From 98820ee06a14eab83ede762cb32af9eaf3ca46ce Mon Sep 17 00:00:00 2001 From: divverent Date: Wed, 17 Jun 2009 13:41:00 +0000 Subject: [PATCH] when the engine is compiled with -DFILLALLCVARSWITHRUBBISH, there is an extra console command fillallcvarswithrubbish that can be used to check for buffer overruns by putting very large strings into all cvars git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@9022 d7cf8633-e32d-0410-b094-e92efae38249 --- cmd.c | 3 +++ cvar.c | 37 ++++++++++++++++++++++++++++++++++++- cvar.h | 4 ++++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/cmd.c b/cmd.c index b0d6a9e1..fad9aa4d 100644 --- a/cmd.c +++ b/cmd.c @@ -1145,6 +1145,9 @@ void Cmd_Init_Commands (void) Cmd_AddCommand ("wait", Cmd_Wait_f, "make script execution wait for next rendered frame"); Cmd_AddCommand ("set", Cvar_Set_f, "create or change the value of a console variable"); Cmd_AddCommand ("seta", Cvar_SetA_f, "create or change the value of a console variable that will be saved to config.cfg"); +#ifdef FILLALLCVARSWITHRUBBISH + Cmd_AddCommand ("fillallcvarswithrubbish", Cvar_FillAll_f, "fill all cvars with a specified number of characters to provoke buffer overruns"); +#endif /* FILLALLCVARSWITHRUBBISH */ // 2000-01-09 CmdList, CvarList commands By Matthias "Maddes" Buecher // Added/Modified by EvilTypeGuy eviltypeguy@qeradiant.com diff --git a/cvar.c b/cvar.c index 2aa3e943..94fd37fc 100644 --- a/cvar.c +++ b/cvar.c @@ -762,4 +762,39 @@ void Cvar_SetA_f (void) Cvar_Get(Cmd_Argv(1), Cmd_Argv(2), CVAR_SAVE, Cmd_Argc() > 3 ? Cmd_Argv(3) : NULL); } - +#ifdef FILLALLCVARSWITHRUBBISH +void Cvar_FillAll_f() +{ + char *buf, *p, *q; + int n, i; + cvar_t *var; + qboolean verify; + if(Cmd_Argc() != 2) + { + Con_Printf("Usage: %s length to plant rubbish\n", Cmd_Argv(0)); + Con_Printf("Usage: %s -length to verify that the rubbish is still there\n", Cmd_Argv(0)); + return; + } + n = atoi(Cmd_Argv(1)); + verify = (n < 0); + if(verify) + n = -n; + buf = Z_Malloc(n + 1); + buf[n] = 0; + for(var = cvar_vars; var; var = var->next) + { + for(i = 0, p = buf, q = var->name; i < n; ++i) + { + *p++ = *q++; + if(!*q) + q = var->name; + } + if(verify && strcmp(var->string, buf)) + { + Con_Printf("\n%s does not contain the right rubbish, either this is the first run or a possible overrun was detected, or something changed it intentionally; it DOES contain: %s\n", var->name, var->string); + } + Cvar_SetQuick(var, buf); + } + Z_Free(buf); +} +#endif /* FILLALLCVARSWITHRUBBISH */ diff --git a/cvar.h b/cvar.h index 70f85fc9..fa706597 100644 --- a/cvar.h +++ b/cvar.h @@ -209,5 +209,9 @@ cvar_t *Cvar_Get (const char *name, const char *value, int flags, const char *ne extern char *cvar_dummy_description; // ALWAYS the same pointer extern cvar_t *cvar_vars; // used to list all cvars +#ifdef FILLALLCVARSWITHRUBBISH +void Cvar_FillAll_f(); +#endif /* FILLALLCVARSWITHRUBBISH */ + #endif -- 2.39.2