Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-01-13 09:11:49 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix 6 overflows in r_str_highlight, needs proper refactor

Browse Source
This commit is contained in:
pancake 2017-06-24 20:41:04 +02:00
parent 87fe418092
commit 4e6e19c07d
1 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
libr/util/str.c
View File

@ -2678,7 +2678,7 @@ static int strncpy_with_color_codes(char *s1, char *s2, int n) {
}
if (s2[j]) {
s1[i++] = s2[j++];
count += 1;
count++;
}
}
return i;
@ -2735,52 +2735,64 @@ static char *strchr_skip_color_codes(const char *s, int c) {
}
// Global buffer to speed up colorizing performance
#define COLORIZE_BUFSIZE 1024
static char o[COLORIZE_BUFSIZE];
R_API char* r_str_highlight(char *str, const char *word, const char *color) {
ut32 i = 0, j = 0, to_copy;
char *start = str;
ut32 l_str = strlen (str);
ut32 l_reset = strlen (Color_BGRESET);
ut32 l_color = color?strlen (color):0;
ut32 l_word = word?strlen (word):0;
ut32 l_color = color? strlen (color): 0;
ut32 l_word = word? strlen (word): 0;
if (!str || !*str) {
return NULL;
}
if (!color) {
return strdup (str);
}
memset (o, 0, COLORIZE_BUFSIZE);
if (!word ||!*word) {
strcpy (o, color);
j += l_color;
strcpy (o + j, str);
j += strlen (str);
strcpy (o + j, Color_BGRESET);
return strdup (o);
return r_str_newf ("%s%s%s", color, str, Color_BGRESET);
}
char o[1024] = {0};
while (start && (start < str + l_str)) {
int copied = 0;
// find first letter
start = strchr_skip_color_codes (str + i, *word);
if (start) {
to_copy = start - (str + i);
if (to_copy + j + 1 > sizeof (o)) {
// XXX. no limits
break;
}
strncpy (o + j, str + i, to_copy);
i += to_copy;
j += to_copy;
if (!strncmp_skip_color_codes (start, word, l_word)) {
if (j + strlen (color) >= sizeof (o)) {
// XXX. no limits
break;
}
strcpy (o + j, color);
j += l_color;
if (j + l_word >= sizeof (o)) {
// XXX. no limits
break;
}
copied = strncpy_with_color_codes (o + j, str + i, l_word);
i += copied;
j += copied;
if (j + strlen (Color_BGRESET) >= sizeof (o)) {
// XXX. no limits
break;
}
strcpy (o + j, Color_BGRESET);
j += l_reset;
} else {
o[j++] = str[i++];
}
} else {
if (j + strlen (str + i) >= sizeof (o)) {
break;
}
strcpy (o + j, str + i);
break;
}