mirror
/
OpenTTD
mirror of https://github.com/OpenTTD/OpenTTD
1
0
Fork 0
Code Issues

(svn r307) -Fix: Several potential buffer-overflow fixes, and removal of 'magic-numbers' in favour of constants. (Tron)

release/0.4.5
darkvater 2004-09-21 21:40:59 +00:00
parent 475ef74ab7
commit cd01b3890a
2 changed files with 68 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
console.c
View File

@ -14,7 +14,10 @@
#include <windows.h> #include <windows.h>
#endif #endif
#define ICONSOLE_BUFFER_SIZE 80 #define ICON_BUFFER 79
#define ICON_CMDBUF_SIZE 20
#define ICON_CMDLN_SIZE 255
#define ICON_LINE_HEIGHT 12
typedef enum { typedef enum {
ICONSOLE_OPENED, ICONSOLE_OPENED,
@ -23,9 +26,9 @@ typedef enum {
// ** main console ** // // ** main console ** //
static bool _iconsole_inited; static bool _iconsole_inited;
static char* _iconsole_buffer[ICONSOLE_BUFFER_SIZE]; static char* _iconsole_buffer[ICON_BUFFER + 1];
static char _iconsole_cbuffer[ICONSOLE_BUFFER_SIZE]; static char _iconsole_cbuffer[ICON_BUFFER + 1];
static char _iconsole_cmdline[255]; static char _iconsole_cmdline[ICON_CMDLN_SIZE];
static byte _iconsole_cmdpos; static byte _iconsole_cmdpos;
static _iconsole_modes _iconsole_mode = ICONSOLE_CLOSED; static _iconsole_modes _iconsole_mode = ICONSOLE_CLOSED;
static Window* _iconsole_win = NULL; static Window* _iconsole_win = NULL;
@ -41,8 +44,8 @@ byte _stdlib_developer = 1;
bool _stdlib_con_developer = false; bool _stdlib_con_developer = false;
FILE* _iconsole_output_file; FILE* _iconsole_output_file;
// ** main console cmd buffer ** // sign_de: especially for Celestar :D // ** main console cmd buffer
static char* _iconsole_cmdbuffer[20]; static char* _iconsole_cmdbuffer[ICON_CMDBUF_SIZE];
static byte _iconsole_cmdbufferpos; static byte _iconsole_cmdbufferpos;
// ** console window ** // // ** console window ** //
@ -73,8 +76,9 @@ static void IConsoleAppendClipboard(void)
cbuf = GetClipboardData(CF_TEXT); cbuf = GetClipboardData(CF_TEXT);
data = GlobalLock(cbuf); data = GlobalLock(cbuf);
for (; IS_INT_INSIDE(*data, 32, 256); ++data) /* XXX magic numbers */ /* IS_INT_INSIDE = filter for ascii-function codes like BELL and so on [we need an special filter here later] */
_iconsole_cmdline[_iconsole_cmdpos++] = *data; /* XXX prone to buffer overflow */ for (; (IS_INT_INSIDE(*data, ' ', 256)) && (_iconsole_cmdpos < lengthof(_iconsole_cmdline) - 1); ++data)
_iconsole_cmdline[_iconsole_cmdpos++] = *data;
GlobalUnlock(cbuf); GlobalUnlock(cbuf);
CloseClipboard(); CloseClipboard();
@ -98,16 +102,15 @@ static void IConsoleWndProc(Window* w, WindowEvent* e)
case WE_PAINT: case WE_PAINT:
{ {
int i = _iconsole_scroll; int i = _iconsole_scroll;
int max = w->height / 12 - 1; int max = (w->height / ICON_LINE_HEIGHT) - 1;
GfxFillRect(w->left, w->top, w->width, w->height - 1, 0); GfxFillRect(w->left, w->top, w->width, w->height - 1, 0);
while ((i > _iconsole_scroll - max) && (_iconsole_buffer[i] != NULL)) { while ((i > _iconsole_scroll - max) && (_iconsole_buffer[i] != NULL)) {
DoDrawString(_iconsole_buffer[i], 5, DoDrawString(_iconsole_buffer[i], 5,
w->height - (_iconsole_scroll + 2 - i) * 12, _iconsole_cbuffer[i]); w->height - (_iconsole_scroll + 2 - i) * ICON_LINE_HEIGHT, _iconsole_cbuffer[i]);
i--; i--;
} }
