mirror of
https://github.com/TorqueGameEngines/Torque3D.git
synced 2026-04-20 03:45:26 +00:00
Merge pull request #2219 from CouleeApps/security-fixes
Security Fixes: String Buffers
This commit is contained in:
Areloch
GitHub
commit
1dca1a0787
127 changed files with 667 additions and 582 deletions
|
|
@ -218,9 +218,9 @@ bool GuiFormCtrl::resize(const Point2I &newPosition, const Point2I &newExtent)
|
|||
S32 strlen = dStrlen((const char*)mCaption);
|
||||
for(S32 i=strlen; i>=0; --i)
|
||||
{
|
||||
dStrcpy(buf, "");
|
||||
dStrncat(buf, (const char*)mCaption, i);
|
||||
dStrcat(buf, "...");
|
||||
dStrcpy(buf, "", i);
|
||||
dStrcat(buf, (const char*)mCaption, i);
|
||||
dStrcat(buf, "...", i);
|
||||
|
||||
textWidth = mProfile->mFont->getStrWidth(buf);
|
||||
|
||||
|
|
|
|||
|
|
@ -167,8 +167,9 @@ bool guiAnimBitmapCtrl::ptSetFrameRanges(void *object, const char *index, const
|
|||
pData->mCurFrameIndex = pData->mNumFrames;
|
||||
return true;
|
||||
}
|
||||
char* tokCopy = new char[dStrlen(data) + 1];
|
||||
dStrcpy(tokCopy, data);
|
||||
dsize_t tokLen = dStrlen(data) + 1;
|
||||
char* tokCopy = new char[tokLen];
|
||||
dStrcpy(tokCopy, data, tokLen);
|
||||
|
||||
char* currTok = dStrtok(tokCopy, " \t");
|
||||
while (currTok != NULL)
|
||||
|
|
@ -291,4 +292,4 @@ void guiAnimBitmapCtrl::onRender(Point2I offset, const RectI &updateRect)
|
|||
}
|
||||
|
||||
renderChildControls(offset, updateRect);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -195,7 +195,7 @@ DefineEngineMethod( GuiDirectoryFileListCtrl, getSelectedFiles, const char*, (),
|
|||
|
||||
dMemset( itemBuffer, 0, itemBufSize );
|
||||
dSprintf( itemBuffer, itemBufSize, " %s", itemText );
|
||||
dStrcat( returnBuffer, itemBuffer );
|
||||
dStrcat( returnBuffer, itemBuffer, itemBufSize );
|
||||
}
|
||||
|
||||
return returnBuffer;
|
||||
|
|
|
|||
|
|
@ -276,7 +276,7 @@ void GuiFileTreeCtrl::recurseInsert( Item* parent, StringTableEntry path )
|
|||
|
||||
char szPathCopy [ 1024 ];
|
||||
dMemset( szPathCopy, 0, 1024 );
|
||||
dStrcpy( szPathCopy, path );
|
||||
dStrcpy( szPathCopy, path, 1024 );
|
||||
|
||||
// Jump over the first character if it's a root /
|
||||
char *curPos = szPathCopy;
|
||||
|
|
|
|||
|
|
@ -458,7 +458,7 @@ DefineEngineMethod( GuiListBoxCtrl, getSelectedItems, const char*, (),,
|
|||
{
|
||||
UTF8 retFormat[12];
|
||||
dSprintf( retFormat, 12, "%d ", (*i) );
|
||||
dStrcat( retBuffer, retFormat );
|
||||
dStrcat( retBuffer, retFormat, 12 );
|
||||
}
|
||||
|
||||
return retBuffer;
|
||||
|
|
|
|||
|
|
@ -566,13 +566,14 @@ void GuiPopUpMenuCtrl::setBitmap( const char *name )
|
|||
{
|
||||
char buffer[1024];
|
||||
char *p;
|
||||
dStrcpy(buffer, name);
|
||||
