Damn Monkey

Merge lp:~flozz/damn-monkey/fix-parser-buffer-overflow into lp:damn-monkey

  1. fix-parser-buffer-overflow
  2. Merge into trunk
Proposed by Fabien LOISON
Status: Merged
Merged at revision: 17
Proposed branch: lp:~flozz/damn-monkey/fix-parser-buffer-overflow
Merge into: lp:damn-monkey
Diff against target: 357 lines (+111/-176)
2 files modified
src/parser.c (+109/-175)
src/parser.h (+2/-1)
To merge this branch: bzr merge lp:~flozz/damn-monkey/fix-parser-buffer-overflow
Reviewer Review Type Date Requested Status
Vincent PEYROUSE (GodezInc) Pending
Review via email: mp+59701@code.launchpad.net
To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'src/parser.c'
--- src/parser.c 2011-04-30 20:10:07 +0000
+++ src/parser.c 2011-05-02 20:40:57 +0000
@@ -30,8 +30,20 @@
30#include "parser.h"30#include "parser.h"
3131
3232
33int is_white_char(char c) {
34 if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '\0')
35 {
36 return 1;
37 }
38 else
39 {
40 return 0;
41 }
42}
43
44
33/**45/**
34 * \fn DM_Line_Splited* split(char *string, char separator)46 * \fn DM_Line_Splited* split(char *str, char separator)
35 * \brief Parse the line considered and return an array of string.47 * \brief Parse the line considered and return an array of string.
36 *48 *
37 * This function read the string in order to create an array of string49 * This function read the string in order to create an array of string
@@ -40,103 +52,71 @@
40 * \param separator The separator char (ex : ';').52 * \param separator The separator char (ex : ';').
41 * \return A DM_Line_Splited containing the array.53 * \return A DM_Line_Splited containing the array.
42 */54 */
43DM_Line_Splited* split(char *string, char separator)55DM_Line_Splited* split(char *str, char separator)
44{56{
45 //Future return initialization57 //Variables declaration
46 DM_Line_Splited *splited = malloc(sizeof(DM_Line_Splited));58 char *buffer = malloc(sizeof(char) * strlen(str));
47 if (splited == NULL)59 DM_Line_Splited *splited_line = malloc(sizeof(DM_Line_Splited));
48 {60 if (splited_line == NULL)
49 fprintf(stderr, "E: Cannot allocate memory.");61 {
50 exit(EXIT_FAILURE);62 fprintf(stderr, "E: Cannot allocate memory.");
51 }63 exit(EXIT_FAILURE);
52 //Some variables initialization64 }
53 int counter = 0;65 int numb_fields = 0;
54 int items_int = 0;66 int field_size = 0;
55 char buffer_c;67 int field = 0;
56 //String buffer initialization68 //Count the number of fields
57 char *buffer = malloc(strlen(string) * sizeof(char));69 int i = 0;
58 if (buffer == NULL)70 while (str[i] != '\0')
59 {71 {
60 fprintf(stderr, "E: Cannot allocate memory.");72 if (str[i] == separator)
61 exit(EXIT_FAILURE);73 {
62 }74 numb_fields++;
63 //First loop allowing the counting of items for allocations operations75 }
64 for (counter=0 ; counter<strlen(string) ; counter++)76 i++;
65 {77 }
66 if (string[counter] == separator)78 //Allocate the memory in the DM_Line_Splited struct
67 {79 splited_line->parameters_int = numb_fields;
68 items_int++;80 splited_line->parameters = malloc(numb_fields * sizeof(char*));
69 }81 if (splited_line->parameters == NULL)
70 else if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')82 {
71 {83 fprintf(stderr, "E: Cannot allocate memory.");
72 continue;84 exit(EXIT_FAILURE);
73 }85 }
74 else86 //Get the fields content
75 {87 i = 0;
76 continue;88 while (str[i] != '\0')
77 }89 {
78 }90 field_size = 0;
79 91 while (str[i] != '\0')
80 //Allocation of the first dimension of the parameters array92 {
81 splited->parameters = malloc(items_int * sizeof(char*));93 if (str[i] != separator)
82 if (splited->parameters == NULL)94 {
