krgamestudios/Toy
1
0
Fork 0
mirror of https://github.com/krgamestudios/Toy.git synced 2026-04-15 14:54:07 +10:00
Code Issues Packages Projects Releases Wiki Activity

BUGFIX: Buffer overflow

Browse Source
This commit is contained in:
Kayne Ruse
2023-01-20 13:45:00 +00:00
parent e6e24ca19f
commit 2c06c5e38b
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
repl/lib_runner.c
View File

@@ -45,7 +45,7 @@ static int nativeLoadScript(Interpreter* interpreter, LiteralArray* arguments) {
RefString* path = createRefStringLength( &toCString(drivePath)[driveLength + 1], lengthRefString(drivePath) - driveLength ); RefString* path = createRefStringLength( &toCString(drivePath)[driveLength + 1], lengthRefString(drivePath) - driveLength );
//get the real drive file path //get the real drive file path
Literal driveLiteral = TO_STRING_LITERAL(drive); Literal driveLiteral = TO_STRING_LITERAL(drive); //NOTE: driveLiteral takes ownership of the refString
Literal realDriveLiteral = getLiteralDictionary(getDriveDictionary(), driveLiteral); Literal realDriveLiteral = getLiteralDictionary(getDriveDictionary(), driveLiteral);
if (!IS_STRING(realDriveLiteral)) { if (!IS_STRING(realDriveLiteral)) {
@@ -54,7 +54,6 @@ static int nativeLoadScript(Interpreter* interpreter, LiteralArray* arguments) {
interpreter->errorOutput("\n"); interpreter->errorOutput("\n");
freeLiteral(realDriveLiteral); freeLiteral(realDriveLiteral);
freeLiteral(driveLiteral); freeLiteral(driveLiteral);
deleteRefString(drive);
deleteRefString(path); deleteRefString(path);
deleteRefString(drivePath); deleteRefString(drivePath);
freeLiteral(drivePathLiteral); freeLiteral(drivePathLiteral);
@@ -65,15 +64,13 @@ static int nativeLoadScript(Interpreter* interpreter, LiteralArray* arguments) {
RefString* realDrive = copyRefString(AS_STRING(realDriveLiteral)); RefString* realDrive = copyRefString(AS_STRING(realDriveLiteral));
int realLength = lengthRefString(realDrive) + lengthRefString(path); int realLength = lengthRefString(realDrive) + lengthRefString(path);
char* filePath = ALLOCATE(char, realLength) +1 + 1; //+1 for null char* filePath = ALLOCATE(char, realLength + 1); //+1 for null
snprintf(filePath, realLength, "%s%s", toCString(realDrive), toCString(path)); snprintf(filePath, realLength, "%s%s", toCString(realDrive), toCString(path));
//clean up the drivepath stuff //clean up the drivepath stuff
FREE_ARRAY(char, filePath, realLength);
deleteRefString(realDrive); deleteRefString(realDrive);
freeLiteral(realDriveLiteral); freeLiteral(realDriveLiteral);
freeLiteral(driveLiteral); freeLiteral(driveLiteral);
deleteRefString(drive);
deleteRefString(path); deleteRefString(path);
deleteRefString(drivePath); deleteRefString(drivePath);
freeLiteral(drivePathLiteral); freeLiteral(drivePathLiteral);
@@ -105,6 +102,8 @@ static int nativeLoadScript(Interpreter* interpreter, LiteralArray* arguments) {
Literal runnerLiteral = TO_OPAQUE_LITERAL(runner, OPAQUE_TAG_RUNNER); Literal runnerLiteral = TO_OPAQUE_LITERAL(runner, OPAQUE_TAG_RUNNER);
pushLiteralArray(&interpreter->stack, runnerLiteral); pushLiteralArray(&interpreter->stack, runnerLiteral);
FREE_ARRAY(char, filePath, realLength);
return 1; return 1;
} }