aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCarsten Haitzler (Rasterman) <raster@rasterman.com>2018-11-16 12:35:53 +0000
committerCarsten Haitzler (Rasterman) <raster@rasterman.com>2018-11-16 12:35:53 +0000
commitae961da8dd4d39c2b9ea4bac08f90e5957f23304 (patch)
treecbcbb50f5b41cb59bcdb3c2a2760baa564aa3218
parentrage albumart - delay img fetch as it seems no response if too fast (diff)
downloadrage-ae961da8dd4d39c2b9ea4bac08f90e5957f23304.tar.gz
handle possible buffer max-out with snprintfs as errorsHEADmaster
no warnings now.
-rw-r--r--src/bin/albumart.c30
-rw-r--r--src/bin/thumb.c36
-rw-r--r--src/bin/videothumb.c30
3 files changed, 62 insertions, 34 deletions
diff --git a/src/bin/albumart.c b/src/bin/albumart.c
index 3093d1b..faf3e37 100644
--- a/src/bin/albumart.c
+++ b/src/bin/albumart.c
@@ -58,18 +58,26 @@ _thumbpath(const char *file)
unsigned char sum[20];
if (!sha1((unsigned char *)file, strlen(file), sum)) return NULL;
- snprintf(buf_base, sizeof(buf_base), "%s/rage/albumart/%02x",
- efreet_cache_home_get(), sum[0]);
+ if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/albumart/%02x",
+ efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return NULL;
+ }
if (!ecore_file_mkpath(buf_base)) return NULL;
- snprintf(buf_file, sizeof(buf_base),
- "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
- "%02x%02x%02x%02x%02x%02x%02x%02x.jpg",
- buf_base,
- sum[1], sum[2], sum[3],
- sum[4], sum[5], sum[6], sum[7],
- sum[8], sum[9], sum[10], sum[11],
- sum[12], sum[13], sum[14], sum[15],
- sum[16], sum[17], sum[18], sum[19]);
+ if ((size_t)snprintf(buf_file, sizeof(buf_base),
+ "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
+ "%02x%02x%02x%02x%02x%02x%02x%02x.jpg",
+ buf_base,
+ sum[1], sum[2], sum[3],
+ sum[4], sum[5], sum[6], sum[7],
+ sum[8], sum[9], sum[10], sum[11],
+ sum[12], sum[13], sum[14], sum[15],
+ sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_base))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return NULL;
+ }
return strdup(buf_file);
}
diff --git a/src/bin/thumb.c b/src/bin/thumb.c
index eadc008..b7f33d6 100644
--- a/src/bin/thumb.c
+++ b/src/bin/thumb.c
@@ -108,18 +108,30 @@ _cb_loaded(void *data, Evas_Object *obj, void *info EINA_UNUSED)
evas_object_image_size_get(vidimage, &iw, &ih);
if (!sha1((unsigned char *)file, strlen(file), sum)) exit(2);
if (!efreet_cache_home_get()) exit(3);
- snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
- efreet_cache_home_get(), sum[0]);
- snprintf(buf_file, sizeof(buf_file),
- "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
- "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
- buf_base,
- sum[1], sum[2], sum[3],
- sum[4], sum[5], sum[6], sum[7],
- sum[8], sum[9], sum[10], sum[11],
- sum[12], sum[13], sum[14], sum[15],
- sum[16], sum[17], sum[18], sum[19]);
- snprintf(buf_file2, sizeof(buf_file2), "%s.tmp", buf_file);
+ if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
+ efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return;
+ }
+ if ((size_t)snprintf(buf_file, sizeof(buf_file),
+ "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
+ "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
+ buf_base,
+ sum[1], sum[2], sum[3],
+ sum[4], sum[5], sum[6], sum[7],
+ sum[8], sum[9], sum[10], sum[11],
+ sum[12], sum[13], sum[14], sum[15],
+ sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_file))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return;
+ }
+ if ((size_t)snprintf(buf_file2, sizeof(buf_file2), "%s.tmp", buf_file) >= sizeof(buf_file2))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return;
+ }
if (!ecore_file_mkpath(buf_base)) exit(4);
ef = eet_open(buf_file2, EET_FILE_MODE_WRITE);
if (!ef) exit(5);
diff --git a/src/bin/videothumb.c b/src/bin/videothumb.c
index a1b68b1..72702b9 100644
--- a/src/bin/videothumb.c
+++ b/src/bin/videothumb.c
@@ -388,17 +388,25 @@ _videothumb_image_load(Evas_Object *obj)
{
if (!sha1((unsigned char *)sd->realpath, strlen(sd->realpath), sum))
return;
- snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
- efreet_cache_home_get(), sum[0]);
- snprintf(buf_file, sizeof(buf_base),
- "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
- "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
- buf_base,
- sum[1], sum[2], sum[3],
- sum[4], sum[5], sum[6], sum[7],
- sum[8], sum[9], sum[10], sum[11],
- sum[12], sum[13], sum[14], sum[15],
- sum[16], sum[17], sum[18], sum[19]);
+ if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
+ efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return;
+ }
+ if ((size_t)snprintf(buf_file, sizeof(buf_base),
+ "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
+ "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
+ buf_base,
+ sum[1], sum[2], sum[3],
+ sum[4], sum[5], sum[6], sum[7],
+ sum[8], sum[9], sum[10], sum[11],
+ sum[12], sum[13], sum[14], sum[15],
+ sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_file))
+ {
+ fprintf(stderr, "Not enough buffer space for thumb path");
+ return;
+ }
if (sd->realfile) eina_stringshare_del(sd->realfile);
sd->realfile = eina_stringshare_add(buf_file);
sd->realpos = (((unsigned int)(sd->pos * 1000.0)) / 10000) * 10000;