DoDrawString("]", 5, w->height - 12, _iconsole_color_commands); DoDrawString("]", 5, w->height - ICON_LINE_HEIGHT, _iconsole_color_commands);
DoDrawString(_iconsole_cmdline, 10, w->height - 12, DoDrawString(_iconsole_cmdline, 10, w->height - ICON_LINE_HEIGHT, _iconsole_color_commands);
_iconsole_color_commands);
break; break;
} }
case WE_TICK: case WE_TICK:
@ -147,17 +150,17 @@ static void IConsoleWndProc(Window* w, WindowEvent* e)
SetWindowDirty(w); SetWindowDirty(w);
break; break;
case WKC_SHIFT | WKC_PAGEUP: case WKC_SHIFT | WKC_PAGEUP:
if (_iconsole_scroll - w->height / 12 - 1 < 0) if (_iconsole_scroll - (w->height / ICON_LINE_HEIGHT) - 1 < 0)
_iconsole_scroll = 0; _iconsole_scroll = 0;
else else
_iconsole_scroll -= w->height / 12 - 1; _iconsole_scroll -= (w->height / ICON_LINE_HEIGHT) - 1;
SetWindowDirty(w); SetWindowDirty(w);
break; break;
case WKC_SHIFT | WKC_PAGEDOWN: case WKC_SHIFT | WKC_PAGEDOWN:
if (_iconsole_scroll + w->height / 12 - 1 > 79) /* XXX magic number */ if (_iconsole_scroll + (w->height / ICON_LINE_HEIGHT) - 1 > ICON_BUFFER)
_iconsole_scroll = 79; /* XXX magic number */ _iconsole_scroll = ICON_BUFFER;
else else
_iconsole_scroll += w->height / 12 - 1; _iconsole_scroll += (w->height / ICON_LINE_HEIGHT) - 1;
SetWindowDirty(w); SetWindowDirty(w);
break; break;
case WKC_SHIFT | WKC_UP: case WKC_SHIFT | WKC_UP:
@ -168,8 +171,8 @@ static void IConsoleWndProc(Window* w, WindowEvent* e)
SetWindowDirty(w); SetWindowDirty(w);
break; break;
case WKC_SHIFT | WKC_DOWN: case WKC_SHIFT | WKC_DOWN:
if (_iconsole_scroll >= 79) /* XXX magic number */ if (_iconsole_scroll >= ICON_BUFFER)
_iconsole_scroll = 79; /* XXX magic number */ _iconsole_scroll = ICON_BUFFER;
else else
++_iconsole_scroll; ++_iconsole_scroll;
SetWindowDirty(w); SetWindowDirty(w);
@ -190,13 +193,14 @@ static void IConsoleWndProc(Window* w, WindowEvent* e)
_iconsole_cmdbufferpos = 19; _iconsole_cmdbufferpos = 19;
break; break;
default: default:
if (IS_INT_INSIDE(e->keypress.ascii, 32, 256)) { /* IS_INT_INSIDE = filter for ascii-function codes like BELL and so on [we need an special filter here later] */
_iconsole_scroll = 79; /* XXX magic number */ if (IS_INT_INSIDE(e->keypress.ascii, ' ', 256)) {
_iconsole_scroll = ICON_BUFFER;
_iconsole_cmdline[_iconsole_cmdpos] = e->keypress.ascii; _iconsole_cmdline[_iconsole_cmdpos] = e->keypress.ascii;
if (_iconsole_cmdpos != sizeof(_iconsole_cmdline)) if (_iconsole_cmdpos != lengthof(_iconsole_cmdline))
_iconsole_cmdpos++; _iconsole_cmdpos++;
SetWindowDirty(w); SetWindowDirty(w);
_iconsole_cmdbufferpos = 19; _iconsole_cmdbufferpos = ICON_CMDBUF_SIZE - 1;
} }
else else
e->keypress.cont = true; e->keypress.cont = true;
@ -218,8 +222,8 @@ void IConsoleInit(void)
_iconsole_color_warning = 13; _iconsole_color_warning = 13;
_iconsole_color_debug = 5; _iconsole_color_debug = 5;
_iconsole_color_commands = 2; _iconsole_color_commands = 2;
_iconsole_scroll = 79; /* XXX magic number */ _iconsole_scroll = ICON_BUFFER;
_iconsole_cmdbufferpos = 19; /* XXX magic number */ _iconsole_cmdbufferpos = ICON_CMDBUF_SIZE - 1;
_iconsole_inited = true; _iconsole_inited = true;
_iconsole_mode = ICONSOLE_CLOSED; _iconsole_mode = ICONSOLE_CLOSED;
_iconsole_win = NULL; _iconsole_win = NULL;
@ -228,7 +232,7 @@ void IConsoleInit(void)
