From 9f8c931cec7c02394adaf1242b563aca077d36dc Mon Sep 17 00:00:00 2001 From: molivier Date: Thu, 18 Dec 2003 08:59:54 +0000 Subject: [PATCH] Removed a potential buffer overflow and factorized some code git-svn-id: svn://svn.icculus.org/twilight/trunk/darkplaces@3742 d7cf8633-e32d-0410-b094-e92efae38249 --- fs.c | 86 +++++++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 62 insertions(+), 24 deletions(-) diff --git a/fs.c b/fs.c index 4b36f512..8a4ade50 100644 --- a/fs.c +++ b/fs.c @@ -231,6 +231,22 @@ typedef struct searchpath_s } searchpath_t; +/* +============================================================================= + +FUNCTION PROTOTYPES + +============================================================================= +*/ + +void FS_Dir_f(void); +void FS_Ls_f(void); + +static packfile_t* FS_AddFileToPack (const char* name, pack_t* pack, + size_t offset, size_t packsize, + size_t realsize, file_flags_t flags); + + /* ============================================================================= @@ -447,7 +463,6 @@ int PK3_BuildFileList (pack_t *pack, const pk3_endOfCentralDir_t *eocd) for (ind = 0; ind < eocd->nbentries; ind++) { size_t namesize, count; - packfile_t *file; // Checking the remaining size if (remaining < ZIP_CDIR_CHUNK_BASE_SIZE) @@ -483,19 +498,24 @@ int PK3_BuildFileList (pack_t *pack, const pk3_endOfCentralDir_t *eocd) // WinZip doesn't use the "directory" attribute, so we need to check the name directly if (ptr[ZIP_CDIR_CHUNK_BASE_SIZE + namesize - 1] != '/') { - // Extract the name - file = &pack->files[pack->numfiles]; - memcpy (file->name, &ptr[ZIP_CDIR_CHUNK_BASE_SIZE], namesize); - file->name[namesize] = '\0'; + char filename [sizeof (pack->files[0].name)]; + size_t offset, packsize, realsize; + file_flags_t flags; - // Compression, sizes and offset - if (BuffLittleShort (&ptr[10])) - file->flags = FILE_FLAG_DEFLATED; - file->packsize = BuffLittleLong (&ptr[20]); - file->realsize = BuffLittleLong (&ptr[24]); - file->offset = BuffLittleLong (&ptr[42]); + // Extract the name (strip it if necessary) + if (namesize >= sizeof (filename)) + namesize = sizeof (filename) - 1; + memcpy (filename, &ptr[ZIP_CDIR_CHUNK_BASE_SIZE], namesize); + filename[namesize] = '\0'; - pack->numfiles++; + if (BuffLittleShort (&ptr[10])) + flags = FILE_FLAG_DEFLATED; + else + flags = 0; + offset = BuffLittleLong (&ptr[42]); + packsize = BuffLittleLong (&ptr[20]); + realsize = BuffLittleLong (&ptr[24]); + FS_AddFileToPack (filename, pack, offset, packsize, realsize, flags); } } @@ -602,6 +622,31 @@ OTHER PRIVATE FUNCTIONS */ +/* +==================== +FS_AddFileToPack + +Add a file to the list of files contained into a package + +TODO: do some sorting here to allow faster file searching afterwards +==================== +*/ +static packfile_t* FS_AddFileToPack (const char* name, pack_t* pack, + size_t offset, size_t packsize, + size_t realsize, file_flags_t flags) +{ + packfile_t *file = &pack->files[pack->numfiles++]; + + strlcpy (file->name, name, sizeof (file->name)); + file->offset = offset; + file->packsize = packsize; + file->realsize = realsize; + file->flags = flags; + + return file; +} + + /* ============ FS_CreatePath @@ -690,7 +735,7 @@ pack_t *FS_LoadPackPAK (const char *packfile) pack->ignorecase = false; // PAK is case sensitive strlcpy (pack->filename, packfile, sizeof (pack->filename)); pack->handle = packhandle; - pack->numfiles = numpackfiles; + pack->numfiles = 0; pack->mempool = Mem_AllocPool(packfile); pack->files = Mem_Alloc(pack->mempool, numpackfiles * sizeof(packfile_t)); pack->next = packlist; @@ -703,15 +748,10 @@ pack_t *FS_LoadPackPAK (const char *packfile) // parse the directory for (i = 0;i < numpackfiles;i++) { - size_t size; - packfile_t *file = &pack->files[i]; - - strlcpy (file->name, info[i].name, sizeof (file->name)); - file->offset = LittleLong(info[i].filepos); - size = LittleLong (info[i].filelen); - file->packsize = size; - file->realsize = size; - file->flags = FILE_FLAG_TRUEOFFS; + size_t offset = LittleLong (info[i].filepos); + size_t size = LittleLong (info[i].filelen); + + FS_AddFileToPack (info[i].name, pack, offset, size, size, FILE_FLAG_TRUEOFFS); } Mem_Free(info); @@ -827,8 +867,6 @@ char *FS_FileExtension (const char *in) return exten; } -void FS_Dir_f(void); -void FS_Ls_f(void); /* ================ -- 2.39.5