[GRASS-SVN] r47992 - grass/trunk/lib/vector/diglib
svn_grass at osgeo.org
svn_grass at osgeo.org
Wed Aug 31 04:12:23 EDT 2011
Author: mmetz
Date: 2011-08-31 01:12:23 -0700 (Wed, 31 Aug 2011)
New Revision: 47992
Modified:
grass/trunk/lib/vector/diglib/portable.c
Log:
diglib: fix for buffer overrrun, #1430
Modified: grass/trunk/lib/vector/diglib/portable.c
===================================================================
--- grass/trunk/lib/vector/diglib/portable.c 2011-08-31 07:10:09 UTC (rev 47991)
+++ grass/trunk/lib/vector/diglib/portable.c 2011-08-31 08:12:23 UTC (rev 47992)
@@ -186,10 +186,7 @@
memset(buf, 0, cnt * sizeof(off_t));
/* read from buffer in changed order */
c1 = (unsigned char *)buffer;
- if (off_t_order == ENDIAN_LITTLE)
- c2 = (unsigned char *)buf;
- else
- c2 = (unsigned char *)buf + nat_off_t - port_off_t_size;
+ c2 = (unsigned char *)buf;
for (i = 0; i < cnt; i++) {
/* set to FF if the value is negative */
if (off_t_order == ENDIAN_LITTLE) {
@@ -200,7 +197,10 @@
if (c1[0] & 0x80)
memset(c2, 0xff, sizeof(off_t));
}
- memcpy(c2, c1, port_off_t_size);
+ if (off_t_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, port_off_t_size);
+ else
+ memcpy(c2 + nat_off_t - port_off_t_size, c1, port_off_t_size);
c1 += port_off_t_size;
c2 += sizeof(off_t);
}
@@ -281,10 +281,7 @@
memset(buf, 0, cnt * sizeof(long));
/* read from buffer in changed order */
c1 = (unsigned char *)buffer;
- if (lng_order == ENDIAN_LITTLE)
- c2 = (unsigned char *)buf;
- else
- c2 = (unsigned char *)buf + nat_lng - PORT_LONG;
+ c2 = (unsigned char *)buf;
for (i = 0; i < cnt; i++) {
/* set to FF if the value is negative */
if (lng_order == ENDIAN_LITTLE) {
@@ -295,7 +292,10 @@
if (c1[0] & 0x80)
memset(c2, 0xff, sizeof(long));
}
- memcpy(c2, c1, PORT_LONG);
+ if (lng_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_LONG);
+ else
+ memcpy(c2 + nat_lng - PORT_LONG, c1, PORT_LONG);
c1 += PORT_LONG;
c2 += sizeof(long);
}
@@ -366,10 +366,7 @@
memset(buf, 0, cnt * sizeof(int));
/* read from buffer in changed order */
c1 = (unsigned char *)buffer;
- if (int_order == ENDIAN_LITTLE)
- c2 = (unsigned char *)buf;
- else
- c2 = (unsigned char *)buf + nat_int - PORT_INT;
+ c2 = (unsigned char *)buf;
for (i = 0; i < cnt; i++) {
/* set to FF if the value is negative */
if (int_order == ENDIAN_LITTLE) {
@@ -380,7 +377,10 @@
if (c1[0] & 0x80)
memset(c2, 0xff, sizeof(int));
}
- memcpy(c2, c1, PORT_INT);
+ if (int_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_INT);
+ else
+ memcpy(c2 + nat_int - PORT_INT, c1, PORT_INT);
c1 += PORT_INT;
c2 += sizeof(int);
}
@@ -451,10 +451,7 @@
memset(buf, 0, cnt * sizeof(short));
/* read from buffer in changed order */
c1 = (unsigned char *)buffer;
- if (shrt_order == ENDIAN_LITTLE)
- c2 = (unsigned char *)buf;
- else
- c2 = (unsigned char *)buf + nat_shrt - PORT_SHORT;
+ c2 = (unsigned char *)buf;
for (i = 0; i < cnt; i++) {
/* set to FF if the value is negative */
if (shrt_order == ENDIAN_LITTLE) {
@@ -465,7 +462,10 @@
if (c1[0] & 0x80)
memset(c2, 0xff, sizeof(short));
}
- memcpy(c2, c1, PORT_SHORT);
+ if (shrt_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_SHORT);
+ else
+ memcpy(c2 + nat_shrt - PORT_SHORT, c1, PORT_SHORT);
c1 += PORT_SHORT;
c2 += sizeof(short);
}
@@ -653,15 +653,15 @@
}
else if (nat_off_t > port_off_t_size) {
buf_alloc(cnt * port_off_t_size);
- if (off_t_order == ENDIAN_LITTLE)
- c1 = (unsigned char *)buf;
- else
- c1 = (unsigned char *)buf + nat_off_t - port_off_t_size;
+ c1 = (unsigned char *)buf;
c2 = (unsigned char *)buffer;
for (i = 0; i < cnt; i++) {
- memcpy(c2, c1, port_off_t_size);
- c1 += port_off_t_size;
- c2 += sizeof(off_t);
+ if (off_t_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, port_off_t_size);
+ else
+ memcpy(c2, c1 + nat_off_t - port_off_t_size, port_off_t_size);
+ c1 += sizeof(off_t);
+ c2 += port_off_t_size;
}
if (dig_fwrite(buffer, port_off_t_size, cnt, fp) == cnt)
return 1;
@@ -719,15 +719,15 @@
}
else {
buf_alloc(cnt * PORT_LONG);
- if (lng_order == ENDIAN_LITTLE)
- c1 = (unsigned char *)buf;
- else
- c1 = (unsigned char *)buf + nat_lng - PORT_LONG;
+ c1 = (unsigned char *)buf;
c2 = (unsigned char *)buffer;
for (i = 0; i < cnt; i++) {
- memcpy(c2, c1, PORT_LONG);
- c1 += PORT_LONG;
- c2 += sizeof(long);
+ if (lng_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_LONG);
+ else
+ memcpy(c2, c1 + nat_lng - PORT_LONG, PORT_LONG);
+ c1 += sizeof(long);
+ c2 += PORT_LONG;
}
if (dig_fwrite(buffer, PORT_LONG, cnt, fp) == cnt)
return 1;
@@ -775,15 +775,15 @@
}
else {
buf_alloc(cnt * PORT_INT);
- if (int_order == ENDIAN_LITTLE)
- c1 = (unsigned char *)buf;
- else
- c1 = (unsigned char *)buf + nat_int - PORT_INT;
+ c1 = (unsigned char *)buf;
c2 = (unsigned char *)buffer;
for (i = 0; i < cnt; i++) {
- memcpy(c2, c1, PORT_INT);
- c1 += PORT_INT;
- c2 += sizeof(int);
+ if (int_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_INT);
+ else
+ memcpy(c2, c1 + nat_int - PORT_INT, PORT_INT);
+ c1 += sizeof(int);
+ c2 += PORT_INT;
}
if (dig_fwrite(buffer, PORT_INT, cnt, fp) == cnt)
return 1;
@@ -831,15 +831,15 @@
}
else {
buf_alloc(cnt * PORT_SHORT);
- if (shrt_order == ENDIAN_LITTLE)
- c1 = (unsigned char *)buf;
- else
- c1 = (unsigned char *)buf + nat_shrt - PORT_SHORT;
+ c1 = (unsigned char *)buf;
c2 = (unsigned char *)buffer;
for (i = 0; i < cnt; i++) {
- memcpy(c2, c1, PORT_SHORT);
- c1 += PORT_SHORT;
- c2 += sizeof(short);
+ if (shrt_order == ENDIAN_LITTLE)
+ memcpy(c2, c1, PORT_SHORT);
+ else
+ memcpy(c2, c1 + nat_shrt - PORT_SHORT, PORT_SHORT);
+ c1 += sizeof(short);
+ c2 += PORT_SHORT;
}
if (dig_fwrite(buffer, PORT_SHORT, cnt, fp) == cnt)
return 1;
More information about the grass-commit
mailing list