From: Rafał Długołęcki Date: Wed, 10 Jul 2013 14:28:25 +0000 (+0200) Subject: Fixed possible buffer overflows. Moved config_init past checking if config file exists. X-Git-Tag: 3.1~63 X-Git-Url: https://git.dlugolecki.net.pl/?a=commitdiff_plain;h=c9891297216d595885f30300bfde65c90957912b;p=vlp.git Fixed possible buffer overflows. Moved config_init past checking if config file exists. --- diff --git a/src/kernel/kernel.cpp b/src/kernel/kernel.cpp index 7e83ebc..1de50af 100644 --- a/src/kernel/kernel.cpp +++ b/src/kernel/kernel.cpp @@ -297,8 +297,6 @@ void QKernel::LoadConfig(char * fname) config_t cfg; const char *str; - config_init(&cfg); - /* Hack for checking if file exists without using external libs.*/ FILE * file = fopen(fname, "r"); if (!file) { @@ -308,6 +306,8 @@ void QKernel::LoadConfig(char * fname) /* File exists, so file has been locked. Release it. */ fclose(file); + config_init(&cfg); + /* Read the file. If there is an error, report it and exit. */ if(!config_read_file(&cfg, fname)) { @@ -332,23 +332,21 @@ void QKernel::LoadConfig(char * fname) if(config_lookup_string(&cfg, "host", &str)) { - char host[255]; - strcpy(host, str);//FIXME: buffer overflow - ConnectList.append(new ConnectEntry(host)); + ConnectList.append(new ConnectEntry((char*)str)); } else { AppConfiguration::error(&cfg); } if(config_lookup_string(&cfg, "progdir", &str)){ - strcpy(progdir, str);//FIXME: buffer overflow + strncpy(progdir, str, 256); } else { AppConfiguration::error(&cfg); } if(config_lookup_string(&cfg, "homedir", &str)){ - strcpy(HomeDir, str);//FIXME: buffer overflow + strncpy(HomeDir, str, 255); } else { AppConfiguration::error(&cfg);