_icursor_counter = 0; _icursor_counter = 0;
for (i = 0; i < lengthof(_iconsole_cmdbuffer); i++) for (i = 0; i < lengthof(_iconsole_cmdbuffer); i++)
_iconsole_cmdbuffer[i] = NULL; _iconsole_cmdbuffer[i] = NULL;
for (i = 0; i < ICONSOLE_BUFFER_SIZE; i++) { for (i = 0; i <= ICON_BUFFER; i++) {
_iconsole_buffer[i] = NULL; _iconsole_buffer[i] = NULL;
_iconsole_cbuffer[i] = 0; _iconsole_cbuffer[i] = 0;
} }
@ -248,7 +252,7 @@ void IConsoleInit(void)
void IConsoleClear(void) void IConsoleClear(void)
{ {
uint i; uint i;
for (i = 0; i < ICONSOLE_BUFFER_SIZE; i++) for (i = 0; i <= ICON_BUFFER; i++)
free(_iconsole_buffer[i]); free(_iconsole_buffer[i]);
} }
@ -296,7 +300,7 @@ void IConsoleClose(void)
void IConsoleOpen(void) void IConsoleOpen(void)
{ {
if (_iconsole_mode == ICONSOLE_CLOSED) IConsoleSwitch(); if (_iconsole_mode == ICONSOLE_CLOSED) IConsoleSwitch();
/* XXX missing _iconsole_mode ? */ _iconsole_mode = ICONSOLE_OPENED;
} }
void IConsoleCmdBufferAdd(const char* cmd) void IConsoleCmdBufferAdd(const char* cmd)
@ -346,9 +350,9 @@ void IConsolePrint(byte color_code, const char* string)
_new = strdup(string); _new = strdup(string);
for (i = _new; *i != '\0'; ++i) for (i = _new; *i != '\0'; ++i)
if (*i < 0x1F) *i = ' '; /* XXX 0x1F seems wrong + magic number */ if (*i < ' ') *i = ' '; /* filter for ascii-function codes like BELL and so on [we need an special filter here later] */
for (j = ICONSOLE_BUFFER_SIZE - 1; j >= 0; --j) { for (j = ICON_BUFFER; j >= 0; --j) {
_ex = _iconsole_buffer[j]; _ex = _iconsole_buffer[j];
_exc = _iconsole_cbuffer[j]; _exc = _iconsole_cbuffer[j];
_iconsole_buffer[j] = _new; _iconsole_buffer[j] = _new;
@ -377,9 +381,7 @@ void CDECL IConsolePrintF(byte color_code, const char* s, ...)
if (_iconsole_output_file != NULL) { if (_iconsole_output_file != NULL) {
// if there is an console output file ... also print it there // if there is an console output file ... also print it there
fwrite(buf, len, 1, _iconsole_output_file); fwrite(buf, len, 1, _iconsole_output_file);
/* XXX why newline? */ fwrite("\n", 1, 1, _iconsole_output_file);
buf[1023] = '\n';
fwrite(&buf[1023], 1, 1, _iconsole_output_file);
} }
} }
@ -474,7 +476,7 @@ void IConsoleVarRegister(const char* name, void* addr, _iconsole_var_types type)
item_new->data.string_ = addr; item_new->data.string_ = addr;
break; break;
default: default:
assert(0); /* XXX */ error("unknown console variable type");
break; break;
} }
item_new->type = type; item_new->type = type;
@ -567,14 +569,13 @@ _iconsole_var* IConsoleVarAlloc(_iconsole_var_types type)
item->_malloc = true; item->_malloc = true;
break; break;
case ICONSOLE_VAR_POINTER: case ICONSOLE_VAR_POINTER:
case ICONSOLE_VAR_STRING: /* XXX */ case ICONSOLE_VAR_STRING:
// needs no memory ... it gets memory when it is set to an value
item->data.addr = NULL; item->data.addr = NULL;
item->_malloc = false; item->_malloc = false;
break; break;
default: default:
assert(0); /* XXX */ error("unknown console variable type");
item->data.addr = NULL;
item->_malloc = false;
break; break;
} }
@ -672,7 +673,9 @@ void IConsoleVarDump(const _iconsole_var* var, const char* dump_desc)
IConsolePrintF(_iconsole_color_default, "%s = @%p", IConsolePrintF(_iconsole_color_default, "%s = @%p",
dump_desc, var->data.addr); dump_desc, var->data.addr);
