Damn Monkey

Merge lp:~flozz/damn-monkey/fix-parser-buffer-overflow into lp:damn-monkey

  1. fix-parser-buffer-overflow
  2. Merge into trunk
Proposed by Fabien LOISON
Status: Merged
Merged at revision: 17
Proposed branch: lp:~flozz/damn-monkey/fix-parser-buffer-overflow
Merge into: lp:damn-monkey
Diff against target: 357 lines (+111/-176)
2 files modified
src/parser.c (+109/-175)
src/parser.h (+2/-1)
To merge this branch: bzr merge lp:~flozz/damn-monkey/fix-parser-buffer-overflow
Reviewer Review Type Date Requested Status
Vincent PEYROUSE (GodezInc) Pending
Review via email: mp+59701@code.launchpad.net
To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'src/parser.c'
2--- src/parser.c 2011-04-30 20:10:07 +0000
3+++ src/parser.c 2011-05-02 20:40:57 +0000
4@@ -30,8 +30,20 @@
5 #include "parser.h"
6
7
8+int is_white_char(char c) {
9+ if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '\0')
10+ {
11+ return 1;
12+ }
13+ else
14+ {
15+ return 0;
16+ }
17+}
18+
19+
20 /**
21- * \fn DM_Line_Splited* split(char *string, char separator)
22+ * \fn DM_Line_Splited* split(char *str, char separator)
23 * \brief Parse the line considered and return an array of string.
24 *
25 * This function read the string in order to create an array of string
26@@ -40,103 +52,71 @@
27 * \param separator The separator char (ex : ';').
28 * \return A DM_Line_Splited containing the array.
29 */
30-DM_Line_Splited* split(char *string, char separator)
31+DM_Line_Splited* split(char *str, char separator)
32 {
33- //Future return initialization
34- DM_Line_Splited *splited = malloc(sizeof(DM_Line_Splited));
35- if (splited == NULL)
36- {
37- fprintf(stderr, "E: Cannot allocate memory.");
38- exit(EXIT_FAILURE);
39- }
40- //Some variables initialization
41- int counter = 0;
42- int items_int = 0;
43- char buffer_c;
44- //String buffer initialization
45- char *buffer = malloc(strlen(string) * sizeof(char));
46- if (buffer == NULL)
47- {
48- fprintf(stderr, "E: Cannot allocate memory.");
49- exit(EXIT_FAILURE);
50- }
51- //First loop allowing the counting of items for allocations operations
52- for (counter=0 ; counter<strlen(string) ; counter++)
53- {
54- if (string[counter] == separator)
55- {
56- items_int++;
57- }
58- else if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')
59- {
60- continue;
61- }
62- else
63- {
64- continue;
65- }
66- }
67-
68- //Allocation of the first dimension of the parameters array
69- splited->parameters = malloc(items_int * sizeof(char*));
70- if (splited->parameters == NULL)
71- {
72- fprintf(stderr, "E: Cannot allocate memory.");
73- exit(EXIT_FAILURE);
74- }
75- //Assignation of the parameters_int thanks to the first loop
76- splited->parameters_int = items_int;
77-
78- items_int = 0;
79-
80- //Second loop allowing the buffering and the creation of the second dimension of the parameters array
81- buffer_c = string[0];
82- //Detects if we have a common char and start buffering -> We got a new item
83- if (buffer_c != ' ' && buffer_c != '\t' && buffer_c != '\r' && buffer_c != '\n' && buffer_c != separator)
84- {
85- strcpy(buffer, &buffer_c);
86- }
87- for (counter=1 ; counter<strlen(string) ; counter++)
88- {
89- if (string[counter-1] == separator)
90- {
91- //Detects if we have an "uncommon" char just after the separator
92- if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')
93- {
94- continue;
95- }
