From 3dde6c7293538af9b6e69e15a5544d0b2772fdd9 Mon Sep 17 00:00:00 2001 From: =?utf8?q?V=C3=A1clav=20Slav=C3=ADk?= Date: Tue, 15 Jan 2002 16:20:25 +0000 Subject: [PATCH] case insensitive HHP files and fixed buffer overflow vulnerability git-svn-id: https://svn.wxwidgets.org/svn/wx/wxWidgets/trunk@13581 c3d73ce0-8a6f-49c7-b76d-6d57e0e08775 --- src/html/helpdata.cpp | 58 ++++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/src/html/helpdata.cpp b/src/html/helpdata.cpp index acb90ff60c..d487a7dcb0 100644 --- a/src/html/helpdata.cpp +++ b/src/html/helpdata.cpp @@ -48,15 +48,22 @@ WX_DEFINE_OBJARRAY(wxHtmlBookRecArray) //----------------------------------------------------------------------------- // Reads one line, stores it into buf and returns pointer to new line or NULL. -static char* ReadLine(char *line, char *buf) +static char* ReadLine(char *line, char *buf, size_t bufsize) { - char *writeptr = buf, *readptr = line; + char *writeptr = buf; + char *endptr = buf + bufsize - 1; + char *readptr = line; - while (*readptr != 0 && *readptr != '\r' && *readptr != '\n') *(writeptr++) = *(readptr++); + while (*readptr != 0 && *readptr != '\r' && *readptr != '\n' && + writeptr != endptr) + *(writeptr++) = *(readptr++); *writeptr = 0; - while (*readptr == '\r' || *readptr == '\n') readptr++; - if (*readptr == 0) return NULL; - else return readptr; + while (*readptr == '\r' || *readptr == '\n') + readptr++; + if (*readptr == 0) + return NULL; + else + return readptr; } @@ -559,10 +566,6 @@ bool wxHtmlHelpData::AddBook(const wxString& book) wxInputStream *s; wxString bookFull; - int sz; - char *buff, *lineptr; - char linebuf[300]; - wxString title = _("noname"), safetitle, start = wxEmptyString, @@ -588,25 +591,34 @@ bool wxHtmlHelpData::AddBook(const wxString& book) } fsys.ChangePathTo(bookFull); s = fi->GetStream(); + + int sz; + char *buff, *lineptr; + char linebuf[300]; + sz = s->GetSize(); buff = new char[sz + 1]; buff[sz] = 0; s->Read(buff, sz); lineptr = buff; - do { - lineptr = ReadLine(lineptr, linebuf); - - if (strstr(linebuf, "Title=") == linebuf) - title = linebuf + strlen("Title="); - if (strstr(linebuf, "Default topic=") == linebuf) - start = linebuf + strlen("Default topic="); - if (strstr(linebuf, "Index file=") == linebuf) - index = linebuf + strlen("Index file="); - if (strstr(linebuf, "Contents file=") == linebuf) - contents = linebuf + strlen("Contents file="); - if (strstr(linebuf, "Charset=") == linebuf) - charset = linebuf + strlen("Charset="); + do + { + lineptr = ReadLine(lineptr, linebuf, 300); + + for (char *ch = linebuf; *ch != '\0' && *ch != '='; ch++) + *ch = tolower(*ch); + + if (strstr(linebuf, "title=") == linebuf) + title = linebuf + strlen("title="); + if (strstr(linebuf, "default topic=") == linebuf) + start = linebuf + strlen("default topic="); + if (strstr(linebuf, "index file=") == linebuf) + index = linebuf + strlen("index file="); + if (strstr(linebuf, "contents file=") == linebuf) + contents = linebuf + strlen("contents file="); + if (strstr(linebuf, "charset=") == linebuf) + charset = linebuf + strlen("charset="); } while (lineptr != NULL); delete[] buff; -- 2.45.2