From 5a751b44089e89899c83c54344b4e8d7d5a415ab Mon Sep 17 00:00:00 2001 From: jylam Date: Sat, 28 Oct 2006 08:22:58 +0000 Subject: [PATCH] * Fixed buffer overflow in replace function (still need to be fixed in a more clever way) git-svn-id: file:///srv/caca.zoy.org/var/lib/svn/cacamoo/trunk@1251 92316355-f0b4-4df1-b90c-862c8a59935f --- src/main.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/main.c b/src/main.c index 2d77d07..fbf91a6 100644 --- a/src/main.c +++ b/src/main.c @@ -282,6 +282,11 @@ int main (int argc, char **argv) if(buffer) free(buffer); + cucul_free_buffer(input_buffer); + cucul_free_buffer(output_buffer); + cucul_free_canvas(canvas); + + return 0; } @@ -510,15 +515,16 @@ char *replace(char *str, char *oldpiece, const char *newpiece) new_len, old_len, cpy_len; char *c = NULL; char *newstr = NULL; + char *orig = str; if(oldpiece==NULL || newpiece==NULL) return NULL; - if ((c = (char *) strstr(str, oldpiece)) == NULL) { + if ((c = (char *) strstr(str, oldpiece)) == NULL) return str; - } - newstr = malloc(1024); + + newstr = malloc(8192); // FIXME if(newstr == NULL) { @@ -552,6 +558,7 @@ char *replace(char *str, char *oldpiece, const char *newpiece) /* Copy remaining characters from the right of last matched pattern */ strcpy(newstr+newstr_index, str+str_index); + str = orig; return newstr; }