fix for buffer overrun with BLI_split_dirfile(...), was simple to do since many place...
authorCampbell Barton <ideasman42@gmail.com>
Sat, 15 Oct 2011 03:56:05 +0000 (03:56 +0000)
committerCampbell Barton <ideasman42@gmail.com>
Sat, 15 Oct 2011 03:56:05 +0000 (03:56 +0000)
Add max dir and file length args.

15 files changed:
source/blender/blenkernel/intern/pointcache.c
source/blender/blenkernel/intern/sequencer.c
source/blender/blenlib/BLI_path_util.h
source/blender/blenlib/intern/bpath.c
source/blender/blenlib/intern/path_util.c
source/blender/blenlib/intern/winstuff.c
source/blender/blenloader/intern/writefile.c
source/blender/collada/DocumentImporter.cpp
source/blender/collada/ImageExporter.cpp
source/blender/editors/space_file/file_ops.c
source/blender/editors/space_file/filesel.c
source/blender/editors/space_sequencer/sequencer_add.c
source/blender/editors/space_sequencer/space_sequencer.c
source/blender/makesrna/intern/rna_sequencer.c
source/gameengine/Ketsji/KX_PythonInit.cpp

index fb69db1..bc5bc87 100644 (file)
@@ -910,7 +910,7 @@ static int ptcache_path(PTCacheID *pid, char *filename)
        else if (G.relbase_valid || lib) {
                char file[MAX_PTCACHE_PATH]; /* we dont want the dir, only the file */
 
-               BLI_split_dirfile(blendfilename, NULL, file);
+               BLI_split_dirfile(blendfilename, NULL, file, 0, sizeof(file));
                i = strlen(file);
                
                /* remove .blend */
index 5a2c53f..0053440 100644 (file)
@@ -3647,7 +3647,7 @@ Sequence *sequencer_add_sound_strip(bContext *C, ListBase *seqbasep, SeqLoadInfo
        /* we only need 1 element to store the filename */
        strip->stripdata= se= MEM_callocN(sizeof(StripElem), "stripelem");
 
-       BLI_split_dirfile(seq_load->path, strip->dir, se->name);
+       BLI_split_dirfile(seq_load->path, strip->dir, se->name, sizeof(strip->dir), sizeof(se->name));
 
        seq->scene_sound = sound_add_scene_sound(scene, seq, seq_load->start_frame, seq_load->start_frame + strip->len, 0);
 
@@ -3706,7 +3706,7 @@ Sequence *sequencer_add_movie_strip(bContext *C, ListBase *seqbasep, SeqLoadInfo
        /* we only need 1 element for MOVIE strips */
        strip->stripdata= se= MEM_callocN(sizeof(StripElem), "stripelem");
 
-       BLI_split_dirfile(seq_load->path, strip->dir, se->name);
+       BLI_split_dirfile(seq_load->path, strip->dir, se->name, sizeof(strip->dir), sizeof(se->name));
 
        calc_sequence_disp(scene, seq);
 
index 81fc8a5..4f7f7b4 100644 (file)
@@ -103,7 +103,7 @@ void BLI_setenv_if_new(const char *env, const char* val);
 void BLI_make_file_string(const char *relabase, char *string,  const char *dir, const char *file);
 void BLI_make_exist(char *dir);
 void BLI_make_existing_file(const char *name);
-void BLI_split_dirfile(const char *string, char *dir, char *file);
+void BLI_split_dirfile(const char *string, char *dir, char *file, const size_t dirlen, const size_t filelen);
 void BLI_join_dirfile(char *string, const size_t maxlen, const char *dir, const char *file);
 char *BLI_path_basename(char *path);
 int BKE_rebase_path(char *abs, size_t abs_len, char *rel, size_t rel_len, const char *base_dir, const char *src_dir, const char *dest_dir);
index 485b813..4e4f8b3 100644 (file)
@@ -400,7 +400,7 @@ static void seq_setpath(struct BPathIterator *bpi, const char *path)
 
        if (SEQ_HAS_PATH(seq)) {
                if (ELEM3(seq->type, SEQ_IMAGE, SEQ_MOVIE, SEQ_SOUND)) {
-                       BLI_split_dirfile(path, seq->strip->dir, seq->strip->stripdata->name);
+                       BLI_split_dirfile(path, seq->strip->dir, seq->strip->stripdata->name, sizeof(seq->strip->dir), sizeof(seq->strip->stripdata->name));
                }
                else {
                        /* simple case */
@@ -903,7 +903,7 @@ void findMissingFiles(Main *bmain, const char *str)
 
        //XXX waitcursor( 1 );
 
-       BLI_split_dirfile(str, dirname, NULL);
+       BLI_split_dirfile(str, dirname, NULL, sizeof(dirname), 0);
 
