Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch')
-rw-r--r--app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch246
1 files changed, 246 insertions, 0 deletions
diff --git a/app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch b/app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch
new file mode 100644
index 000000000000..b2f64e8baf0e
--- /dev/null
+++ b/app-editors/hteditor/files/hteditor-0.8.0-mallocboundcheck.patch
@@ -0,0 +1,246 @@
+--- cplus-dem.c.orig 2005-05-04 19:32:05.000000000 +1000
++++ cplus-dem.c 2005-05-04 19:52:48.000000000 +1000
+@@ -1572,7 +1572,7 @@
+ else
+ {
+ int symbol_len = consume_count (mangled);
+- if (symbol_len == -1)
++ if (symbol_len <= -1)
+ return -1;
+ if (symbol_len == 0)
+ string_appendn (s, "0", 1);
+@@ -1690,7 +1690,7 @@
+ {
+ return (0);
+ }
+- if (!is_type)
++ if (!is_type && r)
+ {
+ /* Create an array for saving the template argument values. */
+ work->tmpl_argvec = (char**) xmalloc (r * sizeof (char *));
+@@ -1718,9 +1718,11 @@
+ {
+ /* Save the template argument. */
+ int len = temp.p - temp.b;
+- work->tmpl_argvec[i] = xmalloc (len + 1);
+- memcpy (work->tmpl_argvec[i], temp.b, len);
+- work->tmpl_argvec[i][len] = '\0';
++ if (len) {
++ work->tmpl_argvec[i] = xmalloc (len + 1);
++ memcpy (work->tmpl_argvec[i], temp.b, len);
++ work->tmpl_argvec[i][len] = '\0';
++ }
+ }
+ }
+ string_delete(&temp);
+@@ -1746,9 +1748,12 @@
+ {
+ /* Save the template argument. */
+ int len = r2;
+- work->tmpl_argvec[i] = xmalloc (len + 1);
+- memcpy (work->tmpl_argvec[i], *mangled, len);
+- work->tmpl_argvec[i][len] = '\0';
++ if (len >=0)
++ {
++ work->tmpl_argvec[i] = xmalloc (len + 1);
++ memcpy (work->tmpl_argvec[i], *mangled, len);
++ work->tmpl_argvec[i][len] = '\0';
++ }
+ }
+ *mangled += r2;
+ }
+@@ -1792,9 +1797,11 @@
+ if (!is_type)
+ {
+ int len = s->p - s->b;
+- work->tmpl_argvec[i] = xmalloc (len + 1);
+- memcpy (work->tmpl_argvec[i], s->b, len);
+- work->tmpl_argvec[i][len] = '\0';
++ if (len<=0) {
++ work->tmpl_argvec[i] = xmalloc (len + 1);
++ memcpy (work->tmpl_argvec[i], s->b, len);
++ work->tmpl_argvec[i][len] = '\0';
++ }
+
+ string_appends (tname, s);
+ string_delete (s);
+@@ -2594,6 +2601,7 @@
+ char * recurse = (char *)NULL;
+ char * recurse_dem = (char *)NULL;
+
++ if (namelength <= 0) return; /* not sure about this one */
+ recurse = (char *) xmalloc (namelength + 1);
+ memcpy (recurse, *mangled, namelength);
+ recurse[namelength] = '\000';
+@@ -3730,6 +3738,7 @@
+ sizeof (char *) * work -> typevec_size);
+ }
+ }
++ if (len<=0) len=0;
+ tem = xmalloc (len + 1);
+ memcpy (tem, start, len);
+ tem[len] = '\0';
+@@ -3762,6 +3771,7 @@
+ sizeof (char *) * work -> ksize);
+ }
+ }
++ if (len<=0) len=0;
+ tem = xmalloc (len + 1);
+ memcpy (tem, start, len);
+ tem[len] = '\0';
+@@ -3809,6 +3819,7 @@
+ {
+ char *tem;
+
++ if (len<=0) len=0;
+ tem = xmalloc (len + 1);
+ memcpy (tem, start, len);
+ tem[len] = '\0';
+--- htanaly.cc.orig 2005-05-04 19:59:15.000000000 +1000
++++ htanaly.cc 2005-05-04 19:59:19.000000000 +1000
+@@ -1323,6 +1323,7 @@
+ if (!getCurrentAddress(&c)) break;
+ b = analy->createAddress();
+ UINT bz = b->byteSize();
++ if (!bz) break;
+ byte *buf = (byte*)smalloc(bz);
+ if (analy->bufPtr(c, buf, bz) != bz) break;
+ b->getFromArray(buf);
+--- htcoff.cc.orig 2005-05-04 20:08:20.000000000 +1000
++++ htcoff.cc 2005-05-04 20:08:26.000000000 +1000
+@@ -168,12 +168,13 @@
+ h -= 4;
+
+ file->seek(h+os+24);
