Re: [PATCH] cpukit/mghttpd/mongoose: Fix format truncation warning

Tue, 15 Sep 2020 20:59:47 -0700 

On 15/9/20 7:06 pm, Aschref Ben-Thabet wrote:
> From: Aschref Ben Thabet <aschref.ben-tha...@embedded-brains.de>
> 
> Taking care of the size of buffer to be copied and replace the unsafe
> snprintf() with memcpy().
> The reason why we get a warning on sprintf() is because memcpy() has a
> length parameter that limits how much memory you copy.
> For memcpy(), the input has to be terminated with a \0. If not, it will
> continue out of bounds.
> ---
>  cpukit/mghttpd/mongoose.c | 24 ++++++++++++++++++------
>  1 file changed, 18 insertions(+), 6 deletions(-)
> 
> diff --git a/cpukit/mghttpd/mongoose.c b/cpukit/mghttpd/mongoose.c
> index fb2bce7471..6db0bdb58e 100644
> --- a/cpukit/mghttpd/mongoose.c
> +++ b/cpukit/mghttpd/mongoose.c
> @@ -251,7 +251,7 @@ typedef struct DIR {
>  #define INT64_FMT PRId64
>  typedef int SOCKET;
>  #define WINCDECL
> -
> +#define MIN(a, b)((a) < (b) ? (a) : (b))
>  #endif // End of Windows and UNIX specific includes
>  
>  #ifndef HAVE_POLL
> @@ -1916,12 +1916,24 @@ static void convert_uri_to_file_name(struct 
> mg_connection *conn, char *buf,
>    // we can only do this if the browser declares support
>    if ((accept_encoding = mg_get_header(conn, "Accept-Encoding")) != NULL) {
>      if (strstr(accept_encoding,"gzip") != NULL) {
> -      snprintf(gz_path, sizeof(gz_path), "%s.gz", buf);
> -      if (mg_stat(conn, gz_path, filep)) {
> -        filep->gzipped = 1;
> -        return;
> +      memcpy(gz_path, buf, MIN(strlen(buf) + 1, sizeof(gz_path)));
> +      if (strlen(buf) > sizeof(gz_path) - 1)
> +       strlcpy(gz_path + strlen(gz_path), ".gz", sizeof(gz_path) - 
> strlen(gz_path));
> +      /* else //to be reviewed /

Huh?

> +      {
> +      //memory allocation for gz.path with buf_size + .gz

We use C comments.

> +       mount_path = malloc(strlen(buf) + 1 + sizeof(gz_path);
> +       if (mount_path != NULL))
> +        strlcpy(mount_path, ".gz", sizeof(mount_path));
> +      }
> +          snprintf(gz_path, sizeof(gz_path), "%s.gz", buf*)
> +*/

Sorry I am not reviewing these changes any more.

Chris
_______________________________________________
devel mailing list
devel@rtems.org
http://lists.rtems.org/mailman/listinfo/devel

Reply via email to