Google Git
Sign in
goma / wine / 661a94033e8a80e65ce6d4393fa8e53ec22b69bd^! / . / tools / wrc / newstruc.c
commit661a94033e8a80e65ce6d4393fa8e53ec22b69bd[log] [tgz]
authorBertho Stultiens <bertho@akhphd.au.dk>Tue Jun 13 03:37:56 2000 +0000
committerAlexandre Julliard <julliard@winehq.org>Tue Jun 13 03:37:56 2000 +0000
tree074db809fd9d35ab9e9f0f264764c6ee0ea55e47
parent8dd8d30b7d95a9ef44b0778fd0cb1a8a40f9bb13 [diff] [blame]
- Bugfix: Corrected "off by one" error in the linenumber while parsing
  resource.
- Bugfix: A segfault would occur if messagetables were parsed without
  memory options attached. Also added buffer-overflow safeguard while
  converting between byteorders.
- Finished remapping usertype resources onto standars types by tricking
  the parser into accepting a different token. The remapping can be
  disabled with a new commandline option '-m'.
- Resolved some warning about chars used as index on SGI O2 machine
  (the ctype isXXX() routines are macros there).


diff --git a/tools/wrc/newstruc.c b/tools/wrc/newstruc.c
index 7584d80..cc5a426 100644
--- a/tools/wrc/newstruc.c
+++ b/tools/wrc/newstruc.c

@@ -903,6 +903,7 @@
 	return w;
 }
 
+#define MSGTAB_BAD_PTR(p, b, l, r)	(((l) - ((char *)(p) - (char *)(b))) > (r))
 messagetable_t *new_messagetable(raw_data_t *rd, int *memopt)
 {
 	messagetable_t *msg = (messagetable_t *)xmalloc(sizeof(messagetable_t));
@@ -912,8 +913,17 @@
 	WORD hi;
 
 	msg->data = rd;
-	msg->memopt = *memopt;
-	free(memopt);
+	if(memopt)
+	{
+		msg->memopt = *memopt;
+		free(memopt);
+	}
+	else
+		msg->memopt = WRC_MO_MOVEABLE | WRC_MO_PURE;
+
+	if(rd->size < sizeof(DWORD))
+		yyerror("Invalid messagetable, size too small");
+
 	nblk = *(DWORD *)rd->data;
 	lo = WRC_LOWORD(nblk);
 	hi = WRC_HIWORD(nblk);
@@ -939,6 +949,8 @@
 	{
 		msgtab_block_t *mbp = (msgtab_block_t *)&(((DWORD *)rd->data)[1]);
 		nblk = BYTESWAP_DWORD(nblk);
+		if(MSGTAB_BAD_PTR(mbp, rd->data, rd->size, nblk * sizeof(*mbp)))
+			yyerror("Messagetable's blocks are outside of defined data");
 		for(i = 0; i < nblk; i++)
 		{
 			msgtab_entry_t *mep;
@@ -952,7 +964,9 @@
 			{
 				mep->length = BYTESWAP_WORD(mep->length);
 				mep->flags  = BYTESWAP_WORD(mep->flags);
-				if(mep->flags & 1)
+				if(MSGTAB_BAD_PTR(mep, rd->data, rd->size, mep->length))
+					yyerror("Messagetable's data for block %d, ID 0x%08lx is outside of defined data", (int)i, id);
+				if(mep->flags == 1)	/* Docu says 'flags == 0x0001' for unicode */
 				{
 					WORD *wp = (WORD *)&mep[1];
 					int l = mep->length/2 - 2; /* Length included header */
@@ -971,6 +985,7 @@
 
 	return msg;
 }
+#undef MSGTAB_BAD_PTR
 
 void copy_raw_data(raw_data_t *dst, raw_data_t *src, int offs, int len)
 {