ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Check result of snprintf for errors and truncation.

pull/3552/head
Doug Nazar 2022-07-31 00:50:41 -04:00
parent 74f8e43b12
commit 8c37846c6c
3 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/zm_fifo_debug.cpp
View File

@ -81,7 +81,11 @@ void zmFifoDbgOutput(
int len = va_arg(arg_ptr, int);
dbg_ptr += snprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), "%d:", len);
for ( int i = 0; i < len; i++ ) {
dbg_ptr += snprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), " %02x", data[i]);
const auto max_len = str_size - (dbg_ptr - dbg_string);
int rc = snprintf(dbg_ptr, max_len, " %02x", data[i]);
if (rc < 0 || rc > max_len)
break;
dbg_ptr += rc;
}
} else {
dbg_ptr += vsnprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), fstring, arg_ptr);

6
src/zm_logger.cpp
View File

@ -481,7 +481,11 @@ void Logger::logPrint(bool hex, const char *filepath, int line, int level, const
int i;
logPtr += snprintf(logPtr, sizeof(logString)-(logPtr-logString), "%d:", len);
for ( i = 0; i < len; i++ ) {
logPtr += snprintf(logPtr, sizeof(logString)-(logPtr-logString), " %02x", data[i]);
const size_t max_len = sizeof(logString) - (logPtr - logString);
int rc = snprintf(logPtr, max_len, " %02x", data[i]);
if (rc < 0 || static_cast<size_t>(rc) > max_len)
break;
logPtr += rc;
}
} else {
logPtr += vsnprintf(logPtr, sizeof(logString)-(logPtr-logString), fstring, argPtr);

11
src/zm_monitor.cpp
View File

@ -2742,24 +2742,29 @@ void Monitor::TimestampImage(Image *ts_image, SystemTimePoint ts_time) const {
while (*s_ptr && ((unsigned int)(d_ptr - label_text) < (unsigned int) sizeof(label_text))) {
if ( *s_ptr == config.timestamp_code_char[0] ) {
const auto max_len = sizeof(label_text) - (d_ptr - label_text);
bool found_macro = false;
int rc = 0;
switch ( *(s_ptr+1) ) {
case 'N' :
d_ptr += snprintf(d_ptr, sizeof(label_text)-(d_ptr-label_text), "%s", name.c_str());
rc = snprintf(d_ptr, max_len, "%s", name.c_str());
found_macro = true;
break;
case 'Q' :
d_ptr += snprintf(d_ptr, sizeof(label_text)-(d_ptr-label_text), "%s", trigger_data->trigger_showtext);
rc = snprintf(d_ptr, max_len, "%s", trigger_data->trigger_showtext);
found_macro = true;
break;
case 'f' :
typedef std::chrono::duration<int64, std::centi> Centiseconds;
Centiseconds centi_sec = std::chrono::duration_cast<Centiseconds>(
ts_time.time_since_epoch() - std::chrono::duration_cast<Seconds>(ts_time.time_since_epoch()));
d_ptr += snprintf(d_ptr, sizeof(label_text) - (d_ptr - label_text), "%02lld", static_cast<long long int>(centi_sec.count()));
rc = snprintf(d_ptr, max_len, "%02lld", static_cast<long long int>(centi_sec.count()));
found_macro = true;
break;
}
if (rc < 0 || static_cast<size_t>(rc) > max_len)
break;
d_ptr += rc;
if ( found_macro ) {
s_ptr += 2;
continue;