OpenCascade/occt
1
0
Fork 0
mirror of https://git.dev.opencascade.org/repos/occt.git synced 2025-04-21 10:13:43 +03:00
Code

0023843: scanf without field width limits can crash with huge input data.

Browse Source 
Corrected width specifiers and use of buffer arrays in *printf and *scanf functions.
Removed unreferenced variable warning.
Got rid of compiler warning (returning address of local variable or temporary).
This commit is contained in:
omy 2013-04-26 15:29:28 +04:00
parent 3af9db62e0
commit d0e4e57891
8 changed files with 82 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/Dynamic/Dynamic_FuzzyDefinitionsDictionary.cxx
View File

@ -72,10 +72,10 @@ Dynamic_FuzzyDefinitionsDictionary::Dynamic_FuzzyDefinitionsDictionary()
void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilename) void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilename)
{ {
Standard_Integer fr,i,begin,end,endline; Standard_Integer fr,i,begin,end,endline;
char line[255]; char line[256];
char name[80]; char name[81];
char type[80]; char type[81];
char value[80],value1[80],value2[80],value3[80]; char value[81],value1[81],value2[81],value3[81];
Handle(Dynamic_FuzzyDefinition) fuzzydefinition; Handle(Dynamic_FuzzyDefinition) fuzzydefinition;
Handle(Dynamic_Parameter) parameter; Handle(Dynamic_Parameter) parameter;
@ -96,7 +96,7 @@ void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilenam
for(;;) for(;;)
{ {
for(i=0; i<255; i++) line[i] = 0; memset(line,0,sizeof(line));
file.getline(line,255); file.getline(line,255);
if(!file)break; if(!file)break;
@ -130,19 +130,18 @@ void Dynamic_FuzzyDefinitionsDictionary::Creates(const Standard_CString afilenam
} }
} }
for(i=0; i<80; i++)name[i]=0; memset(name,0,sizeof(name));
endline = 0; endline = 0;
for(i=begin+1; i<=end-1; i++)name[endline++] = line[i]; for(i=begin+1; i<=end-1; i++)name[endline++] = line[i];
for(i=0; i<80; i++)type [i] = 0; memset(type,0,sizeof(type));
for(i=0; i<80; i++)value [i] = 0; memset(value,0,sizeof(value));
for(i=0; i<80; i++)value1 [i] = 0; memset(value1,0,sizeof(value1));
for(i=0; i<80; i++)value2 [i] = 0; memset(value2,0,sizeof(value2));
for(i=0; i<80; i++)value3 [i] = 0; memset(value3,0,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%80c",&type,&value); fr = sscanf(&line[end+1],"%80s%80c",type,value);
fr = sscanf(&line[end+1],"%s%80c",type,value);
if(fr == -1) continue; if(fr == -1) continue;
begin = 0; begin = 0;

