bbs/deb-goldedplus
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Prevent buffer overflows: 1 - Use dinamic arrays and std::string instead arrays created in stack, 2 - check pointers in parameters of functions

Browse Source
This commit is contained in:
Stas Degteff 2011-03-15 06:50:50 +00:00
parent 39bccb92ba
commit 48a1bf6e0b
2 changed files with 170 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
goldlib/gall/gespell.cpp
View File

@ -35,9 +35,12 @@
#endif #endif
#include <vector> #include <vector>
#include <string>
#include <gdirposx.h> #include <gdirposx.h>
#include <gstrall.h> #include <gstrall.h>
#include <glog.h>
#include <gdbgerr.h>
#if !defined(GCFG_NO_MYSPELL) #if !defined(GCFG_NO_MYSPELL)
#include <hunspell.hxx> #include <hunspell.hxx>
#endif #endif
@ -195,6 +198,13 @@ bool CMSSpellLang::Init(HKEY hKey, const char *name)
bool result = false; bool result = false;
int error; int error;
HKEY hKeyLang; HKEY hKeyLang;
if (!name)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::Init(hkey,NULL). "
"This is bug in program, please make report to developers." );
return false;
}
byte engine[_MAX_PATH]; byte engine[_MAX_PATH];
byte dictionary[_MAX_PATH]; byte dictionary[_MAX_PATH];
@ -204,12 +214,13 @@ bool CMSSpellLang::Init(HKEY hKey, const char *name)
mLIDC = atoi(name); mLIDC = atoi(name);
strcpy(mLangCode, name); strcpy(mLangCode, name);
char name2[1024]; char *name2 = new char[strlen(name)+8];
strcpy(name2, name); strcpy(name2, name);
strcat(name2, "\\Normal"); strcat(name2, "\\Normal");
error = RegOpenKeyEx(hKey, name2, 0, KEY_READ, &hKeyLang); error = RegOpenKeyEx(hKey, name2, 0, KEY_READ, &hKeyLang);
CHECK_ERROR(cleanup0); CHECK_ERROR(cleanup0);
delete[] name2;
error = RegQueryValueEx(hKeyLang, "Engine", NULL, NULL, engine, &esize); error = RegQueryValueEx(hKeyLang, "Engine", NULL, NULL, engine, &esize);
CHECK_ERROR(cleanup1); CHECK_ERROR(cleanup1);
@ -233,6 +244,13 @@ cleanup0:
bool CMSSpellLang::Load(const char *codeset, const char *userdic) bool CMSSpellLang::Load(const char *codeset, const char *userdic)
{ {
bool result = false; bool result = false;
if (!codeset)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::Load(NULL,userdic). "
"This is bug in program, please make report to developers." );
return false;
}
if( mLibrary != NULL ) return true; // Already loaded if( mLibrary != NULL ) return true; // Already loaded
mLibrary = LoadLibrary(mEngine); mLibrary = LoadLibrary(mEngine);
@ -332,6 +350,13 @@ void CMSSpellLang::UnLoad()
void CMSSpellLang::BuildRTable(const char *codeset) void CMSSpellLang::BuildRTable(const char *codeset)
{ {
char codeset2[20]; char codeset2[20];
if (!codeset)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::BuildRTable(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
strcpy(codeset2, "CP"); strcpy(codeset2, "CP");
GetLocaleInfo(mLIDC, LOCALE_IDEFAULTANSICODEPAGE, &codeset2[2], sizeof(codeset2)-2); GetLocaleInfo(mLIDC, LOCALE_IDEFAULTANSICODEPAGE, &codeset2[2], sizeof(codeset2)-2);
@ -351,6 +376,13 @@ void CMSSpellLang::BuildRTable(const char *codeset)
void CMSSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest) void CMSSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::BuildSuggest(NULL,suggest). "
"This is bug in program, please make report to developers." );
return false;
}
if (!SpellSuggest(text, false)) return; if (!SpellSuggest(text, false)) return;
bool flag = true; bool flag = true;
@ -386,10 +418,17 @@ void CMSSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest)
