forked from old/legacy-imlib2
Tue Jan 15 15:22:06 EST 2002
(KainX) Fixed a whole slew of potential buffer overflows, hopefully including the one recently posted to BUGTRAQ. SVN revision: 5838
This commit is contained in:
parent
6d867ed2b7
commit
bf8bae5809
|
@ -2941,3 +2941,12 @@ Fri Aug 10 13:33:13 PDT 2001
|
|||
None of the libraries are now absolute requirements. Everything that
|
||||
requires external support which Imlib2 itself doesn't specifically
|
||||
need can now be optionally built.
|
||||
|
||||
_______________________________________________
|
||||
|
||||
Tue Jan 15 15:22:06 EST 2002
|
||||
(KainX)
|
||||
|
||||
Fixed a whole slew of potential buffer overflows, hopefully including
|
||||
the one recently posted to BUGTRAQ.
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ dnl Process this file with autoconf to create configure.
|
|||
|
||||
AC_INIT(src/Imlib2.h)
|
||||
AC_CANONICAL_SYSTEM
|
||||
AM_INIT_AUTOMAKE(imlib2, 1.0.4)
|
||||
AM_INIT_AUTOMAKE(imlib2, 1.0.5)
|
||||
|
||||
AM_CONFIG_HEADER(config.h)
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
Summary: Powerful image loading and rendering library
|
||||
Name: imlib2
|
||||
Version: 1.0.4
|
||||
Version: 1.0.5
|
||||
Release: 1
|
||||
Copyright: BSD
|
||||
Group: System Environment/Libraries
|
||||
|
|
|
@ -56,32 +56,41 @@ char load (ImlibImage *im, ImlibProgressFunction progress,
|
|||
char progress_granularity, char immediate_load)
|
||||
{
|
||||
char file[4096], key[4096], *ptr;
|
||||
char str_gz[4096];
|
||||
char *str_gz;
|
||||
ImlibLoader *sub_loader;
|
||||
|
||||
if (im->data)
|
||||
return 0;
|
||||
if (!im->file)
|
||||
return 0;
|
||||
strcpy(file, im->real_file);
|
||||
strncpy(file, im->real_file, sizeof(file));
|
||||
file[sizeof(file) - 1] = 0;
|
||||
if (!exists(file))
|
||||
return 0;
|
||||
ptr = strrchr(file,'.');
|
||||
if (!ptr) return 0;
|
||||
*ptr = 0;
|
||||
if (getenv("TMPDIR"))
|
||||
strcpy(key,getenv("TMPDIR"));
|
||||
{
|
||||
strncpy(key,getenv("TMPDIR"), sizeof(key));
|
||||
key[sizeof(key) - 1] = 0;
|
||||
}
|
||||
else
|
||||
{ _getcwd2(&key[0],4096);
|
||||
{ _getcwd2(key, sizeof(key));
|
||||
#ifdef __EMX__
|
||||
if (key[strlen(key)-1] == '/') key[strlen(key)-1] = 0;
|
||||
#endif
|
||||
}
|
||||
if ( (strlen(ptr+1)>=2) && (!strcmp(ptr+1,"gz")) )
|
||||
sprintf(str_gz,"gzip -d %s -c > %s/%s", im->real_file, key, pure_filename(file));
|
||||
else
|
||||
if ( (strlen(ptr+1)>=3) && (!strcmp(ptr+1,"bz2")) )
|
||||
sprintf(str_gz,"bzip2 -d %s -c > %s/%s", im->real_file, key, pure_filename(file));
|
||||
if ( (strlen(ptr+1)>=2) && (!strcmp(ptr+1,"gz")) )
|
||||
{
|
||||
str_gz = (char *) malloc(20 + strlen(im->real_file) + strlen(key) + strlen(file));
|
||||