29
src/Dynamic/Dynamic_MethodDefinitionsDictionary.cxx
View File

@ -74,11 +74,11 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
{ {
Standard_Boolean group; Standard_Boolean group;
Standard_Integer fr,i,begin,end,endline; Standard_Integer fr,i,begin,end,endline;
char line[255]; char line[256];
char name[80]; char name[81];
char mode[80]; char mode[81];
char type[80]; char type[81];
char value[80],value1[80],value2[80],value3[80]; char value[81],value1[81],value2[81],value3[81];
Handle(Dynamic_CompiledMethod) methoddefinition; Handle(Dynamic_CompiledMethod) methoddefinition;
Handle(Dynamic_Parameter) parameter; Handle(Dynamic_Parameter) parameter;
@ -99,7 +99,7 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
for(;;) for(;;)
{ {
for(i=0; i<255; i++) line[i] = 0; memset(line,0,sizeof(line));
file.getline(line,255); file.getline(line,255);
if(!file)break; if(!file)break;
@ -133,20 +133,19 @@ void Dynamic_MethodDefinitionsDictionary::Creates(const Standard_CString afilena
} }
} }
for(i=0; i<80; i++)name[i]=0; memset(name,0,sizeof(name));
endline = 0; endline = 0;
for(i=begin+1; i<=end-1; i++)name[endline++] = line[i]; for(i=begin+1; i<=end-1; i++)name[endline++] = line[i];
for(i=0; i<80; i++)mode [i] = 0; memset(mode, 0x00,sizeof(mode));
for(i=0; i<80; i++)type [i] = 0; memset(type, 0x00,sizeof(type));
for(i=0; i<80; i++)value [i] = 0; memset(value, 0x00,sizeof(value));
for(i=0; i<80; i++)value1 [i] = 0; memset(value1,0x00,sizeof(value1));
for(i=0; i<80; i++)value2 [i] = 0; memset(value2,0x00,sizeof(value2));
for(i=0; i<80; i++)value3 [i] = 0; memset(value3,0x00,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%s%80c",&mode,&type,&value); fr = sscanf(&line[end+1],"%80s%80s%80c",mode,type,value);
fr = sscanf(&line[end+1],"%s%s%80c",mode,type,value);
if(fr == -1) continue; if(fr == -1) continue;
group = Standard_False; group = Standard_False;

11
src/Interface/Interface_Static.cxx
View File

@ -25,8 +25,7 @@
#include <OSD_Path.hxx> #include <OSD_Path.hxx>
#include <stdio.h> #include <stdio.h>
static char defmess[31];
static char defmess[30];
// Fonctions Satisfies offertes en standard ... // Fonctions Satisfies offertes en standard ...
@ -243,18 +242,18 @@ Standard_CString Interface_Static::CDef
} }
if (part[0] == 'e') { if (part[0] == 'e') {
Standard_Integer nume = 0; Standard_Integer nume = 0;
sscanf (part,"%s %d",defmess,&nume); sscanf (part,"%30s %d",defmess,&nume);
return stat->EnumVal(nume); return stat->EnumVal(nume);
} }
if (part[0] == 'i') { if (part[0] == 'i') {
Standard_Integer ilim; Standard_Integer ilim;
if (!stat->IntegerLimit((part[2] == 'a'),ilim)) return ""; if (!stat->IntegerLimit((part[2] == 'a'),ilim)) return "";
Sprintf(defmess,"%d",ilim); return defmess; Sprintf(defmess,"%d",ilim); return defmess;
} }
if (part[0] == 'r') { if (part[0] == 'r') {
Standard_Real rlim; Standard_Real rlim;
if (!stat->RealLimit((part[2] == 'a'),rlim)) return ""; if (!stat->RealLimit((part[2] == 'a'),rlim)) return "";
Sprintf(defmess,"%f",rlim); return defmess; Sprintf(defmess,"%f",rlim); return defmess;
} }
if (part[0] == 'u') return stat->UnitDef(); if (part[0] == 'u') return stat->UnitDef();
return ""; return "";
@ -280,7 +279,7 @@ Standard_Integer Interface_Static::IDef
if (part[1] == 'm') return (match ? 1 : 0); if (part[1] == 'm') return (match ? 1 : 0);
if (part[1] == 'v') { if (part[1] == 'v') {
char vale[50]; char vale[50];
sscanf (part,"%s %s",defmess,vale); sscanf (part,"%30s %50s",defmess,vale);
return stat->EnumCase (vale); return stat->EnumCase (vale);
} }
} }

14
src/Materials/Materials_MaterialDefinition.cxx
View File

@ -56,18 +56,18 @@ Handle(Dynamic_Parameter) Materials_MaterialDefinition::Switch(
const Standard_CString atype, const Standard_CString atype,
const Standard_CString avalue) const const Standard_CString avalue) const
{ {
Standard_Integer fr,i; Standard_Integer fr;
char value1[80],value2[80],value3[80]; char value1[81],value2[81],value3[81];
Handle(Dynamic_Parameter) parameter; Handle(Dynamic_Parameter) parameter;
Handle(Dynamic_ObjectParameter) objectparameter; Handle(Dynamic_ObjectParameter) objectparameter;
if (!strcasecmp(atype,"Materials_Color")) if (!strcasecmp(atype,"Materials_Color"))
{ {
for(i=0; i<80; i++)value1[i] = 0; memset(value1,0,sizeof(value1));
for(i=0; i<80; i++)value2[i] = 0; memset(value2,0,sizeof(value2));
for(i=0; i<80; i++)value3[i] = 0; memset(value3,0,sizeof(value3));
// fr = sscanf(avalue,"%s%s%s",&value1,&value2,&value3);
fr = sscanf(avalue,"%s%s%s",value1,value2,value3); fr = sscanf(avalue,"%80s%80s%80s",value1,value2,value3);
Handle(Materials_Color) pcolor = Handle(Materials_Color) pcolor =
new Materials_Color(Quantity_Color(Atof(value1), new Materials_Color(Quantity_Color(Atof(value1),

23
src/Materials/Materials_MaterialsDictionary.cxx
View File

@ -65,10 +65,10 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
Standard_Integer i,fr,begin,end,lengthname; Standard_Integer i,fr,begin,end,lengthname;
//char* filename; //char* filename;
char line[255]; char line[256];
char name[80]; char name[81];
char type[80]; char type[81];
char value1[80],value2[80],value3[80]; char value1[81],value2[81],value3[81];
Handle(Materials_MaterialsSequence) materialssequence; Handle(Materials_MaterialsSequence) materialssequence;
Handle(Materials_Material) material; Handle(Materials_Material) material;
Handle(Materials_Color) pcolor; Handle(Materials_Color) pcolor;
@ -92,7 +92,7 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
for(;;) for(;;)
{ {
for(i=0; i<255; i++) line[i]=0; memset(line,0,sizeof(line));
file.getline(line,255); file.getline(line,255);
if(!file)break; if(!file)break;
@ -125,18 +125,17 @@ Materials_MaterialsDictionary::Materials_MaterialsDictionary()
} }
} }
for(i=0; i<80; i++)name[i]=0; memset(name, 0, sizeof(name));
lengthname = 0; lengthname = 0;
for(i=begin+1; i<=end-1; i++)name[lengthname++] = line[i]; for(i=begin+1; i<=end-1; i++)name[lengthname++] = line[i];
for(i=0; i<80; i++)type [i] = 0; memset(type, 0,sizeof(type));
for(i=0; i<80; i++)value1 [i] = 0; memset(value1,0,sizeof(value1));
for(i=0; i<80; i++)value2 [i] = 0; memset(value2,0,sizeof(value2));
for(i=0; i<80; i++)value3 [i] = 0; memset(value3,0,sizeof(value3));
// fr = sscanf(&line[end+1],"%s%s%s%s",&type,&value1,&value2,&value3); fr = sscanf(&line[end+1],"%80s%80s%80s%80s",type,value1,value2,value3);
fr = sscanf(&line[end+1],"%s%s%s%s",type,value1,value2,value3);
if(fr == -1) continue; if(fr == -1) continue;

6
src/Units/Units_Lexicon.cxx
View File

@ -89,9 +89,9 @@ void Units_Lexicon::Creates(const Standard_CString afilename)
// split line to parts // split line to parts
char chain[31], oper[11], coeff[31]; char chain[31], oper[11], coeff[31];
for (int i=0; i < 31; i++) chain[i] = '\0'; memset(chain,0x00,sizeof(chain));
for (int i=0; i < 11; i++) oper[i] = '\0'; memset(oper,0x00,sizeof(oper));
for (int i=0; i < 31; i++) coeff[i] = '\0'; memset(coeff,0x00,sizeof(coeff));
sscanf (line, "%30c%10c%30c", chain, oper, coeff); sscanf (line, "%30c%10c%30c", chain, oper, coeff);

28
src/Units/Units_UnitsDictionary.cxx
View File

@ -161,16 +161,16 @@ void Units_UnitsDictionary::Creates(const Standard_CString afilename)
// for basic SI dimensions (mass, length, time, ...) // for basic SI dimensions (mass, length, time, ...)
char name[41]; char name[41];
char MM[11], LL[11], TT[11], II[11], tt[11], NN[11], JJ[11], PP[11], SS[11]; char MM[11], LL[11], TT[11], II[11], tt[11], NN[11], JJ[11], PP[11], SS[11];
for (i=0; i < 41; i++) name[i] = '\0'; memset(name,0x00,sizeof(name));
for (i=0; i < 11; i++) MM[i] = '\0'; memset(MM,0x00,sizeof(MM));
for (i=0; i < 11; i++) LL[i] = '\0'; memset(LL,0x00,sizeof(LL));
for (i=0; i < 11; i++) TT[i] = '\0'; memset(TT,0x00,sizeof(TT));
for (i=0; i < 11; i++) II[i] = '\0'; memset(II,0x00,sizeof(II));
for (i=0; i < 11; i++) tt[i] = '\0'; memset(tt,0x00,sizeof(tt));
for (i=0; i < 11; i++) NN[i] = '\0'; memset(NN,0x00,sizeof(NN));
for (i=0; i < 11; i++) JJ[i] = '\0'; memset(JJ,0x00,sizeof(JJ));
for (i=0; i < 11; i++) PP[i] = '\0'; memset(PP,0x00,sizeof(PP));
for (i=0; i < 11; i++) SS[i] = '\0'; memset(SS,0x00,sizeof(SS));
sscanf (line, "%40c%10c%10c%10c%10c%10c%10c%10c%10c%10c", sscanf (line, "%40c%10c%10c%10c%10c%10c%10c%10c%10c%10c",
name, MM, LL, TT, II, tt, NN, JJ, PP, SS); name, MM, LL, TT, II, tt, NN, JJ, PP, SS);
@ -222,10 +222,10 @@ void Units_UnitsDictionary::Creates(const Standard_CString afilename)
// - factor (27 symbols) // - factor (27 symbols)
// - base unit (27 symbols) // - base unit (27 symbols)
char unite[52], symbol[28], convert[28], unit2[28]; char unite[52], symbol[28], convert[28], unit2[28];
for (i=0; i < 52; i++) unite [i] = '\0'; memset(unite, 0x00,sizeof(unite));
for (i=0; i < 28; i++) symbol [i] = '\0'; memset(symbol, 0x00,sizeof(symbol));
for (i=0; i < 28; i++) convert[i] = '\0'; memset(convert,0x00,sizeof(convert));
for (i=0; i < 28; i++) unit2 [i] = '\0'; memset(unit2, 0x00,sizeof(unit2));
sscanf (line, "%51c%27c%27c%27c", unite, symbol, convert, unit2); sscanf (line, "%51c%27c%27c%27c", unite, symbol, convert, unit2);