+- coff_shared->sections.sections=(COFF_SECTION_HEADER*)malloc(coff_shared->sections.section_count * sizeof *coff_shared->sections.sections);
+- file->read(coff_shared->sections.sections, coff_shared->sections.section_count*sizeof *coff_shared->sections.sections);
+- for (UINT i=0; i<coff_shared->sections.section_count; i++) {
+- create_host_struct(&coff_shared->sections.sections[i], COFF_SECTION_HEADER_struct, end);
+- }
+-
++ if (coff_shared->sections.section_count) {
++ coff_shared->sections.sections=(COFF_SECTION_HEADER*)malloc(coff_shared->sections.section_count * sizeof *coff_shared->sections.sections);
++ file->read(coff_shared->sections.sections, coff_shared->sections.section_count*sizeof *coff_shared->sections.sections);
++ for (UINT i=0; i<coff_shared->sections.section_count; i++) {
++ create_host_struct(&coff_shared->sections.sections[i], COFF_SECTION_HEADER_struct, end);
++ }
++ } /* CHECK - sufficient */
+ shared_data = coff_shared;
+
+ ht_format_group::init_ifs(ifs);
+--- htelf.cc.orig 2005-05-04 19:09:49.000000000 +1000
++++ htelf.cc 2005-05-04 20:15:19.000000000 +1000
+@@ -150,6 +150,7 @@
+ create_host_struct(&elf_shared->header32, ELF_HEADER32_struct, elf_shared->byte_order);
+ /* read section headers */
+ elf_shared->sheaders.count=elf_shared->header32.e_shnum;
++ if (!elf_shared->sheaders.count) throw new ht_msg_exception("Zero count for section headers");
+ elf_shared->sheaders.sheaders32=(ELF_SECTION_HEADER32*)malloc(elf_shared->sheaders.count*sizeof *elf_shared->sheaders.sheaders32);
+ if (file->seek(header_ofs+elf_shared->header32.e_shoff)) throw new ht_msg_exception("seek error");
+ if (file->read(elf_shared->sheaders.sheaders32, elf_shared->sheaders.count*sizeof *elf_shared->sheaders.sheaders32)
+@@ -162,6 +163,7 @@
+
+ /* read program headers */
+ elf_shared->pheaders.count=elf_shared->header32.e_phnum;
++ if (!elf_shared->pheaders.count) throw new ht_msg_exception("Zero count in program section headers");
+ elf_shared->pheaders.pheaders32=(ELF_PROGRAM_HEADER32*)malloc(elf_shared->pheaders.count*sizeof *elf_shared->pheaders.pheaders32);
+ if (file->seek(header_ofs+elf_shared->header32.e_phoff)) throw new ht_msg_exception("seek error");
+ if (file->read(elf_shared->pheaders.pheaders32, elf_shared->pheaders.count*sizeof *elf_shared->pheaders.pheaders32)
+@@ -197,6 +199,7 @@
+ create_host_struct(&elf_shared->header64, ELF_HEADER64_struct, elf_shared->byte_order);
+ /* read section headers */
+ elf_shared->sheaders.count=elf_shared->header64.e_shnum;
++ if (!elf_shared->sheaders.count) throw new ht_msg_exception("Zero count for section headers");
+ elf_shared->sheaders.sheaders64=(ELF_SECTION_HEADER64*)malloc(elf_shared->sheaders.count*sizeof *elf_shared->sheaders.sheaders64);
+ /* FIXME: 64-bit */
+ if (file->seek(header_ofs+elf_shared->header64.e_shoff.lo)) throw new ht_msg_exception("seek error");
+@@ -210,6 +213,7 @@
+
+ /* read program headers */
+ elf_shared->pheaders.count=elf_shared->header64.e_phnum;
++ if (!elf_shared->pheaders.count) throw new ht_msg_exception("Zero count in program section headers");
+ elf_shared->pheaders.pheaders64=(ELF_PROGRAM_HEADER64*)malloc(elf_shared->pheaders.count*sizeof *elf_shared->pheaders.pheaders64);
+ /* FIXME: 64-bit */
+ if (file->seek(header_ofs+elf_shared->header64.e_phoff.lo)) throw new ht_msg_exception("seek error");
+@@ -417,8 +421,11 @@
+ ht_elf_shared_data *elf_shared=(ht_elf_shared_data *)shared_data;
+
+ ELF_SECTION_HEADER32 *s=elf_shared->sheaders.sheaders32;
+-
