.c

Simon McVittie smcv at debian.org
Fri Sep 8 10:36:36 UTC 2017 

This is an automated email from the git hooks/post-receive script.

smcv pushed a commit to annotated tag 1.42d
in repository iortcw.

commit 1ba3705c9104748ecf4bc7365752b7e5142a8d47
Author: M4N4T4RMS at gmail.com <M4N4T4RMS at gmail.com@e65d2741-a53d-b2dc-ae96-bb75fa5e4c4a>
Date:   Mon May 26 10:07:34 2014 +0000

    All: Fix unchecked buffer size issues in l_script.c and l_precomp.c
---
 MP/code/botlib/l_precomp.c | 20 +++++++++++++-------
 MP/code/botlib/l_script.c  | 12 +++++++-----
 SP/code/botlib/l_precomp.c | 20 +++++++++++++-------
 SP/code/botlib/l_script.c  | 12 +++++++-----
 4 files changed, 40 insertions(+), 24 deletions(-)

diff --git a/MP/code/botlib/l_precomp.c b/MP/code/botlib/l_precomp.c
index 516ab02..8bcc47e 100644
--- a/MP/code/botlib/l_precomp.c
+++ b/MP/code/botlib/l_precomp.c
@@ -978,13 +978,13 @@ int PC_Directive_include( source_t *source ) {
 		PC_ConvertPath( token.string );
 		script = LoadScriptFile( token.string );
 		if ( !script ) {
-			strcpy( path, source->includepath );
-			strcat( path, token.string );
+			Q_strncpyz(path, source->includepath, sizeof(path));
+			Q_strcat(path, sizeof(path), token.string);
 			script = LoadScriptFile( path );
 		} //end if
 	} //end if
 	else if ( token.type == TT_PUNCTUATION && *token.string == '<' ) {
-		strcpy( path, source->includepath );
+		Q_strncpyz(path, source->includepath, sizeof(path));
 		while ( PC_ReadSourceToken( source, &token ) )
 		{
 			if ( token.linescrossed > 0 ) {
@@ -994,7 +994,7 @@ int PC_Directive_include( source_t *source ) {
 			if ( token.type == TT_PUNCTUATION && *token.string == '>' ) {
 				break;
 			}
-			strncat(path, token.string, _MAX_PATH - 1);
+			Q_strcat(path, sizeof(path), token.string);
 		} //end while
 		if ( *token.string != '>' ) {
 			SourceWarning( source, "#include missing trailing >" );
@@ -2812,6 +2812,7 @@ int PC_ExpectTokenType( source_t *source, int type, int subtype, token_t *token
 	} //end if
 	if ( token->type == TT_NUMBER ) {
 		if ( ( token->subtype & subtype ) != subtype ) {
+			strcpy(str, "");
 			if ( subtype & TT_DECIMAL ) {
 				strcpy( str, "decimal" );
 			}
@@ -2948,10 +2949,15 @@ void PC_UnreadToken( source_t *source, token_t *token ) {
 // Changes Globals:		-
 //============================================================================
 void PC_SetIncludePath( source_t *source, char *path ) {
-	strncpy( source->includepath, path, _MAX_PATH );
+	size_t len;
+
+	Q_strncpyz(source->includepath, path, _MAX_PATH-1);
+
+	len = strlen(source->includepath);
 	//add trailing path seperator
-	if ( source->includepath[strlen( source->includepath ) - 1] != '\\' &&
-		 source->includepath[strlen( source->includepath ) - 1] != '/' ) {
+	if (len > 0 && source->includepath[len-1] != '\\' &&
+		source->includepath[len-1] != '/')
+	{
 		strcat( source->includepath, PATHSEPERATOR_STR );
 	} //end if
 } //end of the function PC_SetIncludePath
diff --git a/MP/code/botlib/l_script.c b/MP/code/botlib/l_script.c
index 89d678e..7ce27f7 100644
--- a/MP/code/botlib/l_script.c
+++ b/MP/code/botlib/l_script.c
@@ -958,6 +958,7 @@ int PS_ExpectTokenType( script_t *script, int type, int subtype, token_t *token
 	} //end if
 
 	if ( token->type != type ) {
+		strcpy(str, "");
 		if ( type == TT_STRING ) {
 			strcpy( str, "string" );
 		}
@@ -978,6 +979,7 @@ int PS_ExpectTokenType( script_t *script, int type, int subtype, token_t *token
 	} //end if
 	if ( token->type == TT_NUMBER ) {
 		if ( ( token->subtype & subtype ) != subtype ) {
+			strcpy(str, "");
 			if ( subtype & TT_DECIMAL ) {
 				strcpy( str, "decimal" );
 			}
@@ -1361,8 +1363,8 @@ script_t *LoadScriptFile( const char *filename ) {
 
 	buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
 	script = (script_t *) buffer;
-	memset( script, 0, sizeof( script_t ) );
-	strcpy( script->filename, filename );
+	Com_Memset(script, 0, sizeof(script_t));
+	Q_strncpyz(script->filename, filename, sizeof(script->filename));
 	script->buffer = (char *) buffer + sizeof( script_t );
 	script->buffer[length] = 0;
 	script->length = length;
@@ -1406,8 +1408,8 @@ script_t *LoadScriptMemory( char *ptr, int length, char *name ) {
 
