FGFS-4.1/simgear
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Buffer size safety.

Browse Source 
Do not look for '\n' beyond valid data area.
Obey buffer length (in case a METAR contained a line > 512byte).
This commit is contained in:
ThorstenB 2010-10-23 14:47:24 +02:00
parent 48c6d3d89a
commit 662578dbe7
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
simgear/io/sg_socket.cxx
View File

@ -296,7 +296,7 @@ SGSocket::readline( char *buf, int length )
int i;
for ( i = 0; i < save_len && save_buf[i] != '\n'; ++i )
;
if ( save_buf[i] == '\n' ) {
if (( i < save_len ) && ( save_buf[i] == '\n' )) {
result = i + 1;
} else {
// no end of line yet
@ -305,9 +305,16 @@ SGSocket::readline( char *buf, int length )
// we found an end of line
// check buffer size
int copy_length = result;
if (copy_length >= length) {
SG_LOG( SG_IO, SG_ALERT,
"Alert: readline() has line exceeding the buffer size." );
copy_length = length-1;
}
// copy to external buffer
strncpy( buf, save_buf, result );
buf[result] = '\0';
strncpy( buf, save_buf, copy_length );
buf[copy_length] = '\0';
// shift save buffer
//memmove( save_buf+, save_buf+, ? );