[PATCH] Prevent jumping beyond file end in the viewer
- From: "andrzej zaborowski" <balrog zabor org>
- To: mc-devel gnome org
- Subject: [PATCH] Prevent jumping beyond file end in the viewer
- Date: Wed, 20 Dec 2006 02:05:44 +0100
Hi,
in the hex viewer the GoTo (F5) command allows you to jump beyond
end of file and even to view or edit data there. This is because the
address given by user is not checked for correctness anywhere.
Eventually, in src/view.c:view_file_load_data, the address is passed
to lseek() whose return value is checked, but it turns out lseek'ing
beyond end of file is legal and not an error. This immediately results
in Bad Things (tm) like at the return from view_file_load_data the
ds_file_datalen is actually negative. Attached diff fixes this.
Index: src/view.c
===================================================================
RCS file: /cvsroot/mc/mc/src/view.c,v
retrieving revision 1.357
diff -u -r1.357 view.c
--- src/view.c 10 Dec 2006 21:36:46 -0000 1.357
+++ src/view.c 20 Dec 2006 00:52:56 -0000
@@ -539,6 +539,8 @@
if (already_loaded (view->ds_file_offset, byte_index,
view->ds_file_datalen))
return;
+ if (byte_index >= view->ds_file_filesize)
+ goto error;
blockoffset = offset_rounddown (byte_index, view->ds_file_datasize);
if (mc_lseek (view->ds_file_fd, blockoffset, SEEK_SET) == -1)
--
Cheers,
Andrzej
Index: src/view.c
===================================================================
RCS file: /cvsroot/mc/mc/src/view.c,v
retrieving revision 1.357
diff -u -r1.357 view.c
--- src/view.c 10 Dec 2006 21:36:46 -0000 1.357
+++ src/view.c 20 Dec 2006 00:54:10 -0000
@@ -539,6 +539,8 @@
if (already_loaded (view->ds_file_offset, byte_index, view->ds_file_datalen))
return;
+ if (byte_index >= view->ds_file_filesize)
+ goto error;
blockoffset = offset_rounddown (byte_index, view->ds_file_datasize);
if (mc_lseek (view->ds_file_fd, blockoffset, SEEK_SET) == -1)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]