        BLI_bpathIterator_init(&bpi, bmain, bmain->name, 0);
 
index ab7d082..fe1d869 100644 (file)
@@ -894,7 +894,7 @@ static int get_path_local(char *targetpath, const char *folder_name, const char
        }
        
        /* use argv[0] (bprogname) to get the path to the executable */
-       BLI_split_dirfile(bprogname, bprogdir, NULL);
+       BLI_split_dirfile(bprogname, bprogdir, NULL, sizeof(bprogdir), 0);
        
        /* try EXECUTABLE_DIR/2.5x/folder_name - new default directory for local blender installed files */
        if(test_path(targetpath, bprogdir, blender_version_decimal(ver), relfolder))
@@ -966,7 +966,7 @@ static int get_path_system(char *targetpath, const char *folder_name, const char
        char bprogdir[FILE_MAX];
 
        /* use argv[0] (bprogname) to get the path to the executable */
-       BLI_split_dirfile(bprogname, bprogdir, NULL);
+       BLI_split_dirfile(bprogname, bprogdir, NULL, sizeof(bprogdir), 0);
 
        if(folder_name) {
                if (subfolder_name) {
@@ -1411,21 +1411,22 @@ int BLI_replace_extension(char *path, size_t maxlen, const char *ext)
  * - dosnt use CWD, or deal with relative paths.
  * - Only fill's in *dir and *file when they are non NULL
  * */
-void BLI_split_dirfile(const char *string, char *dir, char *file)
+void BLI_split_dirfile(const char *string, char *dir, char *file, const size_t dirlen, const size_t filelen)
 {
        char *lslash_str = BLI_last_slash(string);
-       int lslash= lslash_str ? (int)(lslash_str - string) + 1 : 0;
+       size_t lslash= lslash_str ? (size_t)(lslash_str - string) + 1 : 0;
 
        if (dir) {
                if (lslash) {
-                       BLI_strncpy( dir, string, lslash + 1); /* +1 to include the slash and the last char */
-               } else {
+                       BLI_strncpy( dir, string, MIN2(dirlen, lslash + 1)); /* +1 to include the slash and the last char */
+               }
+               else {
                        dir[0] = '\0';
                }
        }
        
        if (file) {
-               strcpy( file, string+lslash);
+               BLI_strncpy(file, string+lslash, filelen);
        }
 }
 
@@ -1515,7 +1516,7 @@ int BKE_rebase_path(char *abs, size_t abs_len, char *rel, size_t rel_len, const
        if (rel)
                rel[0]= 0;
 
-       BLI_split_dirfile(base_dir, blend_dir, NULL);
+       BLI_split_dirfile(base_dir, blend_dir, NULL, sizeof(blend_dir), 0);
 
        if (src_dir[0]=='\0')
                return 0;
@@ -1526,7 +1527,7 @@ int BKE_rebase_path(char *abs, size_t abs_len, char *rel, size_t rel_len, const
        BLI_path_abs(path, base_dir);
 
        /* get the directory part */
-       BLI_split_dirfile(path, dir, base);
+       BLI_split_dirfile(path, dir, base, sizeof(dir), sizeof(base));
 
        len= strlen(blend_dir);
 
index 3b14abb..9594197 100644 (file)
 
 int BLI_getInstallationDir( char * str ) {
        char dir[FILE_MAXDIR];
-       char file[FILE_MAXFILE];
        int a;
        
        GetModuleFileName(NULL,str,FILE_MAXDIR+FILE_MAXFILE);
-       BLI_split_dirfile(str,dir,file); /* shouldn't be relative */
+       BLI_split_dirfile(str, dir, NULL, sizeof(dir), 0); /* shouldn't be relative */
        a = strlen(dir);
        if(dir[a-1] == '\\') dir[a-1]=0;
        
index cbc312a..6e9e3da 100644 (file)
@@ -2678,8 +2678,8 @@ int BLO_write_file(Main *mainvar, const char *filepath, int write_flags, ReportL
        if(write_flags & G_FILE_RELATIVE_REMAP) {
                char dir1[FILE_MAXDIR+FILE_MAXFILE];
                char dir2[FILE_MAXDIR+FILE_MAXFILE];
-               BLI_split_dirfile(filepath, dir1, NULL);
-               BLI_split_dirfile(mainvar->name, dir2, NULL);
+               BLI_split_dirfile(filepath, dir1, NULL, sizeof(dir1), 0);
+               BLI_split_dirfile(mainvar->name, dir2, NULL, sizeof(dir2), 0);
 
