OpenCascade/occt
1
0
Fork 0
mirror of https://git.dev.opencascade.org/repos/occt.git synced 2025-04-09 18:50:54 +03:00
Code Packages Releases Activity

0023843: scanf without field width limits can crash with huge input data.

Browse Source 
Corrected width specifiers and use of buffer arrays in *printf and *scanf functions.
Removed unreferenced variable warning.
Got rid of compiler warning (returning address of local variable or temporary).
This commit is contained in:
omy 2013-04-26 15:29:28 +04:00
parent 3af9db62e0
commit d0e4e57891
8 changed files with 82 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/Dynamic/Dynamic_FuzzyDefinitionsDictionary.cxx
View File

@ -72,10 +72,10 @@ Dynamic_FuzzyDefinitionsDictionary::Dynamic_FuzzyDefinitionsDictionary()
void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilename)
{
Standard_Integer fr,i,begin,end,endline;
char line[255];
char name[80];
char type[80];
char value[80],value1[80],value2[80],value3[80];
char line[256];
char name[81];
char type[81];
char value[81],value1[81],value2[81],value3[81];
Handle(Dynamic_FuzzyDefinition) fuzzydefinition;
Handle(Dynamic_Parameter) parameter;
@ -96,7 +96,7 @@ void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilenam
for(;;)
{
for(i=0; i<255; i++) line[i] = 0;
memset(line,0,sizeof(line));
file.getline(line,255);
if(!file)break;
@ -130,19 +130,18 @@ void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilenam
}
}
for(i=0; i<80; i++)name[i]=0;
memset(name,0,sizeof(name));
endline = 0;
for(i=begin+1; i<=end-1; i++)name[endline++] = line[i];
for(i=0; i<80; i++)type [i] = 0;
for(i=0; i<80; i++)value [i] = 0;
for(i=0; i<80; i++)value1 [i] = 0;
for(i=0; i<80; i++)value2 [i] = 0;
for(i=0; i<80; i++)value3 [i] = 0;
memset(type,0,sizeof(type));
memset(value,0,sizeof(value));
memset(value1,0,sizeof(value1));
memset(value2,0,sizeof(value2));
memset(value3,0,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%80c",&type,&value);
fr = sscanf(&line[end+1],"%s%80c",type,value);
fr = sscanf(&line[end+1],"%80s%80c",type,value);
if(fr == -1) continue;
begin = 0;

29
src/Dynamic/Dynamic_MethodDefinitionsDictionary.cxx
View File

@ -74,11 +74,11 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
{
Standard_Boolean group;
Standard_Integer fr,i,begin,end,endline;
char line[255];
char name[80];
char mode[80];
char type[80];
char value[80],value1[80],value2[80],value3[80];
char line[256];
char name[81];
char mode[81];
char type[81];
char value[81],value1[81],value2[81],value3[81];
Handle(Dynamic_CompiledMethod) methoddefinition;
Handle(Dynamic_Parameter) parameter;
@ -99,7 +99,7 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
for(;;)
{
for(i=0; i<255; i++) line[i] = 0;
memset(line,0,sizeof(line));
file.getline(line,255);
if(!file)break;
@ -133,20 +133,19 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
}
}
for(i=0; i<80; i++)name[i]=0;
memset(name,0,sizeof(name));
endline = 0;
for(i=begin+1; i<=end-1; i++)name[endline++] = line[i];
for(i=0; i<80; i++)mode [i] = 0;
for(i=0; i<80; i++)type [i] = 0;
for(i=0; i<80; i++)value [i] = 0;
for(i=0; i<80; i++)value1 [i] = 0;
for(i=0; i<80; i++)value2 [i] = 0;
for(i=0; i<80; i++)value3 [i] = 0;
memset(mode, 0x00,sizeof(mode));
memset(type, 0x00,sizeof(type));
memset(value, 0x00,sizeof(value));
memset(value1,0x00,sizeof(value1));
memset(value2,0x00,sizeof(value2));
memset(value3,0x00,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%s%80c",&mode,&type,&value);
fr = sscanf(&line[end+1],"%s%s%80c",mode,type,value);
fr = sscanf(&line[end+1],"%80s%80s%80c",mode,type,value);
if(fr == -1) continue;
group = Standard_False;

11
src/Interface/Interface_Static.cxx
View File

@ -25,8 +25,7 @@
#include <OSD_Path.hxx>
#include <stdio.h>
static char defmess[30];
static char defmess[31];
// Fonctions Satisfies offertes en standard ...
@ -243,18 +242,18 @@ Standard_CString Interface_Static::CDef
}
if (part[0] == 'e') {
Standard_Integer nume = 0;
sscanf (part,"%s %d",defmess,&nume);
sscanf (part,"%30s %d",defmess,&nume);
return stat->EnumVal(nume);
}
if (part[0] == 'i') {
Standard_Integer ilim;
if (!stat->IntegerLimit((part[2] == 'a'),ilim)) return "";
Sprintf(defmess,"%d",ilim); return defmess;
Sprintf(defmess,"%d",ilim); return defmess;
}
if (part[0] == 'r') {
Standard_Real rlim;
if (!stat->RealLimit((part[2] == 'a'),rlim)) return "";
Sprintf(defmess,"%f",rlim); return defmess;
Sprintf(defmess,"%f",rlim); return defmess;
}
if (part[0] == 'u') return stat->UnitDef();
return "";
@ -280,7 +279,7 @@ Standard_Integer Interface_Static::IDef
if (part[1] == 'm') return (match ? 1 : 0);
if (part[1] == 'v') {
char vale[50];
sscanf (part,"%s %s",defmess,vale);
sscanf (part,"%30s %50s",defmess,vale);
return stat->EnumCase (vale);
}
}

14
src/Materials/Materials_MaterialDefinition.cxx
View File

@ -56,18 +56,18 @@ Handle(Dynamic_Parameter) Materials_MaterialDefinition::Switch(
const Standard_CString atype,
const Standard_CString avalue) const
{
Standard_Integer fr,i;
char value1[80],value2[80],value3[80];
Standard_Integer fr;
char value1[81],value2[81],value3[81];
Handle(Dynamic_Parameter) parameter;
Handle(Dynamic_ObjectParameter) objectparameter;
if (!strcasecmp(atype,"Materials_Color"))
{
for(i=0; i<80; i++)value1[i] = 0;
for(i=0; i<80; i++)value2[i] = 0;
for(i=0; i<80; i++)value3[i] = 0;
// fr = sscanf(avalue,"%s%s%s",&value1,&value2,&value3);
fr = sscanf(avalue,"%s%s%s",value1,value2,value3);
memset(value1,0,sizeof(value1));
memset(value2,0,sizeof(value2));
memset(value3,0,sizeof(value3));
fr = sscanf(avalue,"%80s%80s%80s",value1,value2,value3);
Handle(Materials_Color) pcolor =
new Materials_Color(Quantity_Color(Atof(value1),

23
src/Materials/Materials_MaterialsDictionary.cxx
View File

@ -65,10 +65,10 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
Standard_Integer i,fr,begin,end,lengthname;
//char* filename;
char line[255];
char name[80];
char type[80];
char value1[80],value2[80],value3[80];
char line[256];
char name[81];
char type[81];
char value1[81],value2[81],value3[81];
Handle(Materials_MaterialsSequence) materialssequence;
Handle(Materials_Material) material;
Handle(Materials_Color) pcolor;
@ -92,7 +92,7 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
for(;;)
{
for(i=0; i<255; i++) line[i]=0;
memset(line,0,sizeof(line));
file.getline(line,255);
if(!file)break;
@ -125,18 +125,17 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
}
}
for(i=0; i<80; i++)name[i]=0;
memset(name, 0, sizeof(name));
lengthname = 0;
for(i=begin+1; i<=end-1; i++)name[lengthname++] = line[i];
for(i=0; i<80; i++)type [i] = 0;
for(i=0; i<80; i++)value1 [i] = 0;
for(i=0; i<80; i++)value2 [i] = 0;
for(i=0; i<80; i++)value3 [i] = 0;
memset(type, 0,sizeof(type));
memset(value1,0,sizeof(value1));
memset(value2,0,sizeof(value2));
memset(value3,0,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%s%s%s",&type,&value1,&value2,&value3);
fr = sscanf(&line[end+1],"%s%s%s%s",type,value1,value2,value3);
fr = sscanf(&line[end+1],"%80s%80s%80s%80s",type,value1,value2,value3);
if(fr == -1) continue;

6
src/Units/Units_Lexicon.cxx
View File

@ -89,9 +89,9 @@ void Units_Lexicon::Creates(const Standard_CString afilename)
// split line to parts
char chain[31], oper[11], coeff[31];
for (int i=0; i < 31; i++) chain[i] = '\0';
for (int i=0; i < 11; i++) oper[i] = '\0';
for (int i=0; i < 31; i++) coeff[i] = '\0';
memset(chain,0x00,sizeof(chain));
memset(oper,0x00,sizeof(oper));
memset(coeff,0x00,sizeof(coeff));
sscanf (line, "%30c%10c%30c", chain, oper, coeff);

28
src/Units/Units_UnitsDictionary.cxx
View File

@ -161,16 +161,16 @@ void Units_UnitsDictionary::Creates(const Standard_CString afilename)
// for basic SI dimensions (mass, length, time, ...)
char name[41];
char MM[11], LL[11], TT[11], II[11], tt[11], NN[11], JJ[11], PP[11], SS[11];
for (i=0; i < 41; i++) name[i] = '\0';
for (i=0; i < 11; i++) MM[i] = '\0';
for (i=0; i < 11; i++) LL[i] = '\0';
for (i=0; i < 11; i++) TT[i] = '\0';
for (i=0; i < 11; i++) II[i] = '\0';
for (i=0; i < 11; i++) tt[i] = '\0';
for (i=0; i < 11; i++) NN[i] = '\0';
for (i=0; i < 11; i++) JJ[i] = '\0';
for (i=0; i < 11; i++) PP[i] = '\0';
for (i=0; i < 11; i++) SS[i] = '\0';
memset(name,0x00,sizeof(name));
memset(MM,0x00,sizeof(MM));
memset(LL,0x00,sizeof(LL));
memset(TT,0x00,sizeof(TT));
memset(II,0x00,sizeof(II));
memset(tt,0x00,sizeof(tt));
memset(NN,0x00,sizeof(NN));
memset(JJ,0x00,sizeof(JJ));
memset(PP,0x00,sizeof(PP));
memset(SS,0x00,sizeof(SS));
sscanf (line, "%40c%10c%10c%10c%10c%10c%10c%10c%10c%10c",
name, MM, LL, TT, II, tt, NN, JJ, PP, SS);
@ -222,10 +222,10 @@ void Units_UnitsDictionary::Creates(const Standard_CString afilename)
// - factor (27 symbols)
// - base unit (27 symbols)
char unite[52], symbol[28], convert[28], unit2[28];
for (i=0; i < 52; i++) unite [i] = '\0';
for (i=0; i < 28; i++) symbol [i] = '\0';
for (i=0; i < 28; i++) convert[i] = '\0';
for (i=0; i < 28; i++) unit2 [i] = '\0';
memset(unite, 0x00,sizeof(unite));
memset(symbol, 0x00,sizeof(symbol));
memset(convert,0x00,sizeof(convert));
memset(unit2, 0x00,sizeof(unit2));
sscanf (line, "%51c%27c%27c%27c", unite, symbol, convert, unit2);

32
src/Voxel/Voxel_Reader.cxx
View File

@ -42,8 +42,8 @@ Standard_Boolean Voxel_Reader::Read(const TCollection_ExtendedString& file)
// Read the header
Standard_Byte type; // 0 - bool, 1 - color, 2 - float
Voxel_VoxelFileFormat format;
Standard_Character svoxels[8], sformat[8], stype[8];
fscanf(f, "%s %s %s\n", svoxels, sformat, stype);
Standard_Character svoxels[9], sformat[9], stype[9];
fscanf(f, "%8s %8s %8s\n", svoxels, sformat, stype);
fclose(f);
// Take format, type of voxels.
@ -148,7 +148,7 @@ Standard_Boolean Voxel_Reader::ReadBoolAsciiVoxels(const TCollection_ExtendedStr
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f)
return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32];
Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it
fgets(line, 64, f);
@ -156,13 +156,13 @@ Standard_Boolean Voxel_Reader::ReadBoolAsciiVoxels(const TCollection_ExtendedStr
// Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
}
x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
@ -225,7 +225,7 @@ Standard_Boolean Voxel_Reader::ReadColorAsciiVoxels(const TCollection_ExtendedSt
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f)
return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32];
Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it
fgets(line, 64, f);
@ -233,13 +233,13 @@ Standard_Boolean Voxel_Reader::ReadColorAsciiVoxels(const TCollection_ExtendedSt
// Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
}
x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
@ -302,7 +302,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f)
return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32];
Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it
fgets(line, 64, f);
@ -310,13 +310,13 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
// Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
}
x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3)
if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{
fclose(f);
return Standard_False;
@ -345,7 +345,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
fgets(line, 64, f);
if (has_slice(line))
{
if (sscanf(line, "%d %d %s\n", &i1, &i2, line) != 3)
if (sscanf(line, "%d %d %64s\n", &i1, &i2, line) != 3)
{
fclose(f);
return Standard_False;
@ -353,7 +353,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
}
else
{
if (sscanf(line, "%d %s\n", &i2, line) != 2)
if (sscanf(line, "%d %64s\n", &i2, line) != 2)
{
fclose(f);
return Standard_False;
@ -383,7 +383,7 @@ Standard_Boolean Voxel_Reader::ReadBoolBinaryVoxels(const TCollection_ExtendedSt
return Standard_False;
// Header: skip it
Standard_Character line[64];
Standard_Character line[65];
fgets(line, 64, f);
// Location, size, number of splits
@ -438,7 +438,7 @@ Standard_Boolean Voxel_Reader::ReadColorBinaryVoxels(const TCollection_ExtendedS
return Standard_False;
// Header: skip it
Standard_Character line[64];
Standard_Character line[65];
fgets(line, 64, f);
// Location, size, number of splits
@ -493,7 +493,7 @@ Standard_Boolean Voxel_Reader::ReadFloatBinaryVoxels(const TCollection_ExtendedS
return Standard_False;
// Header: skip it
Standard_Character line[64];
Standard_Character line[65];
fgets(line, 64, f);
// Location, size, number of splits