sprintf(str_gz,"gzip -d %s -c > %s/%s", im->real_file, key, pure_filename(file));
|
||||
}
|
||||
else if ( (strlen(ptr+1)>=3) && (!strcmp(ptr+1,"bz2")) )
|
||||
{
|
||||
str_gz = (char *) malloc(20 + strlen(im->real_file) + strlen(key) + strlen(file));
|
||||
sprintf(str_gz,"bzip2 -d %s -c > %s/%s", im->real_file, key, pure_filename(file));
|
||||
}
|
||||
else
|
||||
return 0; /* Eeek why we are here? */
|
||||
|
||||
|
@ -89,6 +98,7 @@ char load (ImlibImage *im, ImlibProgressFunction progress,
|
|||
free(im->real_file);
|
||||
sprintf(str_gz,"%s/%s", key, pure_filename(file));
|
||||
im->real_file = strdup(str_gz);
|
||||
free(str_gz);
|
||||
im->format = strdup(++ptr);
|
||||
sub_loader = __imlib_FindBestLoaderForFile(im->real_file);
|
||||
if (sub_loader)
|
||||
|
|
|
@ -146,12 +146,13 @@ pImlibExternalFilter __imlib_get_dynamic_filter( char *name )
|
|||
/* loader dir */
|
||||
char **__imlib_ListFilters(int *num_ret)
|
||||
{
|
||||
char **list = NULL, **l, s[4096], *home;
|
||||
char **list = NULL, **l, *s, *home;
|
||||
int num, i, pi = 0;
|
||||
|
||||
*num_ret = 0;
|
||||
/* get the user's home dir */
|
||||
home = __imlib_FileHomeDir(getuid());
|
||||
s = (char *) malloc(strlen(home) + 1 + sizeof(USER_LOADERS_PATH) + 7 + 1);
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/filter", home);
|
||||
/* list the dir contents of their loader dir */
|
||||
l = __imlib_FileDir(s, &num);
|
||||
|
@ -163,6 +164,7 @@ char **__imlib_ListFilters(int *num_ret)
|
|||
list = malloc(sizeof(char *) * *num_ret);
|
||||
for (i = 0; i < num; i++)
|
||||
{
|
||||
s = (char *) realloc(s, strlen(home) + 1 + sizeof(USER_LOADERS_PATH) + 8 + strlen(l[i]) + 1);
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/filter/%s", home, l[i]);
|
||||
list[i] = strdup(s);
|
||||
}
|
||||
|
@ -170,6 +172,7 @@ char **__imlib_ListFilters(int *num_ret)
|
|||
__imlib_FileFreeDirList(l, num);
|
||||
}
|
||||
/* same for system loader path */
|
||||
s = (char *) realloc(s, sizeof(SYS_LOADERS_PATH) + 7 + 1);
|
||||
sprintf(s, SYS_LOADERS_PATH "/filter");
|
||||
#ifndef __EMX__
|
||||
l = __imlib_FileDir(s, &num);
|
||||
|
@ -182,6 +185,7 @@ char **__imlib_ListFilters(int *num_ret)
|
|||
list = realloc(list, sizeof(char *) * *num_ret);
|
||||
for (i = 0; i < num; i++)
|
||||
{
|
||||
s = (char *) realloc(s, sizeof(SYS_LOADERS_PATH) + 8 + strlen(l[i]) + 1);
|
||||
sprintf(s, SYS_LOADERS_PATH "/filter/%s", l[i]);
|
||||
#ifndef __EMX__
|
||||
list[pi + i] = strdup(s);
|
||||
|
@ -192,7 +196,8 @@ char **__imlib_ListFilters(int *num_ret)
|
|||
__imlib_FileFreeDirList(l, num);
|
||||
}
|
||||
free(home);
|
||||
|
||||
free(s);
|
||||
|
||||
/* List currently contains *everything in there* we need to weed out
|
||||
* the .so, .la, .a versions of the same loader or whatever else.
