diff options
author | Dirk Hohndel <dirk@hohndel.org> | 2012-12-05 13:43:36 -0800 |
---|---|---|
committer | Dirk Hohndel <dirk@hohndel.org> | 2012-12-05 13:43:36 -0800 |
commit | afb53e387b53e482df25889608a8777fbc9ad0ae (patch) | |
tree | 77fa5459938cc8464b1b0f442f1a715e11c7dcf8 | |
parent | 240442cec95df282c9e6db2314c66380314b85fc (diff) | |
download | subsurface-afb53e387b53e482df25889608a8777fbc9ad0ae.tar.gz |
Fix retrieval of object_id value in Uemis downloader
The existing code could read past the end of the buffer that was handed to
it.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
-rw-r--r-- | uemis-downloader.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/uemis-downloader.c b/uemis-downloader.c index abd131a07..722b4ea08 100644 --- a/uemis-downloader.c +++ b/uemis-downloader.c @@ -322,9 +322,10 @@ static gboolean next_file(int max) static char *first_object_id_val(char* buf) { - char *object; + char *object, *bufend; if (!buf) return NULL; + bufend = buf + strlen(buf); object = strstr(buf, "object_id"); if (object) { /* get the value */ @@ -332,12 +333,18 @@ static char *first_object_id_val(char* buf) char *p = object + 14; char *t = tmp; - if (p < buf + strlen(buf)) { - while (*p != '{' && t < tmp + 9) - *t++ = *p++; +#if UEMIS_DEBUG & 2 + char debugbuf[50]; + strncpy(debugbuf, object, 49); + debugbuf[49] = '\0'; + fprintf(debugfile, "buf |%s|\n", debugbuf); +#endif + while (p < bufend && *p != '{' && t < tmp + 9) + *t++ = *p++; + if (*p == '{') { *t = '\0'; + return strdup(tmp); } - return strdup(tmp); } return NULL; } @@ -350,6 +357,9 @@ static void show_progress(char *buf, char *what) char *val = first_object_id_val(buf); if (val) { /* let the user know what we are working on */ +#if UEMIS_DEBUG & 2 + fprintf(debugfile,"reading %s %s\n", what, val); +#endif uemis_info(_("Reading %s %s"), what, val); free(val); } |