 	buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
 	script = (script_t *) buffer;
-	memset( script, 0, sizeof( script_t ) );
-	strcpy( script->filename, name );
+	Com_Memset(script, 0, sizeof(script_t));
+	Q_strncpyz(script->filename, name, sizeof(script->filename));
 	script->buffer = (char *) buffer + sizeof( script_t );
 	script->buffer[length] = 0;
 	script->length = length;
@@ -1425,7 +1427,7 @@ script_t *LoadScriptMemory( char *ptr, int length, char *name ) {
 	//
 	SetScriptPunctuations( script, NULL );
 	//
-	memcpy( script->buffer, ptr, length );
+	Com_Memcpy(script->buffer, ptr, length);
 	//
 	return script;
 } //end of the function LoadScriptMemory
diff --git a/SP/code/botlib/l_precomp.c b/SP/code/botlib/l_precomp.c
index 31ca0f4..141d65f 100644
--- a/SP/code/botlib/l_precomp.c
+++ b/SP/code/botlib/l_precomp.c
@@ -973,13 +973,13 @@ int PC_Directive_include( source_t *source ) {
 		PC_ConvertPath( token.string );
 		script = LoadScriptFile( token.string );
 		if ( !script ) {
-			strcpy( path, source->includepath );
-			strcat( path, token.string );
+			Q_strncpyz(path, source->includepath, sizeof(path));
+			Q_strcat(path, sizeof(path), token.string);
 			script = LoadScriptFile( path );
 		} //end if
 	} //end if
 	else if ( token.type == TT_PUNCTUATION && *token.string == '<' ) {
-		strcpy( path, source->includepath );
+		Q_strncpyz(path, source->includepath, sizeof(path));
 		while ( PC_ReadSourceToken( source, &token ) )
 		{
 			if ( token.linescrossed > 0 ) {
@@ -989,7 +989,7 @@ int PC_Directive_include( source_t *source ) {
 			if ( token.type == TT_PUNCTUATION && *token.string == '>' ) {
 				break;
 			}
-			strncat(path, token.string, _MAX_PATH - 1);
+			Q_strcat(path, sizeof(path), token.string);
 		} //end while
 		if ( *token.string != '>' ) {
 			SourceWarning( source, "#include missing trailing >" );
@@ -2815,6 +2815,7 @@ int PC_ExpectTokenType( source_t *source, int type, int subtype, token_t *token
 	} //end if
 	if ( token->type == TT_NUMBER ) {
 		if ( ( token->subtype & subtype ) != subtype ) {
+			strcpy(str, "");
 			if ( subtype & TT_DECIMAL ) {
 				strcpy( str, "decimal" );
 			}
@@ -2951,10 +2952,15 @@ void PC_UnreadToken( source_t *source, token_t *token ) {
 // Changes Globals:		-
 //============================================================================
 void PC_SetIncludePath( source_t *source, char *path ) {
-	strncpy( source->includepath, path, _MAX_PATH );
+	size_t len;
+
+	Q_strncpyz(source->includepath, path, _MAX_PATH-1);
+
+	len = strlen(source->includepath);
 	//add trailing path seperator
-	if ( source->includepath[strlen( source->includepath ) - 1] != '\\' &&
-		 source->includepath[strlen( source->includepath ) - 1] != '/' ) {
+	if (len > 0 && source->includepath[len-1] != '\\' &&
+		source->includepath[len-1] != '/')
+	{
 		strcat( source->includepath, PATHSEPERATOR_STR );
 	} //end if
 } //end of the function PC_SetIncludePath
diff --git a/SP/code/botlib/l_script.c b/SP/code/botlib/l_script.c
index 2b3c309..43305f8 100644
--- a/SP/code/botlib/l_script.c
+++ b/SP/code/botlib/l_script.c
@@ -973,6 +973,7 @@ int PS_ExpectTokenType( script_t *script, int type, int subtype, token_t *token
 	} //end if
 
 	if ( token->type != type ) {
+		strcpy(str, "");
 		if ( type == TT_STRING ) {
 			strcpy( str, "string" );
 		}
@@ -993,6 +994,7 @@ int PS_ExpectTokenType( script_t *script, int type, int subtype, token_t *token
 	} //end if
 	if ( token->type == TT_NUMBER ) {
 		if ( ( token->subtype & subtype ) != subtype ) {
+			strcpy(str, "");
 			if ( subtype & TT_DECIMAL ) {
 				strcpy( str, "decimal" );
 			}
@@ -1370,8 +1372,8 @@ script_t *LoadScriptFile( const char *filename ) {
 
 	buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
 	script = (script_t *) buffer;
-	memset( script, 0, sizeof( script_t ) );
-	strcpy( script->filename, filename );
+	Com_Memset(script, 0, sizeof(script_t));
+	Q_strncpyz(script->filename, filename, sizeof(script->filename));
 	script->buffer = (char *) buffer + sizeof( script_t );
 	script->buffer[length] = 0;
 	script->length = length;
@@ -1414,8 +1416,8 @@ script_t *LoadScriptMemory( char *ptr, int length, char *name ) {
 
 	buffer = GetClearedMemory( sizeof( script_t ) + length + 1 );
 	script = (script_t *) buffer;
-	memset( script, 0, sizeof( script_t ) );
-	strcpy( script->filename, name );
+	Com_Memset(script, 0, sizeof(script_t));
+	Q_strncpyz(script->filename, name, sizeof(script->filename));
 	script->buffer = (char *) buffer + sizeof( script_t );
 	script->buffer[length] = 0;
 	script->length = length;
@@ -1433,7 +1435,7 @@ script_t *LoadScriptMemory( char *ptr, int length, char *name ) {
 	//
 	SetScriptPunctuations( script, NULL );
 	//
-	memcpy( script->buffer, ptr, length );
+	Com_Memcpy(script->buffer, ptr, length);
 	//
 	return script;
 } //end of the function LoadScriptMemory

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-games/iortcw.git

More information about the Pkg-games-commits mailing list