Each file in this commit has the issue where it is possible for code to

overrun static buffers. This could lead to serious problems. Granted it is almost impossible to do that. But it isn't totally impossible. So this commit makes it impossible to overrun.
author: erik <erik> 2007-01-24 23:29:42 (UTC)
committer: erik <erik> 2007-01-24 23:29:42 (UTC)
commit: 0076a11b467dce1233194ce228287a2a127b1f5d (patch) (side-by-side diff)
tree: f2136a1a3e9b5fd6bede52251ed7249365838752 /noncore
parent: 48d9219a96096cf44df8ac24413b36d1b718b1d5 (diff)
download: opie-0076a11b467dce1233194ce228287a2a127b1f5d.zip
opie-0076a11b467dce1233194ce228287a2a127b1f5d.tar.gz
opie-0076a11b467dce1233194ce228287a2a127b1f5d.tar.bz2
6 files changed, 51 insertions, 38 deletions
diff --git a/noncore/games/backgammon/moveengine.cpp b/noncore/games/backgammon/moveengine.cpp
index a4145cc..b102258 100644
--- a/noncore/games/backgammon/moveengine.cpp
+++ b/noncore/games/backgammon/moveengine.cpp
@@ -55,3 +55,4 @@ void MoveEngine::position(Pieces& pieces,bool non_qte)
             {
-                pieces.player1[player1_counter].x=x_coord[a]-offset;
+		if (a < 26)
+                    pieces.player1[player1_counter].x=x_coord[a]-offset;
                 if(a>=0 && a<13)
@@ -98,3 +99,4 @@ void MoveEngine::position(Pieces& pieces,bool non_qte)
             {
-                pieces.player2[player2_counter].x=x_coord[a]-offset;
+		if (a < 26)
+                    pieces.player2[player2_counter].x=x_coord[a]-offset;
                 if(a>=0 && a<13)
diff --git a/noncore/games/kbill/UI.cpp b/noncore/games/kbill/UI.cpp
index 611cebf..a49c3c1 100644
--- a/noncore/games/kbill/UI.cpp
+++ b/noncore/games/kbill/UI.cpp
@@ -70,24 +70,23 @@ void UI::popup_dialog (int dialog) {
 	case Game::ENDGAME:
-			QMessageBox::message(("Endgame"), QT_TR_NOOP(endgamestr));
-			break;
+		QMessageBox::message(("Endgame"), QT_TR_NOOP(endgamestr));
+		break;
 	case Game::HIGHSCORE:
-		//	QMessageBox::message(("HighScore"), highscorestr);
-			break;
-	case Game::ENTERNAME: {
+		break;
+	case Game::ENTERNAME:
+		{
 			InputBox b(main, 0, ("Enter Name"), QT_TR_NOOP(enternamestr));
 			bool state = b.exec() == 2;
-		  char str[20], *nl;
-	    strcpy(str, b.getText());
-	    if (!str[0] || state)
+			char str[20], *nl;
+			strncpy(str, b.getText(), 19);
+	    		if (!str[0] || state)
 				strcpy(str, "Anonymous");
-	    else if ((nl = strchr(str, '\n')))
+			else if ((nl = strchr(str, '\n')))
 				*nl = '\0';
-	    if (strlen(str) > 20)
-				str[20] = 0;  /* truncate string if too long */
-//	    scores.recalc(str);
-			}
-	    break;
+			if (strlen(str) > 19)
+				str[19] = '\0';  /* truncate/terminate the string if it is too long */
+		}
+		break;
 	case Game::SCORE:
-			QMessageBox::message(("Score"), scorestr);
-			break;
+		QMessageBox::message(("Score"), scorestr);
+		break;
 	}
diff --git a/noncore/games/kcheckers/echeckers.cpp b/noncore/games/kcheckers/echeckers.cpp
index 1146059..afe62eb 100644
--- a/noncore/games/kcheckers/echeckers.cpp
+++ b/noncore/games/kcheckers/echeckers.cpp
@@ -81,5 +81,5 @@ bool ECheckers::checkCapture1()
         if(board[i+5]==MAN2 || board[i+5]==KING2)
-          if(board[i+10]==FREE) return true;
+          if(board[((i+10) < 54) ? i+10 : 53]==FREE) return true;
         if(board[i+6]==MAN2 || board[i+6]==KING2)
-          if(board[i+12]==FREE) return true;
+          if(board[((i+12) < 54) ? i+12 : 53]==FREE) return true;
     }
@@ -223,5 +223,5 @@ bool ECheckers::checkCapture2()
         if(board[i+5]==MAN1 || board[i+5]==KING1)
-          if(board[i+10]==FREE) return true;
+          if(board[((i+10) < 54) ? i+10 : 53]==FREE) return true;
         if(board[i+6]==MAN1 || board[i+6]==KING1)
-          if(board[i+12]==FREE) return true;
+          if(board[((i+12) < 54) ? i+12 : 53]==FREE) return true;
         break;
@@ -233,5 +233,5 @@ bool ECheckers::checkCapture2()
         if(board[i+5]==MAN1 || board[i+5]==KING1)
-          if(board[i+10]==FREE) return true;
+          if(board[((i+10) < 54) ? i+10 : 53]==FREE) return true;
         if(board[i+6]==MAN1 || board[i+6]==KING1)
-          if(board[i+12]==FREE) return true;
+          if(board[((i+12) < 54) ? i+12 : 53]==FREE) return true;
     }
diff --git a/noncore/games/kcheckers/rcheckers.cpp b/noncore/games/kcheckers/rcheckers.cpp
index a1c7afa..d808780 100644
--- a/noncore/games/kcheckers/rcheckers.cpp
+++ b/noncore/games/kcheckers/rcheckers.cpp
@@ -114,5 +114,5 @@ bool RCheckers::checkCapture1()
         if(board[i+5]==MAN2 || board[i+5]==KING2)
-          if(board[i+10]==FREE) return true;
+          if(board[((i+10) < 54) ? i+10 : 53]==FREE) return true;
         if(board[i+6]==MAN2 || board[i+6]==KING2)
-          if(board[i+12]==FREE) return true;
+          if(board[((i+12) < 54) ? i+12 : 53]==FREE) return true;
         break;
@@ -128,9 +128,15 @@ bool RCheckers::checkCapture1()
 