83 {95 if (!is_white_char(str[i]))
84 fprintf(stderr, "E: Cannot allocate memory.");96 {
85 exit(EXIT_FAILURE);97 buffer[field_size] = str[i];
86 }98 field_size++;
87 //Assignation of the parameters_int thanks to the first loop99 }
88 splited->parameters_int = items_int;100 }
89 101 else
90 items_int = 0;102 {
91 103 buffer[field_size] = '\0';
92 //Second loop allowing the buffering and the creation of the second dimension of the parameters array104 field_size++;
93 buffer_c = string[0];105 splited_line->parameters[field] = malloc(field_size * sizeof(char));
94 //Detects if we have a common char and start buffering -> We got a new item106 if (splited_line->parameters[field] == NULL)
95 if (buffer_c != ' ' && buffer_c != '\t' && buffer_c != '\r' && buffer_c != '\n' && buffer_c != separator)107 {
96 {108 fprintf(stderr, "E: Cannot allocate memory.");
97 strcpy(buffer, &buffer_c); 109 exit(EXIT_FAILURE);
98 }110 }
99 for (counter=1 ; counter<strlen(string) ; counter++)111 strcpy(splited_line->parameters[field], buffer);
100 {112 break;
101 if (string[counter-1] == separator)113 }
102 {114 i++;
103 //Detects if we have an "uncommon" char just after the separator115 }
104 if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')116 i++;
105 {117 field++;
106 continue;118 }
107 }119 return splited_line;
108 //Start of a new buffering -> We got a new item
109 buffer_c = string[counter];
110 strcpy(buffer, &buffer_c);
111 continue;
112 }
113 //Separator found
114 if (string[counter] == separator)
115 {
116 splited->parameters[items_int] = malloc(strlen(buffer) * sizeof(char)); //Allocatation of a new item in the array
117 if (splited->parameters[items_int] == NULL)
118 {
119 fprintf(stderr, "E: Cannot allocate memory.");
120 exit(EXIT_FAILURE);
121 }
122 strcpy(splited->parameters[items_int], buffer); //Assignation of the new item
123 memset(buffer, '\0', strlen(buffer)); //Empty the buffer
124 items_int++; //Incrementation of the parameters array "counter"
125 }
126 //Skip white spaces
127 else if (string[counter] == ' ' || string[counter] == '\t' || string[counter] == '\r' || string[counter] == '\n')
128 {
129 continue;
130 }
131 //Buffer the char
132 else
133 {
134 buffer_c = string[counter];
135 strcat(buffer, &buffer_c);
136 }
137 }
138
139 return splited;
140}120}
141121
142122
@@ -172,16 +152,22 @@
172 */152 */
173DM_Splited* read_file(char *resource_path)153DM_Splited* read_file(char *resource_path)
174{154{
175 char *buffer = malloc(1000 * sizeof(char));155 char buffer[1024];
176 memset(buffer, '\0', strlen(buffer));156 DM_Splited *splited = malloc(sizeof(DM_Splited));
177 char filepath[255];157 if (splited == NULL)
178 char *buffer_c = malloc(sizeof(char));158 {
179 int items_int = 0;159 fprintf(stderr, "E: Cannot allocate memory.");
160 exit(EXIT_FAILURE);
161 }
180 FILE *file = NULL;162 FILE *file = NULL;
181 163 int numb_lines = 0;
164 int line = 0;
165 char filepath[128];
166 //Open the file
182 #ifdef LINUX167 #ifdef LINUX
183 strcpy(filepath, "/usr/share/games/");168 strcpy(filepath, "/usr/share/games/");
184 strcat(filepath, APP_NAME);169 strcat(filepath, APP_NAME);
170 strcat(filepath, "/");
185 strcat(filepath, resource_path);171 strcat(filepath, resource_path);
186 #endif172 #endif
187 #ifdef WINDOWS173 #ifdef WINDOWS
@@ -197,11 +183,13 @@
197 {183 {
198 strcpy(filepath, "./");184 strcpy(filepath, "./");
199 strcat(filepath, resource_path);185 strcat(filepath, resource_path);
186 file = fopen(filepath,"r");
200 }187 }
201 if (file == NULL)188 if (file == NULL)
202 {189 {
203 strcpy(filepath, "../");190 strcpy(filepath, "../");
204 strcat(filepath, resource_path);191 strcat(filepath, resource_path);