96- //Start of a new buffering -> We got a new item
97- buffer_c = string[counter];
98- strcpy(buffer, &buffer_c);
99- continue;
100- }
101- //Separator found
102- if (string[counter] == separator)
103- {
104- splited->parameters[items_int] = malloc(strlen(buffer) * sizeof(char)); //Allocatation of a new item in the array
105- if (splited->parameters[items_int] == NULL)
106- {
107- fprintf(stderr, "E: Cannot allocate memory.");
108- exit(EXIT_FAILURE);
109- }
110- strcpy(splited->parameters[items_int], buffer); //Assignation of the new item
111- memset(buffer, '\0', strlen(buffer)); //Empty the buffer
112- items_int++; //Incrementation of the parameters array "counter"
113- }
114- //Skip white spaces
115- else if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')
116- {
117- continue;
118- }
119- //Buffer the char
120- else
121- {
122- buffer_c = string[counter];
123- strcat(buffer, &buffer_c);
124- }
125- }
126-
127- return splited;
128+ //Variables declaration
129+ char *buffer = malloc(sizeof(char) * strlen(str));
130+ DM_Line_Splited *splited_line = malloc(sizeof(DM_Line_Splited));
131+ if (splited_line == NULL)
132+ {
133+ fprintf(stderr, "E: Cannot allocate memory.");
134+ exit(EXIT_FAILURE);
135+ }
136+ int numb_fields = 0;
137+ int field_size = 0;
138+ int field = 0;
139+ //Count the number of fields
140+ int i = 0;
141+ while (str[i] != '\0')
142+ {
143+ if (str[i] == separator)
144+ {
145+ numb_fields++;
146+ }
147+ i++;
148+ }
149+ //Allocate the memory in the DM_Line_Splited struct
150+ splited_line->parameters_int = numb_fields;
151+ splited_line->parameters = malloc(numb_fields * sizeof(char*));
152+ if (splited_line->parameters == NULL)
153+ {
154+ fprintf(stderr, "E: Cannot allocate memory.");
155+ exit(EXIT_FAILURE);
156+ }
157+ //Get the fields content
158+ i = 0;
159+ while (str[i] != '\0')
160+ {
161+ field_size = 0;
162+ while (str[i] != '\0')
163+ {
164+ if (str[i] != separator)
165+ {
166+ if (!is_white_char(str[i]))
167+ {
168+ buffer[field_size] = str[i];
169+ field_size++;
170+ }
171+ }
172+ else
173+ {
174+ buffer[field_size] = '\0';
175+ field_size++;
176+ splited_line->parameters[field] = malloc(field_size * sizeof(char));
177+ if (splited_line->parameters[field] == NULL)
178+ {
179+ fprintf(stderr, "E: Cannot allocate memory.");
180+ exit(EXIT_FAILURE);
181+ }
182+ strcpy(splited_line->parameters[field], buffer);
183+ break;
184+ }
185+ i++;
186+ }
187+ i++;
188+ field++;
189+ }
190+ return splited_line;
191 }
192
193
194@@ -172,16 +152,22 @@
195 */
196 DM_Splited* read_file(char *resource_path)
197 {
198- char *buffer = malloc(1000 * sizeof(char));
199- memset(buffer, '\0', strlen(buffer));
200- char filepath[255];
201- char *buffer_c = malloc(sizeof(char));
202- int items_int = 0;
203+ char buffer[1024];
204+ DM_Splited *splited = malloc(sizeof(DM_Splited));
205+ if (splited == NULL)
206+ {
207+ fprintf(stderr, "E: Cannot allocate memory.");
208+ exit(EXIT_FAILURE);
209+ }
210 FILE *file = NULL;
211-
212+ int numb_lines = 0;
213+ int line = 0;
214+ char filepath[128];
215+ //Open the file
216 #ifdef LINUX
217 strcpy(filepath, "/usr/share/games/");
218 strcat(filepath, APP_NAME);
219+ strcat(filepath, "/");
220 strcat(filepath, resource_path);
221 #endif
222 #ifdef WINDOWS
223@@ -197,11 +183,13 @@
224 {
225 strcpy(filepath, "./");
226 strcat(filepath, resource_path);
227+ file = fopen(filepath,"r");
228 }
229 if (file == NULL)
