enlightenment/efl
enlightenment
/
efl
8
7
Fork 14
Code Issues 13 Pull Requests 3 Projects Releases Wiki Activity

eet: detect overrun and underrun before everything goes wrong. 

SVN revision: 73919
This commit is contained in:
Cedric BAIL 2012-07-16 10:38:37 +00:00
parent 06a818fa5d
commit ecffd3ae2f
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
legacy/eet/ChangeLog
View File

@ -602,3 +602,7 @@
2012-06-27 Leandro Santiago
* Fix crash when cyphering huge amount of data.
2012-07-16 Cedric Bail
* Add code to detect overrun and underrun in eet_data_descriptor_element_add.

3
legacy/eet/NEWS
View File

@ -3,6 +3,9 @@ Eet 1.7.0
Changes since Eet 1.6.0:
--------------------------
Additions:
* Add code to detect overrun and underrun during Eet Data Descriptor setup.
Fixes:
* Force destruction of all pending file when shuting down eet.
* Make eet_dictionary thread safe.

31
legacy/eet/src/lib/eet_data.c
View File

@ -1946,6 +1946,37 @@ eet_data_descriptor_element_add(Eet_Data_Descriptor *edd,
Eet_Data_Element *ede;
Eet_Data_Element *tmp;
/* Sanity check to avoid crash later at runtime */
if (type < EET_T_UNKNOW ||
type >= EET_T_LAST)
{
CRIT("Preventing later bug due to unknow type: %i", type);
return ;
}
if (offset < 0)
{
CRIT("Preventing later buffer underrun : offset = %i", offset);
return ;
}
if (offset > edd->size)
{
CRIT("Preventing later buffer overrun : offset = %i in a structure of %i bytes", offset, edd->size);
return ;
}
if (group_type == EET_G_UNKNOWN && type != EET_T_UNKNOW)
{
if (offset + eet_basic_codec[type - 1].size > edd->size)
{
CRIT("Preventing later buffer overrun : offset = %i, size = %i in a structure of %i bytes", offset, eet_basic_codec[type - 1].size, edd->size);
return ;
}
}
else if ((offset + sizeof (void*)) > (unsigned int) edd->size)
{
CRIT("Preventing later buffer overrun : offset = %i, estimated size = %i in a structure of %i bytes", offset, sizeof (void*), edd->size);
return ;
}
/* UNION, VARIANT type would not work with simple type, we need a way to map the type. */
if ((group_type == EET_G_UNION
|| group_type == EET_G_VARIANT)