192 file = fopen(filepath,"r");
205 }193 }
206 //If the resource can not be loaded, display an error and exit194 //If the resource can not be loaded, display an error and exit
207 if (file == NULL)195 if (file == NULL)
@@ -209,84 +197,29 @@
209 fprintf(stderr, "E: Can not load the resource: %s\n", resource_path);197 fprintf(stderr, "E: Can not load the resource: %s\n", resource_path);
210 exit(EXIT_FAILURE);198 exit(EXIT_FAILURE);
211 }199 }
212 else200 //Count the number of interresting lines
201 while (fgets(buffer, 1024, file) != NULL)
213 {202 {
214 *buffer_c = fgetc(file);203 if (buffer[0] != '#' && buffer[0] != '\r' && buffer[0] != '\n')
215 while (*buffer_c != EOF)
216 {204 {
217 if (*buffer_c == '#') //We got a comment205 numb_lines++;
218 {
219 while (*buffer_c != '\n' && *buffer_c != '\r') //We read the entire line
220 {
221 *buffer_c = fgetc(file);
222
223 }
224 *buffer_c = fgetc(file);
225 continue;
226 }
227 else if (*buffer_c == '\n' || *buffer_c == '\r') //We got a blank line
228 {
229 *buffer_c = fgetc(file);
230 }
231 else //Valid line
232 {
233 while (*buffer_c != '\n' && *buffer_c != '\r')
234 {
235 *buffer_c = fgetc(file);
236 }
237 items_int++;
238 *buffer_c = fgetc(file);
239 }
240 }206 }
241 }207 }
242 208 //Allocate the memory of the DM_Splited
209 splited->items_int = numb_lines;
210 splited->lines_array = malloc(numb_lines * sizeof(DM_Line_Splited*));
211 //Let's go ! (get the lines)
243 rewind(file);212 rewind(file);
244 213 while (fgets(buffer, 1024, file) != NULL)
245 DM_Splited *splited = malloc(sizeof(DM_Splited));214 {
246 if (splited == NULL)215 if (buffer[0] != '#' && buffer[0] != '\r' && buffer[0] != '\n')
247 {216 {
248 fprintf(stderr, "E: Can not load the resource: %s\n", resource_path);217 splited->lines_array[line] = split(buffer, ';');
249 exit(EXIT_FAILURE);218 line++;
250 }219 }
251 splited->items_int = items_int;220 }
252 splited->lines_array = malloc(items_int * sizeof(DM_Line_Splited));221 //Close the file
253 items_int = 0;
254
255 *buffer_c = fgetc(file);
256 while (*buffer_c != EOF)
257 {
258 if (*buffer_c == '#') //We got a comment
259 {
260 while (*buffer_c != '\n' && *buffer_c != '\r') //We read the entire line
261 {
262 *buffer_c = fgetc(file);
263 }
264 *buffer_c = fgetc(file);
265 continue;
266 }
267 else if (*buffer_c == '\n' || *buffer_c == '\r') //We got a blank line
268 {
269 *buffer_c = fgetc(file);
270 continue;
271 }
272 else //Valid line
273 {
274 strcpy(buffer, buffer_c);
275 *buffer_c = fgetc(file);
276 while (*buffer_c != '\n' && *buffer_c != '\r')
277 {
278 strcat(buffer, buffer_c);
279 *buffer_c = fgetc(file);
280 }
281 splited->lines_array[items_int] = split(buffer, ';');
282 items_int++;
283 memset(buffer, '\0', strlen(buffer));
284 *buffer_c = fgetc(file);
285 }
286 }
287
288 fclose(file);222 fclose(file);
289
290 return splited;223 return splited;
291}224}
292225
@@ -311,3 +244,4 @@
311 free(splited);244 free(splited);
312}245}
313246
247
314248
=== modified file 'src/parser.h'
--- src/parser.h 2011-04-30 20:10:07 +0000
+++ src/parser.h 2011-05-02 20:40:57 +0000
@@ -39,7 +39,8 @@
39};39};
4040
4141
42DM_Line_Splited* split(char *string, char separator);42int is_white_char(char c);
43DM_Line_Splited* split(char *str, char separator);
43void free_dm_line_splited(DM_Line_Splited *line_splited);44void free_dm_line_splited(DM_Line_Splited *line_splited);
44DM_Splited* read_file(char *resource_path);45DM_Splited* read_file(char *resource_path);
45void free_dm_splited(DM_Splited *splited);46void free_dm_splited(DM_Splited *splited);

Subscribers

People subscribed via source and target branches

to all changes: