diff options
| author | login (__tcoin) (tilde.my.to) <login@tilde.my.to> | 2021-01-31 16:53:36 +0000 |
|---|---|---|
| committer | login (__tcoin) (tilde.my.to) <login@tilde.my.to> | 2021-01-31 16:53:36 +0000 |
| commit | 982027f93eb8ceaccf2d6117b40a49246ecdef41 (patch) | |
| tree | 113e170eab358f3800ee23194892ff33ef556319 | |
| parent | 77973561190c25f5fa8dff8ab71d3f2829489dbf (diff) | |
| download | tcoin-982027f93eb8ceaccf2d6117b40a49246ecdef41.tar.gz | |
Fixed buffer overflow because of hardcoded lengths
In user_has_initialised(..), the path lengths were hardcoded. This has now been changed to being calculated via sizeof(). In get_file_value and add_file_value, strlen() was used. This has also been replaced with sizeof().
| -rw-r--r-- | pcoin.cpp | 6 | ||||
| -rw-r--r-- | tcoin.cpp | 16 |
2 files changed, 11 insertions, 11 deletions
diff --git a/pcoin.cpp b/pcoin.cpp index 47f9abb..1a47060 100644 --- a/pcoin.cpp +++ b/pcoin.cpp @@ -224,7 +224,7 @@ std::string exec(const char* cmd) { long long int get_file_value(const char* file_name) { - char* file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+5]; + char* file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+4]; std::strcpy(file_path, TCOIN_PATH_W_SLASH); std::strcat(file_path, file_name); std::strcat(file_path, ".txt"); @@ -253,8 +253,8 @@ long long int get_file_value(const char* file_name) int add_file_value(const char* file_name, const long long int &value_to_add, const long long int &base_amount) { - char* file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+5]; - char* temp_file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+9]; + char* file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+4]; + char* temp_file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+8]; std::strcpy(file_path, TCOIN_PATH_W_SLASH); std::strcat(file_path, file_name); std::strcpy(temp_file_path, file_path); diff --git a/tcoin.cpp b/tcoin.cpp index f07696f..27f206e 100644 --- a/tcoin.cpp +++ b/tcoin.cpp @@ -218,7 +218,7 @@ std::string exec(const char* cmd) { long long int get_file_value(const char* file_name) { - char* file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+5]; + char* file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+4]; std::strcpy(file_path, TCOIN_PATH_W_SLASH); std::strcat(file_path, file_name); std::strcat(file_path, ".txt"); @@ -249,8 +249,8 @@ long long int get_file_value(const char* file_name) int add_file_value(const char* file_name, const long long int &value_to_add, const long long int &base_amount) { - char* file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+5]; - char* temp_file_path = new char[strlen(file_name)+strlen(TCOIN_PATH_W_SLASH)+9]; + char* file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+4]; + char* temp_file_path = new char[strlen(file_name)+sizeof(TCOIN_PATH_W_SLASH)+8]; std::strcpy(file_path, TCOIN_PATH_W_SLASH); std::strcat(file_path, file_name); std::strcpy(temp_file_path, file_path); @@ -630,27 +630,27 @@ bool user_has_initialised(const char* username) { bool return_value = true; //we assume the user has initialised and check for signs of that not being the case - char *balance_file_path = new char[strlen(username) + 23]; + char *balance_file_path = new char[strlen(username) + sizeof(TCOIN_PATH_W_SLASH) + 4]; //sizeof counts NULL char at the end too std::strcpy(balance_file_path, TCOIN_PATH_W_SLASH); std::strcat(balance_file_path, username); std::strcat(balance_file_path, ".txt"); - char *messages_file_path = new char[strlen(username) + 41]; + char *messages_file_path = new char[strlen(username) + sizeof(TCOIN_MSG_PATH) + 13]; //sizeof counts NULL char at the end too std::strcpy(messages_file_path, TCOIN_MSG_PATH); std::strcat(messages_file_path, username); std::strcat(messages_file_path, "_messages.txt"); - char *password_file_path = new char[strlen(username) + 42]; + char *password_file_path = new char[strlen(username) + sizeof(TCOIN_PASS_PATH) + 13]; //sizeof counts NULL char at the end too std::strcpy(password_file_path, TCOIN_PASS_PATH); std::strcat(password_file_path, username); std::strcat(password_file_path, "_password.txt"); - char *salt_file_path = new char[strlen(username) + 34]; + char *salt_file_path = new char[strlen(username) + sizeof(TCOIN_SALT_PATH) + 9]; //sizeof counts NULL char at the end too std::strcpy(salt_file_path, TCOIN_SALT_PATH); std::strcat(salt_file_path, username); std::strcat(salt_file_path, "_salt.txt"); - char *salt_logged_in_file_path = new char[strlen(username) + 44]; + char *salt_logged_in_file_path = new char[strlen(username) + sizeof(TCOIN_SALT_PATH) + 19]; //sizeof counts NULL char at the end too std::strcpy(salt_logged_in_file_path, TCOIN_SALT_PATH); std::strcat(salt_logged_in_file_path, username); std::strcat(salt_logged_in_file_path, "_salt_logged_in.txt"); |