TorqueGameEngines/Torque3D
1
0
Fork 0
mirror of https://github.com/TorqueGameEngines/Torque3D.git synced 2026-02-13 11:43:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use strncat instead of strcat to prevent some buffer overflows

Browse source
This commit is contained in:
Glenn Smith 2018-03-06 00:48:44 -05:00
parent bf408235a8
commit 1728fe39ad
32 changed files with 147 additions and 134 deletions
Download patch file Download diff file Expand all files Collapse all files

78
Engine/source/sim/actionMap.cpp
View file

@ -249,7 +249,7 @@ void ActionMap::dumpActionMap(const char* fileName, const bool append) const
iostrm->write( dStrlen( lineBuffer ), lineBuffer );
}
dSprintf(lineBuffer, 1023, "if (isObject(%s)) %s.delete();\n"
dSprintf(lineBuffer, 1024, "if (isObject(%s)) %s.delete();\n"
"new ActionMap(%s);\n", getName(), getName(), getName());
iostrm->write(dStrlen(lineBuffer), lineBuffer);
@ -277,7 +277,7 @@ void ActionMap::dumpActionMap(const char* fileName, const bool append) const
else
command = "bind";
dSprintf(lineBuffer, 1023, "%s.%s(%s, \"%s%s\"",
dSprintf(lineBuffer, 1024, "%s.%s(%s, \"%s%s\"",
getName(),
command,
devbuffer,
@ -298,53 +298,53 @@ void ActionMap::dumpActionMap(const char* fileName, const bool append) const
buff[curr++] = 'I';
buff[curr] = '\0';
dStrcat(lineBuffer, buff);
dStrcat(lineBuffer, buff, 1024);
}
if (rNode.flags & Node::HasDeadZone) {
char buff[64];
dSprintf(buff, 63, ", \"%g %g\"", rNode.deadZoneBegin, rNode.deadZoneEnd);
dStrcat(lineBuffer, buff);
dStrcat(lineBuffer, buff, 1024);
}
if (rNode.flags & Node::HasScale) {
char buff[64];
dSprintf(buff, 63, ", %g", rNode.scaleFactor);
dStrcat(lineBuffer, buff);
dStrcat(lineBuffer, buff, 1024);
}
if (rNode.flags & Node::BindCmd) {
if (rNode.makeConsoleCommand) {
dStrcat(lineBuffer, ", \"");
dStrcat(lineBuffer, ", \"", 1024);
U32 pos = dStrlen(lineBuffer);
expandEscape(lineBuffer + pos, rNode.makeConsoleCommand);
dStrcat(lineBuffer, "\"");
dStrcat(lineBuffer, "\"", 1024);
} else {
dStrcat(lineBuffer, ", \"\"");
dStrcat(lineBuffer, ", \"\"", 1024);
}
if (rNode.breakConsoleCommand) {
dStrcat(lineBuffer, ", \"");
dStrcat(lineBuffer, ", \"", 1024);
U32 pos = dStrlen(lineBuffer);
expandEscape(lineBuffer + pos, rNode.breakConsoleCommand);
dStrcat(lineBuffer, "\"");
dStrcat(lineBuffer, "\"", 1024);
}
else
dStrcat(lineBuffer, ", \"\"");
dStrcat(lineBuffer, ", \"\"", 1024);
}
else if (rNode.flags & Node::Held)
{
dStrcat(lineBuffer, ", ");
dStrcat(lineBuffer, rNode.consoleFunction);
dStrcat(lineBuffer, ", ", 1024);
dStrcat(lineBuffer, rNode.consoleFunction, 1024);
dStrcat(lineBuffer, ", ");
dStrcat(lineBuffer, rNode.contextEvent->mConsoleFunctionHeld);
dStrcat(lineBuffer, ", ", 1024);
dStrcat(lineBuffer, rNode.contextEvent->mConsoleFunctionHeld, 1024);
}
else {
dStrcat(lineBuffer, ", ");
dStrcat(lineBuffer, rNode.consoleFunction);
dStrcat(lineBuffer, ", ", 1024);
dStrcat(lineBuffer, rNode.consoleFunction, 1024);
}
dStrcat(lineBuffer, ");\n");
dStrcat(lineBuffer, ");\n", 1024);
iostrm->write(dStrlen(lineBuffer), lineBuffer);
}
}
@ -377,7 +377,7 @@ void ActionMap::dumpActionMap(const char* fileName, const bool append) const
command = "bind";
char finalBuffer[1024];
dSprintf(finalBuffer, 1023, "%s.%s(%s, \"%s%s\"",
dSprintf(finalBuffer, 1024, "%s.%s(%s, \"%s%s\"",
getName(),
command,
devbuffer,
@ -398,51 +398,51 @@ void ActionMap::dumpActionMap(const char* fileName, const bool append) const
buff[curr++] = 'I';
buff[curr] = '\0';
dStrcat(finalBuffer, buff);
dStrcat(finalBuffer, buff, 1024);
}
if (rNode.flags & Node::HasDeadZone) {
char buff[64];
dSprintf(buff, 63, ", \"%g %g\"", rNode.deadZoneBegin, rNode.deadZoneEnd);
dStrcat(finalBuffer, buff);
dStrcat(finalBuffer, buff, 1024);
}
if (rNode.flags & Node::HasScale) {
char buff[64];
dSprintf(buff, 63, ", %g", rNode.scaleFactor);
dStrcat(finalBuffer, buff);
dStrcat(finalBuffer, buff, 1024);
}
if (rNode.flags & Node::BindCmd) {
if (rNode.makeConsoleCommand) {
dStrcat(finalBuffer, ", \"");
dStrcat(finalBuffer, rNode.makeConsoleCommand);
dStrcat(finalBuffer, "\"");
dStrcat(finalBuffer, ", \"", 1024);
dStrcat(finalBuffer, rNode.makeConsoleCommand, 1024);
dStrcat(finalBuffer, "\"", 1024);
} else {
dStrcat(finalBuffer, ", \"\"");
dStrcat(finalBuffer, ", \"\"", 1024);
}
if (rNode.breakConsoleCommand) {
dStrcat(finalBuffer, ", \"");
dStrcat(finalBuffer, rNode.breakConsoleCommand);
dStrcat(finalBuffer, "\"");
dStrcat(finalBuffer, ", \"", 1024);
dStrcat(finalBuffer, rNode.breakConsoleCommand, 1024);
dStrcat(finalBuffer, "\"", 1024);
}
else
dStrcat(finalBuffer, ", \"\"");
dStrcat(finalBuffer, ", \"\"", 1024);
}
else if (rNode.flags & Node::Held)
{
dStrcat(finalBuffer, ", ");
dStrcat(finalBuffer, rNode.consoleFunction);
dStrcat(finalBuffer, ", ", 1024);
dStrcat(finalBuffer, rNode.consoleFunction, 1024);
dStrcat(finalBuffer, ", ");
dStrcat(finalBuffer, rNode.contextEvent->mConsoleFunctionHeld);
dStrcat(finalBuffer, ", ", 1024);
dStrcat(finalBuffer, rNode.contextEvent->mConsoleFunctionHeld, 1024);
}
else {
dStrcat(finalBuffer, ", ");
dStrcat(finalBuffer, rNode.consoleFunction);
dStrcat(finalBuffer, ", ", 1024);
dStrcat(finalBuffer, rNode.consoleFunction, 1024);
}
dStrcat(finalBuffer, ");");
dStrcat(finalBuffer, ");", 1024);
Con::printf(finalBuffer);
}
}
@ -786,8 +786,8 @@ const char* ActionMap::getBinding( const char* command )
{
dSprintf( buffer, sizeof( buffer ), "%s\t%s%s", deviceBuffer, modifierString, keyBuffer );
if ( returnString[0] )
dStrcat( returnString, "\t" );
dStrcat( returnString, buffer );
dStrcat( returnString, "\t", 1024 );
dStrcat( returnString, buffer, 1024 );
}
}