-        for(k=i+5;board[k]==FREE;k+=5);
+        for(k=i+5;board[k]==FREE;k+=5) {
+          if (k >= 49)
+            break;
+        }
         if(board[k]==MAN2 || board[k]==KING2)
-          if(board[k+5]==FREE) return true;
+          if(board[((k+5) < 54) ? k+5 : 53]==FREE) return true;
 
-        for(k=i+6;board[k]==FREE;k+=6);
+        for(k=i+6;board[k]==FREE;k+=6) {
+          if (k >=48)
+            break;
+        }
         if(board[k]==MAN2 || board[k]==KING2)
-          if(board[k+6]==FREE) return true;
+          if(board[((k+6) < 54) ? k+6 : 53]==FREE) return true;
     }
@@ -288,5 +294,5 @@ bool RCheckers::checkCapture2()
         if(board[i+5]==MAN1 || board[i+5]==KING1)
-          if(board[i+10]==FREE) return true;
+          if(board[((i+10) < 54) ? i+10 : 53]==FREE) return true;
         if(board[i+6]==MAN1 || board[i+6]==KING1)
-          if(board[i+12]==FREE) return true;
+          if(board[((i+12) < 54) ? i+12 : 53]==FREE) return true;
         break;
@@ -302,9 +308,15 @@ bool RCheckers::checkCapture2()
 
-        for(k=i+5;board[k]==FREE;k+=5);
+        for(k=i+5;board[k]==FREE;k+=5) {
+          if (k>=49)
+            break;
+        }
         if(board[k]==MAN1 || board[k]==KING1)
-          if(board[k+5]==FREE) return true;
+          if(board[((k+5) < 54) ? k+5 : 53]==FREE) return true;
 
-        for(k=i+6;board[k]==FREE;k+=6);
+        for(k=i+6;board[k]==FREE;k+=6) {
+          if (k>=48)
+            break;
+        }
         if(board[k]==MAN1 || board[k]==KING1)
-          if(board[k+6]==FREE) return true;
+          if(board[((k+6) < 54) ? k+6 : 53]==FREE) return true;
     }
diff --git a/noncore/settings/sysinfo/contrib/fft.c b/noncore/settings/sysinfo/contrib/fft.c
index 01a1b26..60ee27d 100644
--- a/noncore/settings/sysinfo/contrib/fft.c
+++ b/noncore/settings/sysinfo/contrib/fft.c
@@ -31,3 +31,3 @@
 
-#define       FFT_TEST_COUNT      500                 // Bench FFT
+#define       FFT_TEST_COUNT      332                 // Bench FFT
 
diff --git a/noncore/styles/theme/othemebase.cpp b/noncore/styles/theme/othemebase.cpp
index 4275dd6..7fb12a3 100644
--- a/noncore/styles/theme/othemebase.cpp
+++ b/noncore/styles/theme/othemebase.cpp
@@ -1006,3 +1006,3 @@ void OThemeBase::readResourceGroup( int i, QString *copyfrom, QString *pixnames,
         }
-        if ( loadArray[ sIndex ] ) {
+        if ( sIndex < 54 && loadArray[ sIndex ] ) {
             copyWidgetConfig( sIndex, i, pixnames, brdnames );
author	erik <erik>	2007-01-24 23:29:42 (UTC)
committer	erik <erik>	2007-01-24 23:29:42 (UTC)
commit	0076a11b467dce1233194ce228287a2a127b1f5d (patch) (side-by-side diff)
tree	f2136a1a3e9b5fd6bede52251ed7249365838752 /noncore
parent	48d9219a96096cf44df8ac24413b36d1b718b1d5 (diff)
download	opie-0076a11b467dce1233194ce228287a2a127b1f5d.zip opie-0076a11b467dce1233194ce228287a2a127b1f5d.tar.gz opie-0076a11b467dce1233194ce228287a2a127b1f5d.tar.bz2