+- elf_shared->shrelocs = (ht_elf_reloc_section32*)malloc(elf_shared->sheaders.count * sizeof (ht_elf_reloc_section32));
++ if (!elf_shared->sheaders.count) {
++ LOG("%s: ELF: segment header count is zero", file->get_filename());
++ } else {
++ elf_shared->shrelocs = (ht_elf_reloc_section32*)malloc(elf_shared->sheaders.count * sizeof (ht_elf_reloc_section32));
++ }
+
+ /* relocate sections */
+ for (uint i=0; i<elf_shared->sheaders.count; i++) {
+--- htpef.cc.orig 2005-05-04 20:38:57.000000000 +1000
++++ htpef.cc 2005-05-04 20:39:00.000000000 +1000
+@@ -99,16 +99,18 @@
+
+ /* read section headers */
+ pef_shared->sheaders.count = pef_shared->contHeader.sectionCount;
+- pef_shared->sheaders.sheaders = (PEF_SECTION_HEADER*)
+- malloc(pef_shared->sheaders.count*sizeof (PEF_SECTION_HEADER));
+- for (uint i=0; i<pef_shared->sheaders.count; i++) {
+- file->read(&pef_shared->sheaders.sheaders[i], sizeof pef_shared->sheaders.sheaders[i]);
+- create_host_struct(&pef_shared->sheaders.sheaders[i], PEF_SECTION_HEADER_struct, pef_shared->byte_order);
+- // FIXME: hack
+- pef_shared->sheaders.sheaders[i].defaultAddress = i*0x100000;
+- if (!pef_shared->loader_info_header_ofs
+- && pef_shared->sheaders.sheaders[i].sectionKind == PEF_SK_Loader) {
+- pef_shared->loader_info_header_ofs = pef_shared->sheaders.sheaders[i].containerOffset;
++ if (pef_shared->sheaders.count) {
++ pef_shared->sheaders.sheaders = (PEF_SECTION_HEADER*)
++ malloc(pef_shared->sheaders.count*sizeof (PEF_SECTION_HEADER));
++ for (uint i=0; i<pef_shared->sheaders.count; i++) {
++ file->read(&pef_shared->sheaders.sheaders[i], sizeof pef_shared->sheaders.sheaders[i]);
++ create_host_struct(&pef_shared->sheaders.sheaders[i], PEF_SECTION_HEADER_struct, pef_shared->byte_order);
++ // FIXME: hack
++ pef_shared->sheaders.sheaders[i].defaultAddress = i*0x100000;
++ if (!pef_shared->loader_info_header_ofs
++ && pef_shared->sheaders.sheaders[i].sectionKind == PEF_SK_Loader) {
++ pef_shared->loader_info_header_ofs = pef_shared->sheaders.sheaders[i].containerOffset;
++ }
+ }
+ }
+
+--- htpeimp.cc.orig 2005-05-04 20:41:43.000000000 +1000
++++ htpeimp.cc 2005-05-04 20:54:14.000000000 +1000
+@@ -174,19 +174,21 @@
+ PE_THUNK_DATA *thunk_table = NULL;
+ PE_THUNK_DATA_64 *thunk_table64 = NULL;
+ file->seek(thunk_ofs);
+- if (pe32) {
+- thunk_table=(PE_THUNK_DATA*)malloc(sizeof *thunk_table * thunk_count);
+- file->read(thunk_table, sizeof *thunk_table * thunk_count);
+- // FIXME: ?
+- for (UINT i=0; i<thunk_count; i++) {
+- create_host_struct(thunk_table+i, PE_THUNK_DATA_struct, little_endian);
+- }
+- } else {
+- thunk_table64=(PE_THUNK_DATA_64*)malloc(sizeof *thunk_table64 * thunk_count);
+- file->read(thunk_table64, sizeof *thunk_table64 * thunk_count);
+- // FIXME: ?
+- for (UINT i=0; i<thunk_count; i++) {
+- create_host_struct(thunk_table64+i, PE_THUNK_DATA_64_struct, little_endian);
++ if (thunk_count) {
++ if (pe32) {
++ thunk_table=(PE_THUNK_DATA*)malloc(sizeof *thunk_table * thunk_count);
++ file->read(thunk_table, sizeof *thunk_table * thunk_count);
++ // FIXME: ?
++ for (UINT i=0; i<thunk_count; i++) {
++ create_host_struct(thunk_table+i, PE_THUNK_DATA_struct, little_endian);
++ }
++ } else {
++ thunk_table64=(PE_THUNK_DATA_64*)malloc(sizeof *thunk_table64 * thunk_count);
++ file->read(thunk_table64, sizeof *thunk_table64 * thunk_count);
++ // FIXME: ?
++ for (UINT i=0; i<thunk_count; i++) {
++ create_host_struct(thunk_table64+i, PE_THUNK_DATA_64_struct, little_endian);
++ }
+ }
+ }
+ for (dword i=0; i<thunk_count; i++) {