break; break;
case ICONSOLE_VAR_NONE: /* XXX */ case ICONSOLE_VAR_NONE:
IConsolePrintF(_iconsole_color_default, "%s = [nothing]",
dump_desc);
break; break;
} }
} }
@ -803,7 +806,7 @@ void IConsoleCmdExec(const char* cmdstr)
i = 0; i = 0;
c = 0; c = 0;
tokens[c] = tokenstream; tokens[c] = tokenstream;
while (i < l) { while (i < l && c < lengthof(tokens) - 1) {
if (cmdstr[i] == '"') { if (cmdstr[i] == '"') {
if (longtoken) { if (longtoken) {
if (cmdstr[i + 1] == '"') { if (cmdstr[i + 1] == '"') {
@ -857,18 +860,16 @@ void IConsoleCmdExec(const char* cmdstr)
tokentypes[i] = ICONSOLE_VAR_UNKNOWN; tokentypes[i] = ICONSOLE_VAR_UNKNOWN;
if (tokens[i] != NULL && i > 0 && strlen(tokens[i]) > 0) { if (tokens[i] != NULL && i > 0 && strlen(tokens[i]) > 0) {
if (tokens[i][0] == '*') { if (tokens[i][0] == '*') {
if ((i == 2) && (tokentypes[1] == ICONSOLE_VAR_UNKNOWN) && // change the variable to an pointer if execution_mode != 4 is
(strcmp(tokens[1], "<<") == 0)) { // being prepared. execution_mode 4 is used to assign
// don't change the variable to an pointer if execution_mode 4 is // one variables data to another one
// being prepared // [token 0 and 2]
// this is used to assign one variable the value of the other one if (!((i == 2) && (tokentypes[1] == ICONSOLE_VAR_UNKNOWN) &&
// [token 0 and 2] (strcmp(tokens[1], "<<") == 0))) {
/* XXX empty? */
} else {
var = IConsoleVarGet(tokens[i]); var = IConsoleVarGet(tokens[i]);
if (var != NULL) { if (var != NULL) {
assert(0); /* XXX */ // pointer to the data --> token
//tokens[i] = var->addr; /* XXX ? */ tokens[i] = (char *) var->data.addr; /* XXX: maybe someone finds an cleaner way to do this */
tokentypes[i] = var->type; tokentypes[i] = var->type;
} }
} }
@ -876,8 +877,8 @@ void IConsoleCmdExec(const char* cmdstr)
if (tokens[i] != NULL && tokens[i][0] == '@' && tokens[i][1] == '*') { if (tokens[i] != NULL && tokens[i][0] == '@' && tokens[i][1] == '*') {
var = IConsoleVarGet(tokens[i] + 1); var = IConsoleVarGet(tokens[i] + 1);
if (var != NULL) { if (var != NULL) {
assert(0); /* XXX */ // pointer to the _iconsole_var struct --> token
//tokens[i] = var; /* XXX wtf? incompatible pointer type! */ tokens[i] = (char *) var; /* XXX: maybe someone finds an cleaner way to do this */
tokentypes[i] = ICONSOLE_VAR_REFERENCE; tokentypes[i] = ICONSOLE_VAR_REFERENCE;
} }
} }
@ -952,10 +953,10 @@ void IConsoleCmdExec(const char* cmdstr)
} }
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} else if (strcmp(tokens[1], "++") == 0) { } else if (strcmp(tokens[1], "++") == 0) {
*var->data.bool_ = !*var->data.bool_; /* XXX ++ on bool */ *var->data.bool_ = true;
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} else if (strcmp(tokens[1], "--") == 0) { } else if (strcmp(tokens[1], "--") == 0) {
*var->data.bool_ = !*var->data.bool_; /* XXX -- on bool */ *var->data.bool_ = false;
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} }
else else
@ -1074,26 +1075,27 @@ void IConsoleCmdExec(const char* cmdstr)
if (strcmp(tokens[1], "=") == 0) { if (strcmp(tokens[1], "=") == 0) {
if (c == 3) { if (c == 3) {
if (tokentypes[2] == ICONSOLE_VAR_UNKNOWN) if (tokentypes[2] == ICONSOLE_VAR_UNKNOWN)
var->data.addr = (void*)atoi(tokens[2]); /* XXX ? */ var->data.addr = (void*)atoi(tokens[2]); /* direct access on memory [by address] */
else else
var->data.addr = (void*)tokens[2]; /* XXX ? */ var->data.addr = (void*)tokens[2]; /* direct acces on memory [by variable] */
} else } else
var->data.addr = NULL; var->data.addr = NULL;
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} else if (strcmp(tokens[1], "++") == 0) { } else if (strcmp(tokens[1], "++") == 0) {
++*(char*)&var->data.addr; /* XXX ++ on an arbitrary pointer? */ ++*(char*)&var->data.addr; /* change the address + 1 */
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} else if (strcmp(tokens[1], "--") == 0) { } else if (strcmp(tokens[1], "--") == 0) {
--*(char*)&var->data.addr; /* XXX -- on an arbitrary pointer? */ --*(char*)&var->data.addr; /* change the address - 1 */
IConsoleVarDump(var, NULL); IConsoleVarDump(var, NULL);
} }
else else
IConsoleError("operation not supported"); IConsoleError("operation not supported");
break; break;
} }
case ICONSOLE_VAR_NONE: /* XXX */ case ICONSOLE_VAR_NONE:
case ICONSOLE_VAR_REFERENCE: /* XXX */ case ICONSOLE_VAR_REFERENCE:
case ICONSOLE_VAR_UNKNOWN: /* XXX */ case ICONSOLE_VAR_UNKNOWN:
IConsoleError("operation not supported");
break; break;
} }
IConsoleVarHookHandle(var, ICONSOLE_HOOK_AFTER_CHANGE); IConsoleVarHookHandle(var, ICONSOLE_HOOK_AFTER_CHANGE);
@ -1178,7 +1180,6 @@ void IConsoleCmdExec(const char* cmdstr)
if (execution_mode == 3) { if (execution_mode == 3) {
IConsoleVarFree(result); IConsoleVarFree(result);
result = NULL;
} }
} }
break; break;
@ -1189,7 +1190,6 @@ void IConsoleCmdExec(const char* cmdstr)
break; break;
} }
//** freeing the tokens **// //** freeing the tokenstream **//
for (i = 0; i < 20; i++) tokens[i] = NULL; /* XXX wtf? */
free(tokenstream_s); free(tokenstream_s);
} }

7
console_cmds.c
View File

@ -42,7 +42,7 @@ static uint32 GetArgumentInteger(const char* arg)
DEF_CONSOLE_CMD_HOOK(ConCmdHookNoNetwork) DEF_CONSOLE_CMD_HOOK(ConCmdHookNoNetwork)
{ {
if (_networking) { if (_networking) {
IConsoleError("this command is forbidden in multiplayer"); IConsoleError("This command is forbidden in multiplayer.");
return false; return false;
} }
return true; return true;
@ -52,7 +52,7 @@ DEF_CONSOLE_CMD_HOOK(ConCmdHookNoNetwork)
DEF_CONSOLE_VAR_HOOK(ConVarHookNoNetwork) DEF_CONSOLE_VAR_HOOK(ConVarHookNoNetwork)
{ {
if (_networking) { if (_networking) {
IConsoleError("this variable is forbidden in multiplayer"); IConsoleError("This variable is forbidden in multiplayer.");
return false; return false;
} }
return true; return true;
@ -62,7 +62,7 @@ DEF_CONSOLE_VAR_HOOK(ConVarHookNoNetwork)
DEF_CONSOLE_VAR_HOOK(ConVarHookNoNetClient) DEF_CONSOLE_VAR_HOOK(ConVarHookNoNetClient)
{ {
if (!_networking_server) { if (!_networking_server) {
IConsoleError("this variable only makes sense for a network server"); IConsoleError("This variable only makes sense for a network server.");
return false; return false;
} }
return true; return true;
@ -314,7 +314,6 @@ DEF_CONSOLE_CMD(ConHelp)
DEF_CONSOLE_CMD(ConRandom) DEF_CONSOLE_CMD(ConRandom)
{ {
/* XXX memory leak */
_iconsole_var* result; _iconsole_var* result;
result = IConsoleVarAlloc(ICONSOLE_VAR_UINT16); result = IConsoleVarAlloc(ICONSOLE_VAR_UINT16);
IConsoleVarSetValue(result, rand()); IConsoleVarSetValue(result, rand());