bool CMSSpellLang::SpellCheck(const char *text) bool CMSSpellLang::SpellCheck(const char *text)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::SpellCheck(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
if (!IsMdrLoaded()) return true; if (!IsMdrLoaded()) return true;
mSIB.wSpellState = 0; mSIB.wSpellState = 0;
mSIB.lrgChr = (char*)text; mSIB.lrgChr = strdup(text);
mSIB.cChr = strlen(text); mSIB.cChr = strlen(text);
mSRB.cChr = sizeof(mSZ); mSRB.cChr = sizeof(mSZ);
@ -398,6 +437,7 @@ bool CMSSpellLang::SpellCheck(const char *text)
mSRB.lrgbRate = mRate; mSRB.lrgbRate = mRate;
SEC error = mSpellCheck(mSLID, SC_SCCC_VerifyBuffer, &mSIB, &mSRB); SEC error = mSpellCheck(mSLID, SC_SCCC_VerifyBuffer, &mSIB, &mSRB);
free( mSIB.lrgChr ); mSIB.lrgChr = NULL;
if (error & 0xFF) return false; if (error & 0xFF) return false;
return mSRB.scrs == SC_SRCS_NoErrors; return mSRB.scrs == SC_SRCS_NoErrors;
@ -408,10 +448,17 @@ bool CMSSpellLang::SpellCheck(const char *text)
bool CMSSpellLang::SpellSuggest(const char *text, bool more) bool CMSSpellLang::SpellSuggest(const char *text, bool more)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::SpellSuggest(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
if (!IsMdrLoaded()) return false; if (!IsMdrLoaded()) return false;
mSIB.wSpellState = 0; mSIB.wSpellState = 0;
mSIB.lrgChr = (char*)text; mSIB.lrgChr = strdup(text);
mSIB.cChr = strlen(text); mSIB.cChr = strlen(text);
memset(mSZ, 0, sizeof(mSZ)); memset(mSZ, 0, sizeof(mSZ));
@ -422,6 +469,7 @@ bool CMSSpellLang::SpellSuggest(const char *text, bool more)
mSRB.lrgbRate = mRate; mSRB.lrgbRate = mRate;
SEC error = mSpellCheck(mSLID, more ? SC_SCCC_SuggestMore : SC_SCCC_Suggest, &mSIB, &mSRB); SEC error = mSpellCheck(mSLID, more ? SC_SCCC_SuggestMore : SC_SCCC_Suggest, &mSIB, &mSRB);
free( mSIB.lrgChr ); mSIB.lrgChr = NULL;
if (error & 0xFF) return false; if (error & 0xFF) return false;
return mSRB.scrs == SC_SRCS_NoErrors; return mSRB.scrs == SC_SRCS_NoErrors;
@ -432,8 +480,17 @@ bool CMSSpellLang::SpellSuggest(const char *text, bool more)
bool CMSSpellLang::AddWord(const char *text) bool CMSSpellLang::AddWord(const char *text)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMSSpellLang::AddWord(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
if (!IsMdrLoaded()) return false; if (!IsMdrLoaded()) return false;
SEC error = mSpellAddUdr(mSLID, mUDR, (char*)text); char *t = strdup(text);
SEC error = mSpellAddUdr(mSLID, mUDR, t);
free(t);
return (error & 0xFF) == 0; return (error & 0xFF) == 0;
} }
@ -452,6 +509,13 @@ bool CMSSpellLang::AddWord(const char *text)
bool CMYSpellLang::Init(const gdirentry *entry) bool CMYSpellLang::Init(const gdirentry *entry)
{ {
if (!entry)
{
LOG.errpointer(__FILE__, __LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::Init(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
gposixdir dir(entry->dirname); gposixdir dir(entry->dirname);
std::string affname = entry->name.substr(0, entry->name.length()-4); std::string affname = entry->name.substr(0, entry->name.length()-4);
@ -478,6 +542,13 @@ bool CMYSpellLang::Init(const gdirentry *entry)
bool CMYSpellLang::Load(const char *codeset, const char *) bool CMYSpellLang::Load(const char *codeset, const char *)
{ {
if (!codeset)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::Load(NULL,). "
"This is bug in program, please make report to developers." );
return false;
}
if (mMSpell) return mIsMdrLoaded; if (mMSpell) return mIsMdrLoaded;
mMSpell = new Hunspell(mEngine, mDictionary); mMSpell = new Hunspell(mEngine, mDictionary);
@ -510,6 +581,13 @@ void CMYSpellLang::UnLoad()
