handle possible buffer max-out with snprintfs as errors

no warnings now.
2018-11-16 12:35:53 +00:00 · 2018-11-16 12:35:53 +00:00 · ae961da8dd
parent 857db46c96
commit ae961da8dd
3 changed files with 62 additions and 34 deletions
--- a/src/bin/albumart.c
+++ b/src/bin/albumart.c
@ -58,10 +58,14 @@ _thumbpath(const char *file)
   unsigned char sum[20];

   if (!sha1((unsigned char *)file, strlen(file), sum)) return NULL;
-   snprintf(buf_base, sizeof(buf_base), "%s/rage/albumart/%02x",
-            efreet_cache_home_get(), sum[0]);
+   if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/albumart/%02x",
+                        efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+     {
+        fprintf(stderr, "Not enough buffer space for thumb path");
+        return NULL;
+     }
   if (!ecore_file_mkpath(buf_base)) return NULL;
-   snprintf(buf_file, sizeof(buf_base),
+   if ((size_t)snprintf(buf_file, sizeof(buf_base),
                        "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
                        "%02x%02x%02x%02x%02x%02x%02x%02x.jpg",
                        buf_base,
@ -69,7 +73,11 @@ _thumbpath(const char *file)
                        sum[4], sum[5], sum[6], sum[7],
                        sum[8], sum[9], sum[10], sum[11],
                        sum[12], sum[13], sum[14], sum[15],
-            sum[16], sum[17], sum[18], sum[19]);
+                        sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_base))
+     {
+        fprintf(stderr, "Not enough buffer space for thumb path");
+        return NULL;
+     }
   return strdup(buf_file);
 }

--- a/src/bin/thumb.c
+++ b/src/bin/thumb.c
@ -108,9 +108,13 @@ _cb_loaded(void *data, Evas_Object *obj, void *info EINA_UNUSED)
        evas_object_image_size_get(vidimage, &iw, &ih);
        if (!sha1((unsigned char *)file, strlen(file), sum)) exit(2);
        if (!efreet_cache_home_get()) exit(3);
-        snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
-                 efreet_cache_home_get(), sum[0]);
-        snprintf(buf_file, sizeof(buf_file),
+        if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
+                             efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+          {
+             fprintf(stderr, "Not enough buffer space for thumb path");
+             return;
+          }
+        if ((size_t)snprintf(buf_file, sizeof(buf_file),
                             "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
                             "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
                             buf_base,
@ -118,8 +122,16 @@ _cb_loaded(void *data, Evas_Object *obj, void *info EINA_UNUSED)
                             sum[4], sum[5], sum[6], sum[7],
                             sum[8], sum[9], sum[10], sum[11],
                             sum[12], sum[13], sum[14], sum[15],
-                 sum[16], sum[17], sum[18], sum[19]);
-        snprintf(buf_file2, sizeof(buf_file2), "%s.tmp", buf_file);
+                             sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_file))
+          {
+             fprintf(stderr, "Not enough buffer space for thumb path");
+             return;
+          }
+        if ((size_t)snprintf(buf_file2, sizeof(buf_file2), "%s.tmp", buf_file) >= sizeof(buf_file2))
+          {
+             fprintf(stderr, "Not enough buffer space for thumb path");
+             return;
+          }
        if (!ecore_file_mkpath(buf_base)) exit(4);
        ef = eet_open(buf_file2, EET_FILE_MODE_WRITE);
        if (!ef) exit(5);
--- a/src/bin/videothumb.c
+++ b/src/bin/videothumb.c
@ -388,9 +388,13 @@ _videothumb_image_load(Evas_Object *obj)
     {
        if (!sha1((unsigned char *)sd->realpath, strlen(sd->realpath), sum))
          return;
-        snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
-                 efreet_cache_home_get(), sum[0]);
-        snprintf(buf_file, sizeof(buf_base),
+        if ((size_t)snprintf(buf_base, sizeof(buf_base), "%s/rage/thumb/%02x",
+                             efreet_cache_home_get(), sum[0]) >= sizeof(buf_base))
+          {
+             fprintf(stderr, "Not enough buffer space for thumb path");
+             return;
+          }
+        if ((size_t)snprintf(buf_file, sizeof(buf_base),
                             "%s/%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
                             "%02x%02x%02x%02x%02x%02x%02x%02x.eet",
                             buf_base,
@ -398,7 +402,11 @@ _videothumb_image_load(Evas_Object *obj)
                             sum[4], sum[5], sum[6], sum[7],
                             sum[8], sum[9], sum[10], sum[11],
                             sum[12], sum[13], sum[14], sum[15],
-                 sum[16], sum[17], sum[18], sum[19]);
+                             sum[16], sum[17], sum[18], sum[19]) >= sizeof(buf_file))
+          {
+             fprintf(stderr, "Not enough buffer space for thumb path");
+             return;
+          }
        if (sd->realfile) eina_stringshare_del(sd->realfile);
        sd->realfile = eina_stringshare_add(buf_file);
        sd->realpos = (((unsigned int)(sd->pos * 1000.0)) / 10000) * 10000;