author | erik <erik> | 2007-01-26 20:26:25 (UTC) |
---|---|---|
committer | erik <erik> | 2007-01-26 20:26:25 (UTC) |
commit | 4688f98202f590ec6af6c2e66a49dd2f80536083 (patch) (unidiff) | |
tree | 326c92aef3382b804d51aa9a66f4148ebc91860b | |
parent | cc5b326a212414a612838b0041e6077477ebbc70 (diff) | |
download | opie-4688f98202f590ec6af6c2e66a49dd2f80536083.zip opie-4688f98202f590ec6af6c2e66a49dd2f80536083.tar.gz opie-4688f98202f590ec6af6c2e66a49dd2f80536083.tar.bz2 |
The Expand call does not check for null termination of the URL strings
that it is expanding. Since strlen() is used with the URLs after Expand
is used, it is good idea to make sure that Expand terminates the strings.
This commit changes that so that the URL strings are guaranteed to be
terminated after expansion.
-rw-r--r-- | noncore/apps/opie-reader/plucker_base.cpp | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/noncore/apps/opie-reader/plucker_base.cpp b/noncore/apps/opie-reader/plucker_base.cpp index 81614f5..849edfc 100644 --- a/noncore/apps/opie-reader/plucker_base.cpp +++ b/noncore/apps/opie-reader/plucker_base.cpp | |||
@@ -35,41 +35,43 @@ CPlucker_base::CPlucker_base() : | |||
35 | compressedtextbuffer(NULL), | 35 | compressedtextbuffer(NULL), |
36 | bufferrec(-1), | 36 | bufferrec(-1), |
37 | m_offset(0) | 37 | m_offset(0) |
38 | //, urls(NULL) | 38 | //, urls(NULL) |
39 | { /*printf("constructing:%x\n",fin);*/ } | 39 | { /*printf("constructing:%x\n",fin);*/ } |
40 | 40 | ||
41 | 41 | ||
42 | void CPlucker_base::Expand(UInt32 reclen, UInt8 type, UInt8* buffer, UInt32 buffersize) | 42 | void CPlucker_base::Expand(UInt32 reclen, UInt8 type, UInt8* buffer, UInt32 buffersize) |
43 | { | 43 | { |
44 | unsuspend(); | 44 | unsuspend(); |
45 | if ((type%2 == 0) && (type != 14)) | 45 | if ((type%2 == 0) && (type != 14)) |
46 | { | 46 | { |
47 | fread(buffer, reclen, sizeof(char), fin); | 47 | size_t bytes_read = fread(buffer, reclen, sizeof(char), fin); |
48 | buffer[bytes_read] = '\0'; | ||
48 | } | 49 | } |
49 | else | 50 | else |
50 | { | 51 | { |
51 | UInt8* readbuffer = NULL; | 52 | UInt8* readbuffer = NULL; |
52 | if (reclen > compressedbuffersize) | 53 | if (reclen > compressedbuffersize) |
53 | { | 54 | { |
54 | readbuffer = new UInt8[reclen]; | 55 | readbuffer = new UInt8[reclen]; |
55 | } | 56 | } |
56 | else | 57 | else |
57 | { | 58 | { |
58 | readbuffer = compressedtextbuffer; | 59 | readbuffer = compressedtextbuffer; |
59 | } | 60 | } |
60 | if (readbuffer != NULL) | 61 | if (readbuffer != NULL) |
61 | { | 62 | { |
62 | fread(readbuffer, reclen, sizeof(char), fin); | 63 | fread(readbuffer, reclen, sizeof(char), fin); |
63 | (*m_decompress)(readbuffer, reclen, buffer, buffersize); | 64 | size_t bytes_read = (*m_decompress)(readbuffer, reclen, buffer, buffersize); |
65 | buffer[bytes_read] = '\0'; | ||
64 | if (reclen > compressedbuffersize) | 66 | if (reclen > compressedbuffersize) |
65 | { | 67 | { |
66 | delete [] readbuffer; | 68 | delete [] readbuffer; |
67 | } | 69 | } |
68 | } | 70 | } |
69 | } | 71 | } |
70 | } | 72 | } |
71 | 73 | ||
72 | void CPlucker_base::sizes(unsigned long& _file, unsigned long& _text) | 74 | void CPlucker_base::sizes(unsigned long& _file, unsigned long& _text) |
73 | { | 75 | { |
74 | _file = file_length; | 76 | _file = file_length; |
75 | if (textlength == 0) | 77 | if (textlength == 0) |