void CMYSpellLang::BuildRTable(const char *codeset) void CMYSpellLang::BuildRTable(const char *codeset)
{ {
if (!codeset)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::BuildRTable(NULL). "
"This is bug in program, please make report to developers." );
return;
}
LoadCharset(codeset, mMSpell->get_dic_encoding()); LoadCharset(codeset, mMSpell->get_dic_encoding());
mToDicTable = new Chs; mToDicTable = new Chs;
memset(mToDicTable, 0, sizeof(Chs)); memset(mToDicTable, 0, sizeof(Chs));
@ -526,15 +604,23 @@ void CMYSpellLang::BuildRTable(const char *codeset)
void CMYSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest) void CMYSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::BuildSuggest(NULL,suggest). "
"This is bug in program, please make report to developers." );
return;
}
char ** wlst = NULL; char ** wlst = NULL;
int ns = mMSpell->suggest(&wlst, text); int ns = mMSpell->suggest(&wlst, text);
for (int i=0; i < ns; i++) for (int i=0; i < ns; i++)
{ {
char buff[1024]; char *buff = new char[strlen(wlst[i])+1];
RecodeText(wlst[i], buff, false); RecodeText(wlst[i], buff, false);
suggest.push_back(std::pair<byte, std::string>(0, " " + std::string(buff) + char(' '))); suggest.push_back(std::pair<byte, std::string>(0, " " + std::string(buff) + char(' ')));
free(wlst[i]); free(wlst[i]);
delete[] buff;
} }
free(wlst); free(wlst);
@ -545,6 +631,13 @@ void CMYSpellLang::BuildSuggest(const char *text, CSpellSuggestV &suggest)
bool CMYSpellLang::SpellCheck(const char *text) bool CMYSpellLang::SpellCheck(const char *text)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::SpellCheck(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
if (!IsMdrLoaded()) return true; if (!IsMdrLoaded()) return true;
if (mMSpell->spell(text)) if (mMSpell->spell(text))
@ -558,6 +651,12 @@ bool CMYSpellLang::SpellCheck(const char *text)
bool CMYSpellLang::AddWord(const char *text) bool CMYSpellLang::AddWord(const char *text)
{ {
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CMYSpellLang::AddWord(NULL). "
"This is bug in program, please make report to developers." );
}
return false; return false;
} }
@ -571,6 +670,13 @@ bool CMYSpellLang::AddWord(const char *text)
void CSpellLang::RecodeText(const char *srcText, char *dstText, bool flag) void CSpellLang::RecodeText(const char *srcText, char *dstText, bool flag)
{ {
if (!srcText || !dstText)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer in CSpellLang::RecodeText. "
"This is bug in program, please make report to developers." );
return;
}
if (flag) if (flag)
XlatStr(dstText, srcText, mToDicTable->level, mToDicTable); XlatStr(dstText, srcText, mToDicTable->level, mToDicTable);
else else
@ -578,12 +684,33 @@ void CSpellLang::RecodeText(const char *srcText, char *dstText, bool flag)
} }
void CSpellLang::RecodeText(const char *srcText, std::string &dstText, bool flag)
{
if (!srcText)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CSpellLang::RecodeText(NULL,dstText,flag). "
"This is bug in program, please make report to developers." );
return;
}
size_t srcLen=strlen(srcText);
char *dstbuffer = new char[srcLen+1];
if (dstbuffer) {
*dstbuffer = '\0';
if (flag)
XlatStr(dstbuffer, srcText, mToDicTable->level, mToDicTable);
else
XlatStr(dstbuffer, srcText, mToLocTable->level, mToLocTable);
dstText.assign(dstbuffer);
delete[] dstbuffer;
}
}
// ------------------------------------------------------------------ // ------------------------------------------------------------------
CSpellChecker::CSpellChecker() CSpellChecker::CSpellChecker()
{ {
mInited = false; mInited = false;
mText[0] = 0;
} }