                /* just incase there is some subtle difference */
                BLI_cleanup_dir(mainvar->name, dir1);
index e98f551..056d74a 100644 (file)
@@ -884,7 +884,7 @@ bool DocumentImporter::writeImage( const COLLADAFW::Image* image )
        char dir[FILE_MAX];
        char full_path[FILE_MAX];
        
-       BLI_split_dirfile(filename, dir, NULL);
+       BLI_split_dirfile(filename, dir, NULL, sizeof(dir), 0);
        BLI_join_dirfile(full_path, sizeof(full_path), dir, filepath.c_str());
        Image *ima = BKE_add_image_file(full_path);
        if (!ima) {
index 747f3c7..53c4367 100644 (file)
@@ -97,7 +97,7 @@ void ImagesExporter::operator()(Material *ma, Object *ob)
                        char src[FILE_MAX];
                        char dir[FILE_MAX];
                        
-                       BLI_split_dirfile(this->export_settings->filepath, dir, NULL);
+                       BLI_split_dirfile(this->export_settings->filepath, dir, NULL, sizeof(dir), 0);
 
                        BKE_rebase_path(abs, sizeof(abs), rel, sizeof(rel), G.main->name, image->name, dir);
 
index 0955d26..559873b 100644 (file)
@@ -666,7 +666,7 @@ void file_operator_to_sfile(SpaceFile *sfile, wmOperator *op)
        if((prop= RNA_struct_find_property(op->ptr, "filepath"))) {
                char filepath[FILE_MAX];
                RNA_property_string_get(op->ptr, prop, filepath);
-               BLI_split_dirfile(filepath, sfile->params->dir, sfile->params->file);
+               BLI_split_dirfile(filepath, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
        }
        else {
                if((prop= RNA_struct_find_property(op->ptr, "filename"))) {
@@ -1143,7 +1143,7 @@ int file_directory_exec(bContext *C, wmOperator *UNUSED(unused))
                if(BLI_exists(sfile->params->dir) && BLI_is_dir(sfile->params->dir) == 0) {
                        char path[sizeof(sfile->params->dir)];
                        BLI_strncpy(path, sfile->params->dir, sizeof(path));
-                       BLI_split_dirfile(path, sfile->params->dir, sfile->params->file);
+                       BLI_split_dirfile(path, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
                }
 
                BLI_cleanup_dir(G.main->name, sfile->params->dir);
index 6cc42b2..f36145a 100644 (file)
@@ -113,7 +113,7 @@ short ED_fileselect_set_params(SpaceFile *sfile)
        if (!sfile->params) {
                sfile->params= MEM_callocN(sizeof(FileSelectParams), "fileselparams");
                /* set path to most recently opened .blend */
-               BLI_split_dirfile(G.main->name, sfile->params->dir, sfile->params->file);
+               BLI_split_dirfile(G.main->name, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
                sfile->params->filter_glob[0] = '\0';
        }
 
@@ -142,7 +142,7 @@ short ED_fileselect_set_params(SpaceFile *sfile)
                                sfile->params->file[0]= '\0';
                        }
                        else {
-                               BLI_split_dirfile(name, sfile->params->dir, sfile->params->file);
+                               BLI_split_dirfile(name, sfile->params->dir, sfile->params->file, sizeof(sfile->params->dir), sizeof(sfile->params->file));
                        }
                }
                else {
@@ -613,7 +613,7 @@ void autocomplete_directory(struct bContext *C, char *str, void *UNUSED(arg_v))
                DIR *dir;
                struct dirent *de;
                
-               BLI_split_dirfile(str, dirname, NULL);
+               BLI_split_dirfile(str, dirname, NULL, sizeof(dirname), 0);
 
                dir = opendir(dirname);
 
index 1c4b013..7fa4e62 100644 (file)
@@ -321,7 +321,7 @@ static int sequencer_add_generic_strip_exec(bContext *C, wmOperator *op, SeqLoad
                char dir_only[FILE_MAX];
                char file_only[FILE_MAX];
 
-               BLI_split_dirfile(seq_load.path, dir_only, NULL);
+               BLI_split_dirfile(seq_load.path, dir_only, NULL, sizeof(dir_only), 0);
 
                RNA_BEGIN(op->ptr, itemptr, "files") {
                        RNA_string_get(&itemptr, "name", file_only);
index 5c2013e..4590880 100644 (file)
@@ -362,7 +362,7 @@ static void sequencer_drop_copy(wmDrag *drag, wmDropBox *drop)
                PointerRNA itemptr;
                char dir[FILE_MAX], file[FILE_MAX];
 
-               BLI_split_dirfile(drag->path, dir, file);
+               BLI_split_dirfile(drag->path, dir, file, sizeof(dir), sizeof(file));
                
                RNA_string_set(drop->ptr, "directory", dir);
 
index 9273914..b90f106 100644 (file)
@@ -443,7 +443,6 @@ static PointerRNA rna_SequenceEditor_meta_stack_get(CollectionPropertyIterator *
 static void rna_Sequence_filepath_set(PointerRNA *ptr, const char *value)
 {
        Sequence *seq= (Sequence*)(ptr->data);
-       char dir[FILE_MAX], name[FILE_MAX];
 
        if(seq->type == SEQ_SOUND && seq->sound) {
                /* for sound strips we need to update the sound as well.
@@ -457,9 +456,7 @@ static void rna_Sequence_filepath_set(PointerRNA *ptr, const char *value)
                sound_update_scene_sound(seq->scene_sound, seq->sound);
        }
 
-       BLI_split_dirfile(value, dir, name);
-       BLI_strncpy(seq->strip->dir, dir, sizeof(seq->strip->dir));
-       BLI_strncpy(seq->strip->stripdata->name, name, sizeof(seq->strip->stripdata->name));
+       BLI_split_dirfile(value, seq->strip->dir, seq->strip->stripdata->name, sizeof(seq->strip->dir), sizeof(seq->strip->stripdata->name));
 }
 
 static void rna_Sequence_filepath_get(PointerRNA *ptr, char *value)
@@ -481,11 +478,7 @@ static int rna_Sequence_filepath_length(PointerRNA *ptr)
 static void rna_Sequence_proxy_filepath_set(PointerRNA *ptr, const char *value)
 {
        StripProxy *proxy= (StripProxy*)(ptr->data);
-       char dir[FILE_MAX], name[FILE_MAX];
-
-       BLI_split_dirfile(value, dir, name);
-       BLI_strncpy(proxy->dir, dir, sizeof(proxy->dir));
-       BLI_strncpy(proxy->file, name, sizeof(proxy->file));
+       BLI_split_dirfile(value, proxy->dir, proxy->file, sizeof(proxy->dir), sizeof(proxy->file));
 }
 
 static void rna_Sequence_proxy_filepath_get(PointerRNA *ptr, char *value)
@@ -541,20 +534,13 @@ static int rna_Sequence_input_count_get(PointerRNA *ptr)
 /*static void rna_SoundSequence_filename_set(PointerRNA *ptr, const char *value)
 {
        Sequence *seq= (Sequence*)(ptr->data);
-       char dir[FILE_MAX], name[FILE_MAX];
-
-       BLI_split_dirfile(value, dir, name);
-       BLI_strncpy(seq->strip->dir, dir, sizeof(seq->strip->dir));
-       BLI_strncpy(seq->strip->stripdata->name, name, sizeof(seq->strip->stripdata->name));
+       BLI_split_dirfile(value, seq->strip->dir, seq->strip->stripdata->name, sizeof(seq->strip->dir), sizeof(seq->strip->stripdata->name));
 }
 
 static void rna_SequenceElement_filename_set(PointerRNA *ptr, const char *value)
 {
        StripElem *elem= (StripElem*)(ptr->data);
-       char name[FILE_MAX];
-
-       BLI_split_dirfile(value, NULL, name);
-       BLI_strncpy(elem->name, name, sizeof(elem->name));
+       BLI_split_dirfile(value, NULL, elem->name, 0, sizeof(elem->name));
 }*/
 
 static void rna_Sequence_update(Main *UNUSED(bmain), Scene *scene, PointerRNA *ptr)
index 62ca291..40917a6 100644 (file)
@@ -502,7 +502,7 @@ static PyObject* gPyGetBlendFileList(PyObject*, PyObject* args)
                BLI_path_abs(cpath, gp_GamePythonPath);
        } else {
                /* Get the dir only */
-               BLI_split_dirfile(gp_GamePythonPath, cpath, NULL);
+               BLI_split_dirfile(gp_GamePythonPath, cpath, NULL, sizeof(cpath), 0);
        }
 
        if((dp  = opendir(cpath)) == NULL) {
@@ -1732,7 +1732,7 @@ static void initPySysObjects__append(PyObject *sys_path, char *filename)
        PyObject *item;
        char expanded[FILE_MAXDIR + FILE_MAXFILE];
        
-       BLI_split_dirfile(filename, expanded, NULL); /* get the dir part of filename only */
+       BLI_split_dirfile(filename, expanded, NULL, sizeof(expanded), 0); /* get the dir part of filename only */
        BLI_path_abs(expanded, gp_GamePythonPath); /* filename from lib->filename is (always?) absolute, so this may not be needed but it wont hurt */
        BLI_cleanup_file(gp_GamePythonPath, expanded); /* Dont use BLI_cleanup_dir because it adds a slash - BREAKS WIN32 ONLY */
        item= PyUnicode_DecodeFSDefault(expanded);