230 {
231 strcpy(filepath, "../");
232 strcat(filepath, resource_path);
233+ file = fopen(filepath,"r");
234 }
235 //If the resource can not be loaded, display an error and exit
236 if (file == NULL)
237@@ -209,84 +197,29 @@
238 fprintf(stderr, "E: Can not load the resource: %s\n", resource_path);
239 exit(EXIT_FAILURE);
240 }
241- else
242+ //Count the number of interresting lines
243+ while (fgets(buffer, 1024, file) != NULL)
244 {
245- *buffer_c = fgetc(file);
246- while (*buffer_c != EOF)
247+ if (buffer[0] != '#' && buffer[0] != '\r' && buffer[0] != '\n')
248 {
249- if (*buffer_c == '#') //We got a comment
250- {
251- while (*buffer_c != '\n' && *buffer_c != '\r') //We read the entire line
252- {
253- *buffer_c = fgetc(file);
254-
255- }
256- *buffer_c = fgetc(file);
257- continue;
258- }
259- else if (*buffer_c == '\n' || *buffer_c == '\r') //We got a blank line
260- {
261- *buffer_c = fgetc(file);
262- }
263- else //Valid line
264- {
265- while (*buffer_c != '\n' && *buffer_c != '\r')
266- {
267- *buffer_c = fgetc(file);
268- }
269- items_int++;
270- *buffer_c = fgetc(file);
271- }
272+ numb_lines++;
273 }
274 }
275-
276+ //Allocate the memory of the DM_Splited
277+ splited->items_int = numb_lines;
278+ splited->lines_array = malloc(numb_lines * sizeof(DM_Line_Splited*));
279+ //Let's go ! (get the lines)
280 rewind(file);
281-
282- DM_Splited *splited = malloc(sizeof(DM_Splited));
283- if (splited == NULL)
284- {
285- fprintf(stderr, "E: Can not load the resource: %s\n", resource_path);
286- exit(EXIT_FAILURE);
287- }
288- splited->items_int = items_int;
289- splited->lines_array = malloc(items_int * sizeof(DM_Line_Splited));
290- items_int = 0;
291-
292- *buffer_c = fgetc(file);
293- while (*buffer_c != EOF)
294- {
295- if (*buffer_c == '#') //We got a comment
296- {
297- while (*buffer_c != '\n' && *buffer_c != '\r') //We read the entire line
298- {
299- *buffer_c = fgetc(file);
300- }
301- *buffer_c = fgetc(file);
302- continue;
303- }
304- else if (*buffer_c == '\n' || *buffer_c == '\r') //We got a blank line
305- {
306- *buffer_c = fgetc(file);
307- continue;
308- }
309- else //Valid line
310- {
311- strcpy(buffer, buffer_c);
312- *buffer_c = fgetc(file);
313- while (*buffer_c != '\n' && *buffer_c != '\r')
314- {
315- strcat(buffer, buffer_c);
316- *buffer_c = fgetc(file);
317- }
318- splited->lines_array[items_int] = split(buffer, ';');
319- items_int++;
320- memset(buffer, '\0', strlen(buffer));
321- *buffer_c = fgetc(file);
322- }
323- }
324-
325+ while (fgets(buffer, 1024, file) != NULL)
326+ {
327+ if (buffer[0] != '#' && buffer[0] != '\r' && buffer[0] != '\n')
328+ {
329+ splited->lines_array[line] = split(buffer, ';');
330+ line++;
331+ }
332+ }
333+ //Close the file
334 fclose(file);
335-
336 return splited;
337 }
338
339@@ -311,3 +244,4 @@
340 free(splited);
341 }
342
343+
344
345=== modified file 'src/parser.h'
346--- src/parser.h 2011-04-30 20:10:07 +0000
347+++ src/parser.h 2011-05-02 20:40:57 +0000
348@@ -39,7 +39,8 @@
349 };
350
351
352-DM_Line_Splited* split(char *string, char separator);
353+int is_white_char(char c);
354+DM_Line_Splited* split(char *str, char separator);
355 void free_dm_line_splited(DM_Line_Splited *line_splited);
356 DM_Splited* read_file(char *resource_path);
357 void free_dm_splited(DM_Splited *splited);

Subscribers

People subscribed via source and target branches

to all changes: