empathicqubit/cc65
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed a buffer overrun bug.

Browse source
This commit is contained in:
Greg King 2014-07-17 07:05:10 -04:00
parent 30aab9a6b2
commit c6e7d835ef
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
libsrc/cbm/seekdir.c
View file

@ -1,5 +1,6 @@
/* /*
** Ullrich von Bassewitz, 2012-06-03. Based on code by Groepaz. ** 2012-06-03, Ullrich von Bassewitz. Based on code by Groepaz.
** 2014-07-16, Greg King
*/ */
#include <fcntl.h> #include <fcntl.h>
@ -15,8 +16,10 @@ void __fastcall__ seekdir (register DIR* dir, long offs)
unsigned char count; unsigned char count;
unsigned char buf[128]; unsigned char buf[128];
/* Make sure we have a reasonable value for offs */ /* Make sure that we have a reasonable value for offs. We reject
if (offs > 0x1000) { ** negative numbers by converting them to (very high) unsigned values.
*/
if ((unsigned long)offs > 0x1000uL) {
errno = EINVAL; errno = EINVAL;
return; return;
} }
@ -32,15 +35,15 @@ void __fastcall__ seekdir (register DIR* dir, long offs)
} }
/* Skip until we've reached the target offset in the directory */ /* Skip until we've reached the target offset in the directory */
o = dir->off = offs; o = dir->off = (unsigned)offs;
while (o) { while (o) {
/* Determine size of next chunk to read */ /* Determine size of next chunk to read */
if (o > sizeof (buf)) { if (o > sizeof (buf)) {
count = sizeof (buf); count = sizeof (buf);
o -= sizeof (buf); o -= sizeof (buf);
} else { } else {
count = offs; count = (unsigned char)o;
o = 0; o = 0;
} }