|
||||
* lt_dlopen can take an extension-less name and do the Right Thing
|
||||
|
|
13
src/image.c
13
src/image.c
|
@ -629,12 +629,13 @@ __imlib_ProduceLoader(char *file)
|
|||
char **
|
||||
__imlib_ListLoaders(int *num_ret)
|
||||
{
|
||||
char **list = NULL, **l, s[4096], *home;
|
||||
char **list = NULL, **l, *s, *home;
|
||||
int num, i, pi = 0;
|
||||
|
||||
*num_ret = 0;
|
||||
/* get the user's home dir */
|
||||
home = __imlib_FileHomeDir(getuid());
|
||||
s = (char *) malloc(strlen(home) + 1 + sizeof(USER_LOADERS_PATH) + 6 + 1);
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/image", home);
|
||||
/* list the dir contents of their loader dir */
|
||||
l = __imlib_FileDir(s, &num);
|
||||
|
@ -647,7 +648,8 @@ __imlib_ListLoaders(int *num_ret)
|
|||
|
||||
for (i = 0; i < num; i++)
|
||||
{
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/image/%s", home, l[i]);
|
||||
s = (char *) realloc(s, strlen(home) + 1 + sizeof(USER_LOADERS_PATH) + 7 + strlen(l[i]) + 1);
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/image/%s", home, l[i]);
|
||||
#ifndef __EMX__
|
||||
list[pi + i] = strdup(s);
|
||||
#else
|
||||
|
@ -658,6 +660,7 @@ __imlib_ListLoaders(int *num_ret)
|
|||
__imlib_FileFreeDirList(l, num);
|
||||
}
|
||||
/* same for system loader path */
|
||||
s = (char *) realloc(s, sizeof(SYS_LOADERS_PATH) + 6 + 1);
|
||||
sprintf(s, SYS_LOADERS_PATH "/image");
|
||||
#ifndef __EMX__
|
||||
l = __imlib_FileDir(s, &num);
|
||||
|
@ -671,6 +674,7 @@ __imlib_ListLoaders(int *num_ret)
|
|||
|
||||
for (i = 0; i < num; i++)
|
||||
{
|
||||
s = (char *) realloc(s, sizeof(SYS_LOADERS_PATH) + 7 + strlen(l[i]) + 1);
|
||||
sprintf(s, SYS_LOADERS_PATH "/image/%s", l[i]);
|
||||
#ifndef __EMX__
|
||||
list[pi + i] = strdup(s);
|
||||
|
@ -681,6 +685,7 @@ __imlib_ListLoaders(int *num_ret)
|
|||
__imlib_FileFreeDirList(l, num);
|
||||
}
|
||||
free(home);
|
||||
free(s);
|
||||
|
||||
/* List currently contains *everything in there* we need to weed out
|
||||
* the .so, .la, .a versions of the same loader or whatever else.
|
||||
|
@ -778,7 +783,7 @@ __imlib_RescanLoaders(void)
|
|||
static time_t last_modified_home_time = 0;
|
||||
static time_t last_modified_system_time = 0;
|
||||
time_t current_time;
|
||||
char s[4096], *home;
|
||||
char *s, *home;
|
||||
char do_reload = 0;
|
||||
|
||||
/* dont stat the dir and rescan if we checked in the last 5 seconds */
|
||||
|
@ -808,6 +813,7 @@ __imlib_RescanLoaders(void)
|
|||
}
|
||||
/* ok - was the users own loaders dir contents modified ? */
|
||||
home = __imlib_FileHomeDir(getuid());
|
||||
s = (char *) malloc(strlen(home) + 1 + sizeof(USER_LOADERS_PATH) + 7 + 1);
|
||||
sprintf(s, "%s/" USER_LOADERS_PATH "/image/", home);
|
||||
free(home);
|
||||
if (__imlib_FileIsDir(s))
|
||||
|
@ -820,6 +826,7 @@ __imlib_RescanLoaders(void)
|
|||
last_modified_home_time = current_time;
|
||||
}
|
||||
}
|
||||
free(s);
|
||||
/* if we dont ned to reload the loaders - get out now */
|
||||
if (!do_reload)
|
||||
return;
|
||||
|
|
Loading…
Reference in New Issue