@ -591,6 +718,14 @@ CSpellChecker::CSpellChecker()
bool CSpellChecker::Init(const char *codeset, const char *dicPath) bool CSpellChecker::Init(const char *codeset, const char *dicPath)
{ {
if (!codeset)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CSpellChecker::Init(NULL,dicPath). "
"This is bug in program, please make report to developers." );
return false;
}
#if !defined(GCFG_NO_MSSPELL) #if !defined(GCFG_NO_MSSPELL)
int error; int error;
@ -668,6 +803,13 @@ void CSpellChecker::Close()
bool CSpellChecker::Load(const char *langId, const char *userDic) bool CSpellChecker::Load(const char *langId, const char *userDic)
{ {
if (!langId)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CSpellChecker::Load(NULL,userDic). "
"This is bug in program, please make report to developers." );
return false;
}
if (!IsInited()) return false; if (!IsInited()) return false;
if (IsLoaded(langId)) if (IsLoaded(langId))
@ -708,6 +850,13 @@ void CSpellChecker::UnLoad()
void CSpellChecker::UnLoad(const char *langId) void CSpellChecker::UnLoad(const char *langId)
{ {
if (!langId)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CSpellChecker::UnLoad(NULL). "
"This is bug in program, please make report to developers." );
return;
}
if (!IsLoaded()) return; if (!IsLoaded()) return;
CSpellLangV::iterator it; CSpellLangV::iterator it;
@ -728,12 +877,19 @@ void CSpellChecker::UnLoad(const char *langId)
bool CSpellChecker::Check(const char *text) bool CSpellChecker::Check(const char *text)
{ {
if (!IsLoaded()) return true; if (!IsLoaded()) return true;
if (!text)
{
LOG.errpointer(__FILE__,__LINE__);
LOG.printf( "! Parameter is NULL pointer: CSpellChecker::Check(NULL). "
"This is bug in program, please make report to developers." );
return false;
}
CSpellLangV::iterator it; CSpellLangV::iterator it;
for (it = mLangsLoaded.begin(); it != mLangsLoaded.end(); it++) for (it = mLangsLoaded.begin(); it != mLangsLoaded.end(); it++)
{ {
(*it)->RecodeText(text, mText, true); (*it)->RecodeText(text, mText, true);
if ((*it)->SpellCheck(mText)) if ((*it)->SpellCheck(mText.c_str()))
{ {
return true; return true;
} }
@ -754,7 +910,7 @@ CSpellSuggestV &CSpellChecker::Suggest()
CSpellLangV::iterator it; CSpellLangV::iterator it;
for (it = mLangsLoaded.begin(); it != mLangsLoaded.end(); it++) for (it = mLangsLoaded.begin(); it != mLangsLoaded.end(); it++)
{ {
(*it)->BuildSuggest(mText, allSuggests); (*it)->BuildSuggest(mText.c_str(), allSuggests);
} }
CSpellSuggestV::iterator all; CSpellSuggestV::iterator all;
@ -792,7 +948,7 @@ bool CSpellChecker::AddWord()
{ {
if ((*it)->GetSpellType() == SCHECKET_TYPE_MSSPELL) if ((*it)->GetSpellType() == SCHECKET_TYPE_MSSPELL)
{ {
return (*it)->AddWord(mText); return (*it)->AddWord(mText.c_str());
} }
} }
} }

6
goldlib/gall/gespell.h
View File

@ -89,7 +89,11 @@ public:
virtual void UnLoad() = 0; virtual void UnLoad() = 0;
virtual void BuildRTable(const char *codeset) = 0; virtual void BuildRTable(const char *codeset) = 0;
// Translate encoding:
// flag=1: translate to charset of dictionnary, flag=0: translate to charset of locale
void RecodeText(const char *srcText, char *dstText, bool flag); void RecodeText(const char *srcText, char *dstText, bool flag);
void RecodeText(const char *srcText, std::string &dstText, bool flag);
virtual void BuildSuggest(const char *text, CSpellSuggestV &suggest) = 0; virtual void BuildSuggest(const char *text, CSpellSuggestV &suggest) = 0;
@ -287,7 +291,7 @@ class CSpellChecker
{ {
private: private:
bool mInited; bool mInited;
char mText[1024]; std::string mText;
char mXlatLocalset[256]; char mXlatLocalset[256];