32
src/Voxel/Voxel_Reader.cxx
View File

@ -42,8 +42,8 @@ Standard_Boolean Voxel_Reader::Read(const TCollection_ExtendedString& file)
// Read the header // Read the header
Standard_Byte type; // 0 - bool, 1 - color, 2 - float Standard_Byte type; // 0 - bool, 1 - color, 2 - float
Voxel_VoxelFileFormat format; Voxel_VoxelFileFormat format;
Standard_Character svoxels[8], sformat[8], stype[8]; Standard_Character svoxels[9], sformat[9], stype[9];
fscanf(f, "%s %s %s\n", svoxels, sformat, stype); fscanf(f, "%8s %8s %8s\n", svoxels, sformat, stype);
fclose(f); fclose(f);
// Take format, type of voxels. // Take format, type of voxels.
@ -148,7 +148,7 @@ Standard_Boolean Voxel_Reader::ReadBoolAsciiVoxels(const TCollection_ExtendedStr
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r"); FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f) if (!f)
return Standard_False; return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32]; Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it // Header: skip it
fgets(line, 64, f); fgets(line, 64, f);
@ -156,13 +156,13 @@ Standard_Boolean Voxel_Reader::ReadBoolAsciiVoxels(const TCollection_ExtendedStr
// Location, size, number of splits // Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0; Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0; Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
} }
x = Atof(sx); y = Atof(sy); z = Atof(sz); x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
@ -225,7 +225,7 @@ Standard_Boolean Voxel_Reader::ReadColorAsciiVoxels(const TCollection_ExtendedSt
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r"); FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f) if (!f)
return Standard_False; return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32]; Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it // Header: skip it
fgets(line, 64, f); fgets(line, 64, f);
@ -233,13 +233,13 @@ Standard_Boolean Voxel_Reader::ReadColorAsciiVoxels(const TCollection_ExtendedSt
// Location, size, number of splits // Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0; Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0; Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
} }
x = Atof(sx); y = Atof(sy); z = Atof(sz); x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
@ -302,7 +302,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r"); FILE* f = fopen(TCollection_AsciiString(file, '?').ToCString(), "r");
if (!f) if (!f)
return Standard_False; return Standard_False;
Standard_Character line[64], sx[32], sy[32], sz[32]; Standard_Character line[65], sx[33], sy[33], sz[33];
// Header: skip it // Header: skip it
fgets(line, 64, f); fgets(line, 64, f);
@ -310,13 +310,13 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
// Location, size, number of splits // Location, size, number of splits
Standard_Integer nbx = 0, nby = 0, nbz = 0; Standard_Integer nbx = 0, nby = 0, nbz = 0;
Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0; Standard_Real x = 0.0, y = 0.0, z = 0.0, xlen = 0.0, ylen = 0.0, zlen = 0.0;
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
} }
x = Atof(sx); y = Atof(sy); z = Atof(sz); x = Atof(sx); y = Atof(sy); z = Atof(sz);
if (fscanf(f, "%s %s %s\n", sx, sy, sz) != 3) if (fscanf(f, "%32s %32s %32s\n", sx, sy, sz) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
@ -345,7 +345,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
fgets(line, 64, f); fgets(line, 64, f);
if (has_slice(line)) if (has_slice(line))
{ {
if (sscanf(line, "%d %d %s\n", &i1, &i2, line) != 3) if (sscanf(line, "%d %d %64s\n", &i1, &i2, line) != 3)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
@ -353,7 +353,7 @@ Standard_Boolean Voxel_Reader::ReadFloatAsciiVoxels(const TCollection_ExtendedSt
} }
else else
{ {
if (sscanf(line, "%d %s\n", &i2, line) != 2) if (sscanf(line, "%d %64s\n", &i2, line) != 2)
{ {
fclose(f); fclose(f);
return Standard_False; return Standard_False;
@ -383,7 +383,7 @@ Standard_Boolean Voxel_Reader::ReadBoolBinaryVoxels(const TCollection_ExtendedSt
return Standard_False; return Standard_False;
// Header: skip it // Header: skip it
Standard_Character line[64]; Standard_Character line[65];
fgets(line, 64, f); fgets(line, 64, f);
// Location, size, number of splits // Location, size, number of splits
@ -438,7 +438,7 @@ Standard_Boolean Voxel_Reader::ReadColorBinaryVoxels(const TCollection_ExtendedS
return Standard_False; return Standard_False;
// Header: skip it // Header: skip it
Standard_Character line[64]; Standard_Character line[65];
fgets(line, 64, f); fgets(line, 64, f);
// Location, size, number of splits // Location, size, number of splits
@ -493,7 +493,7 @@ Standard_Boolean Voxel_Reader::ReadFloatBinaryVoxels(const TCollection_ExtendedS
return Standard_False; return Standard_False;
// Header: skip it // Header: skip it
Standard_Character line[64]; Standard_Character line[65];
fgets(line, 64, f); fgets(line, 64, f);
// Location, size, number of splits // Location, size, number of splits