gbdev/rgbds
1
0
Fork 0
mirror of https://github.com/gbdev/rgbds.git synced 2025-11-29 06:17:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add safeguards against string overflows

Browse Source 
Use snprintf instead of other unsafe functions. That way it is possible
to limit the size of the buffer and to ensure that it never overflows.

Signed-off-by: Antonio Niño Díaz <antonio_nd@outlook.com>
This commit is contained in:
Antonio Niño Díaz
2018-01-08 00:14:44 +00:00
parent 0e0e12a769
commit 2a97535e75
3 changed files with 49 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/asm/asmy.y
View File

@@ -1312,26 +1312,37 @@ const : T_ID { $$ = sym_GetConstantValue($1); }
string : T_STRING
{
strcpy($$, $1);
if (snprintf($$, MAXSTRLEN + 1, "%s", $1) > MAXSTRLEN)
warning("String is too long '%s'", $1);
}
| T_OP_STRSUB '(' string comma uconst comma uconst ')'
{
strncpy($$, $3 + $5 - 1, $7);
$$[$7] = 0;
uint32_t len = $7;
if (len > MAXSTRLEN) {
warning("STRSUB: Length too big: %u", len);
len = MAXSTRLEN;
}
if (snprintf($$, len + 1, "%s", $3 + $5 - 1) > MAXSTRLEN)
warning("STRSUB: String too long '%s'", $$);
}
| T_OP_STRCAT '(' string comma string ')'
{
strcpy($$, $3);
strcat($$, $5);
if (snprintf($$, MAXSTRLEN + 1, "%s%s", $3, $5) > MAXSTRLEN)
warning("STRCAT: String too long '%s%s'", $3, $5);
}
| T_OP_STRUPR '(' string ')'
{
strcpy($$, $3);
if (snprintf($$, MAXSTRLEN + 1, "%s", $3) > MAXSTRLEN)
warning("STRUPR: String too long '%s'", $3);
upperstring($$);
}
| T_OP_STRLWR '(' string ')'
{
strcpy($$, $3);
if (snprintf($$, MAXSTRLEN + 1, "%s", $3) > MAXSTRLEN)
warning("STRUPR: String too long '%s'", $3);
lowerstring($$);
}
;