dStrcpy(buffer, name, 1024);
|
||||
p = buffer + dStrlen(buffer);
|
||||
S32 pLen = 1024 - dStrlen(buffer);
|
||||
|
||||
dStrcpy(p, "_n");
|
||||
dStrcpy(p, "_n", pLen);
|
||||
mTextureNormal = GFXTexHandle( (StringTableEntry)buffer, &GFXDefaultGUIProfile, avar("%s() - mTextureNormal (line %d)", __FUNCTION__, __LINE__) );
|
||||
|
||||
dStrcpy(p, "_d");
|
||||
dStrcpy(p, "_d", pLen);
|
||||
mTextureDepressed = GFXTexHandle( (StringTableEntry)buffer, &GFXDefaultGUIProfile, avar("%s() - mTextureDepressed (line %d)", __FUNCTION__, __LINE__) );
|
||||
if ( !mTextureDepressed )
|
||||
mTextureDepressed = mTextureNormal;
|
||||
|
|
@ -637,7 +638,7 @@ void GuiPopUpMenuCtrl::addEntry( const char *buf, S32 id, U32 scheme )
|
|||
mIdMax = id;
|
||||
|
||||
Entry e;
|
||||
dStrcpy( e.buf, buf );
|
||||
dStrcpy( e.buf, buf, 256 );
|
||||
e.id = id;
|
||||
e.scheme = scheme;
|
||||
|
||||
|
|
|
|||
|
|
@ -390,7 +390,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
U32 r, g, b;
|
||||
char buf[64];
|
||||
|
||||
dStrcpy( buf, argv[3] );
|
||||
dStrcpy( buf, argv[3], 64 );
|
||||
char* temp = dStrtok( buf, " \0" );
|
||||
r = temp ? dAtoi( temp ) : 0;
|
||||
temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -399,7 +399,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
b = temp ? dAtoi( temp ) : 0;
|
||||
fontColor.set( r, g, b );
|
||||
|
||||
dStrcpy( buf, argv[4] );
|
||||
dStrcpy( buf, argv[4], 64 );
|
||||
temp = dStrtok( buf, " \0" );
|
||||
r = temp ? dAtoi( temp ) : 0;
|
||||
temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -408,7 +408,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
b = temp ? dAtoi( temp ) : 0;
|
||||
fontColorHL.set( r, g, b );
|
||||
|
||||
dStrcpy( buf, argv[5] );
|
||||
dStrcpy( buf, argv[5], 64 );
|
||||
temp = dStrtok( buf, " \0" );
|
||||
r = temp ? dAtoi( temp ) : 0;
|
||||
temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -426,7 +426,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
// U32 r, g, b;
|
||||
// char buf[64];
|
||||
//
|
||||
// dStrcpy( buf, argv[3] );
|
||||
// dStrcpy( buf, argv[3], 64 );
|
||||
// char* temp = dStrtok( buf, " \0" );
|
||||
// r = temp ? dAtoi( temp ) : 0;
|
||||
// temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -435,7 +435,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
// b = temp ? dAtoi( temp ) : 0;
|
||||
// fontColor.set( r, g, b );
|
||||
//
|
||||
// dStrcpy( buf, argv[4] );
|
||||
// dStrcpy( buf, argv[4], 64 );
|
||||
// temp = dStrtok( buf, " \0" );
|
||||
// r = temp ? dAtoi( temp ) : 0;
|
||||
// temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -444,7 +444,7 @@ DefineEngineMethod( GuiPopUpMenuCtrlEx, addScheme, void, (S32 id, ColorI fontCol
