From b7434aa97620f93ae56267a5c06889342d7c6472 Mon Sep 17 00:00:00 2001 From: hyung-hwan Date: Wed, 14 Mar 2018 14:54:10 +0000 Subject: [PATCH] fixed a potential in set_err_with_syserr in hcl-s.c --- lib/hcl-s.c | 22 +++++++++------------- lib/hcl.h | 10 ++++++---- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/lib/hcl-s.c b/lib/hcl-s.c index 9b55bbe..4fb8f58 100644 --- a/lib/hcl-s.c +++ b/lib/hcl-s.c @@ -244,7 +244,7 @@ struct hcl_server_t hcl_errnum_t errnum; struct { - hcl_ooch_t buf[2048]; + hcl_ooch_t buf[HCL_ERRMSG_CAPA]; hcl_oow_t len; } errmsg; int stopreq; @@ -1748,13 +1748,12 @@ static void set_err_with_syserr (hcl_server_t* server, int syserr, const char* b va_end (ap); #if defined(HCL_OOCH_IS_BCH) - hcl->errmsg.len += hcl_copybcstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, b_dash); - hcl->errmsg.len += hcl_copybcstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, hcl->errmsg.tmpbuf.bch); + hcl->errmsg.len += hcl_copybcstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, b_dash); + hcl->errmsg.len += hcl_copybcstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, hcl->errmsg.tmpbuf.bch); #else - hcl->errmsg.len += hcl_copyucstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, u_dash); - tmplen = hcl_countbcstr(hcl->errmsg.tmpbuf.bch); + hcl->errmsg.len += hcl_copyucstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, u_dash); tmplen2 = HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len; - hcl_convbtouchars (hcl, hcl->errmsg.tmpbuf.bch, &tmplen, &hcl->errmsg.buf[hcl->errmsg.len], &tmplen2); + hcl_convbtoucstr (hcl, hcl->errmsg.tmpbuf.bch, &tmplen, &hcl->errmsg.buf[hcl->errmsg.len], &tmplen2); hcl->errmsg.len += tmplen2; /* ignore conversion errors */ #endif } @@ -1769,17 +1768,14 @@ static void set_err_with_syserr (hcl_server_t* server, int syserr, const char* b va_end (ap); #if defined(HCL_OOCH_IS_BCH) - hcl->errmsg.len += hcl_copybcstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, b_dash); - - tmplen = hcl_countucstr(hcl->errmsg.tmpbuf.uch); + hcl->errmsg.len += hcl_copybcstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, b_dash); tmplen2 = HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len; - hcl_convutobchars (hcl, hcl->errmsg.tmpbuf.uch, &tmplen, &hcl->errmsg.buf[hcl->errmsg.len], &tmplen2); + hcl_convutobcstr (hcl, hcl->errmsg.tmpbuf.uch, &tmplen, &hcl->errmsg.buf[hcl->errmsg.len], &tmplen2); hcl->errmsg.len += tmplen2; /* ignore conversion errors */ #else - hcl->errmsg.len += hcl_copyucstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, u_dash); - hcl->errmsg.len += hcl_copyucstr (&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, hcl->errmsg.tmpbuf.uch); + hcl->errmsg.len += hcl_copyucstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, u_dash); + hcl->errmsg.len += hcl_copyucstr(&hcl->errmsg.buf[hcl->errmsg.len], HCL_COUNTOF(hcl->errmsg.buf) - hcl->errmsg.len, hcl->errmsg.tmpbuf.uch); #endif - } server->errnum = errnum; diff --git a/lib/hcl.h b/lib/hcl.h index b7c421a..b88bac2 100644 --- a/lib/hcl.h +++ b/lib/hcl.h @@ -992,6 +992,8 @@ struct hcl_synerr_t typedef struct hcl_compiler_t hcl_compiler_t; #endif +#define HCL_ERRMSG_CAPA 2048 + struct hcl_t { hcl_mmgr_t* mmgr; @@ -1002,11 +1004,11 @@ struct hcl_t { union { - hcl_ooch_t ooch[2048]; - hcl_bch_t bch[2048]; - hcl_uch_t uch[2048]; + hcl_ooch_t ooch[HCL_ERRMSG_CAPA]; + hcl_bch_t bch[HCL_ERRMSG_CAPA]; + hcl_uch_t uch[HCL_ERRMSG_CAPA]; } tmpbuf; - hcl_ooch_t buf[2048]; + hcl_ooch_t buf[HCL_ERRMSG_CAPA]; hcl_oow_t len; } errmsg; int shuterr;