|
|||
// b = temp ? dAtoi( temp ) : 0;
|
||||
// fontColorHL.set( r, g, b );
|
||||
//
|
||||
// dStrcpy( buf, argv[5] );
|
||||
// dStrcpy( buf, argv[5], 64 );
|
||||
// temp = dStrtok( buf, " \0" );
|
||||
// r = temp ? dAtoi( temp ) : 0;
|
||||
// temp = dStrtok( NULL, " \0" );
|
||||
|
|
@ -771,13 +771,14 @@ void GuiPopUpMenuCtrlEx::setBitmap(const char *name)
|
|||
{
|
||||
char buffer[1024];
|
||||
char *p;
|
||||
dStrcpy(buffer, name);
|
||||
dStrcpy(buffer, name, 1024);
|
||||
p = buffer + dStrlen(buffer);
|
||||
S32 pLen = 1024 - dStrlen(buffer);
|
||||
|
||||
dStrcpy(p, "_n");
|
||||
dStrcpy(p, "_n", pLen);
|
||||
mTextureNormal = GFXTexHandle( (StringTableEntry)buffer, &GFXDefaultGUIProfile, avar("%s() - mTextureNormal (line %d)", __FUNCTION__, __LINE__) );
|
||||
|
||||
dStrcpy(p, "_d");
|
||||
dStrcpy(p, "_d", pLen);
|
||||
mTextureDepressed = GFXTexHandle( (StringTableEntry)buffer, &GFXDefaultGUIProfile, avar("%s() - mTextureDepressed (line %d)", __FUNCTION__, __LINE__) );
|
||||
if ( !mTextureDepressed )
|
||||
mTextureDepressed = mTextureNormal;
|
||||
|
|
@ -840,7 +841,7 @@ void GuiPopUpMenuCtrlEx::addEntry(const char *buf, S32 id, U32 scheme)
|
|||
mIdMax = id;
|
||||
|
||||
Entry e;
|
||||
dStrcpy( e.buf, buf );
|
||||
dStrcpy( e.buf, buf, 256 );
|
||||
e.id = id;
|
||||
e.scheme = scheme;
|
||||
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ GuiTabPageCtrl::GuiTabPageCtrl(void)
|
|||
{
|
||||
setExtent(Point2I(100, 200));
|
||||
mFitBook = false;
|
||||
dStrcpy(mText,(UTF8*)"TabPage");
|
||||
dStrcpy(mText,(UTF8*)"TabPage", MAX_STRING_LENGTH);
|
||||
mActive = true;
|
||||
mIsContainer = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4754,15 +4754,15 @@ StringTableEntry GuiTreeViewCtrl::getTextToRoot( S32 itemId, const char * delimi
|
|||
dMemset( bufferOne, 0, sizeof(bufferOne) );
|
||||
dMemset( bufferTwo, 0, sizeof(bufferTwo) );
|
||||
|
||||
dStrcpy( bufferOne, item->getText() );
|
||||
dStrcpy( bufferOne, item->getText(), 1024 );
|
||||
|
||||
Item *prevNode = item->mParent;
|
||||
while ( prevNode )
|
||||
{
|
||||
dMemset( bufferNodeText, 0, sizeof(bufferNodeText) );
|
||||
dStrcpy( bufferNodeText, prevNode->getText() );
|
||||
dStrcpy( bufferNodeText, prevNode->getText(), 128 );
|
||||
dSprintf( bufferTwo, 1024, "%s%s%s",bufferNodeText, delimiter, bufferOne );
|
||||
dStrcpy( bufferOne, bufferTwo );
|
||||
dStrcpy( bufferOne, bufferTwo, 1024 );
|
||||
dMemset( bufferTwo, 0, sizeof(bufferTwo) );
|
||||
prevNode = prevNode->mParent;
|
||||
}
|
||||
|
|
@ -5570,4 +5570,4 @@ DefineEngineMethod(GuiTreeViewCtrl, getItemAtPosition, S32, (Point2I position),
|
|||
"@return The id of the item under the position.")
|
||||
{
|
||||
return object->getItemAtPosition(position);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2570,7 +2570,7 @@ DefineEngineMethod( GuiControl, findHitControls, const char*, ( S32 x, S32 y, S3
|
|||
return "";
|
||||
|
||||
char* buffer = Con::getReturnBuffer( s.size() );
|
||||
dStrcpy( buffer, s.c_str() );
|
||||
dStrcpy( buffer, s.c_str(), s.size() );
|
||||
|
||||
return buffer;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -431,7 +431,7 @@ bool DbgFileView::findMouseOverVariable()
|
|||
{
|
||||
S32 stringPosition = pt.x - gFileXOffset;
|
||||
char tempBuf[256], *varNamePtr = &tempBuf[1];
|
||||
dStrcpy(tempBuf, mFileView[cell.y].text);
|
||||
dStrcpy(tempBuf, mFileView[cell.y].text, 256);
|
||||
|
||||
//find the current mouse over char
|
||||
S32 charNum = findMouseOverChar(mFileView[cell.y].text, stringPosition);
|
||||
|
|
@ -526,7 +526,7 @@ void DbgFileView::onPreRender()
|
|||
{
|
||||
setUpdate();
|
||||
char oldVar[256];
|
||||
dStrcpy(oldVar, mMouseOverVariable);
|
||||
dStrcpy(oldVar, mMouseOverVariable, 256);
|
||||
bool found = findMouseOverVariable();
|
||||
if (found && mPCCurrentLine >= 0)
|
||||
{
|
||||
|
|
@ -685,7 +685,7 @@ void DbgFileView::onRenderCell(Point2I offset, Point2I cell, bool selected, bool
|
|||
{
|
||||
S32 startPos, endPos;
|
||||
char tempBuf[256];
|
||||
dStrcpy(tempBuf, mFileView[cell.y].text);
|
||||
dStrcpy(tempBuf, mFileView[cell.y].text, 256);
|
||||
|
||||
//get the end coord
|
||||
tempBuf[mBlockEnd] = '\0';
|
||||
|
|
|
|||
|
|
@ -2625,8 +2625,8 @@ DefineConsoleMethod( GuiEditCtrl, getSelectionGlobalBounds, const char*, (), , "
|
|||
RectI bounds = object->getSelectionGlobalBounds();
|
||||
String str = String::ToString( "%i %i %i %i", bounds.point.x, bounds.point.y, bounds.extent.x, bounds.extent.y );
|
||||
|
||||
char* buffer = Con::getReturnBuffer( str.length() );
|
||||
dStrcpy( buffer, str.c_str() );
|
||||
char* buffer = Con::getReturnBuffer( str.size() );
|
||||
dStrcpy( buffer, str.c_str(), str.size() );
|
||||
|
||||
return buffer;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,8 +70,8 @@ DefineConsoleMethod( GuiFilterCtrl, getValue, const char*, (), , "Return a tuple
|
|||
for (U32 i=0; i < filter->size(); i++)
|
||||
{
|
||||
char value[32];
|
||||
dSprintf(value, 31, "%1.5f ", *(filter->begin()+i) );
|
||||
dStrcat(buffer, value);
|
||||
dSprintf(value, 32, "%1.5f ", *(filter->begin()+i) );
|
||||
dStrcat(buffer, value, 32);
|
||||
}
|
||||
|
||||
return buffer;
|
||||
|
|
@ -239,7 +239,7 @@ void Filter::set(S32 argc, const char *argv[])
|
|||
if (argc == 1)
|
||||
{ // in the form of one string "1.0 1.0 1.0"
|
||||
char list[1024];
|
||||
dStrcpy(list, *argv); // strtok modifies the string so we need to copy it
|
||||
dStrcpy(list, *argv, 1024); // strtok modifies the string so we need to copy it
|
||||
char *value = dStrtok(list, " ");
|
||||
while (value)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -500,7 +500,7 @@ void MessageVector::insertLine(const U32 position,
|
|||
|
||||
U32 len = dStrlen(newMessage) + 1;
|
||||
char* copy = new char[len];
|
||||
dStrcpy(copy, newMessage);
|
||||
dStrcpy(copy, newMessage, len);
|
||||
|
||||
mMessageLines.insert(position);
|
||||
mMessageLines[position].message = copy;
|
||||
|
|
|
|||
|
|
@ -2495,8 +2495,8 @@ DefineConsoleMethod(TerrainEditor, getTerrainBlocksMaterialList, const char *, (
|
|||
ret[0] = 0;
|
||||
for(U32 i = 0; i < list.size(); ++i)
|
||||
{
|
||||
dStrcat( ret, list[i] );
|
||||
dStrcat( ret, "\n" );
|
||||
dStrcat( ret, list[i], size );
|
||||
dStrcat( ret, "\n", size );
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
|
@ -2709,8 +2709,8 @@ DefineConsoleMethod(TerrainEditor, getMaterials, const char *, (), , "() gets th
|
|||
ret[0] = 0;
|
||||
for(U32 i = 0; i < terr->getMaterialCount(); i++)
|
||||
{
|
||||
dStrcat( ret, terr->getMaterialName(i) );
|
||||
dStrcat( ret, "\n" );
|
||||
dStrcat( ret, terr->getMaterialName(i), 4096 );
|
||||
dStrcat( ret, "\n", 4096 );
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue