kicad-developers team mailing list archive
-
kicad-developers team
-
Mailing list archive
-
Message #14255
Fix for uninitialized variables and unchecked input buffers in eeschema [PATCH]
I ran valgrind on eeschema and found a couple of trivially fixable bugs:
1) EDA_DRAW_FRAME::m_showOriginAxis is never initialized in the
constructor
2) LIB_RECTANGLE and related classes sscanf data read from a file using
"%s" without field limits, which can cause problems with
malformed/really long inputs.
3) If some of the optional fields in a lib line are missing, "tmp" can
remain uninitialized.
Patch attached.
--
Andrew Zonenberg
PhD student, security group
Computer Science Department
Rensselaer Polytechnic Institute
http://colossus.cs.rpi.edu/~azonenberg/
=== modified file 'common/draw_frame.cpp'
--- common/draw_frame.cpp 2014-07-29 16:38:27 +0000
+++ common/draw_frame.cpp 2014-08-12 06:45:15 +0000
@@ -113,6 +113,7 @@
m_showAxis = false; // true to draw axis.
m_showBorderAndTitleBlock = false; // true to display reference sheet.
m_showGridAxis = false; // true to draw the grid axis
+ m_showOriginAxis = false; // true to draw the grid origin
m_cursorShape = 0;
m_LastGridSizeId = 0;
m_DrawGrid = true; // hide/Show grid. default = show
=== modified file 'eeschema/lib_arc.cpp'
--- eeschema/lib_arc.cpp 2014-05-18 15:16:59 +0000
+++ eeschema/lib_arc.cpp 2014-08-12 06:23:44 +0000
@@ -122,10 +122,10 @@
bool LIB_ARC::Load( LINE_READER& aLineReader, wxString& aErrorMsg )
{
int startx, starty, endx, endy, cnt;
- char tmp[256];
+ char tmp[256] = "";
char* line = (char*) aLineReader;
- cnt = sscanf( line + 2, "%d %d %d %d %d %d %d %d %s %d %d %d %d",
+ cnt = sscanf( line + 2, "%d %d %d %d %d %d %d %d %255s %d %d %d %d",
&m_Pos.x, &m_Pos.y, &m_Radius, &m_t1, &m_t2, &m_Unit,
&m_Convert, &m_Width, tmp, &startx, &starty, &endx, &endy );
if( cnt < 8 )
=== modified file 'eeschema/lib_rectangle.cpp'
--- eeschema/lib_rectangle.cpp 2014-05-18 15:16:59 +0000
+++ eeschema/lib_rectangle.cpp 2014-08-12 06:22:53 +0000
@@ -67,10 +67,10 @@
bool LIB_RECTANGLE::Load( LINE_READER& aLineReader, wxString& aErrorMsg )
{
int cnt;
- char tmp[256];
+ char tmp[256] = "";
char* line = (char*)aLineReader;
- cnt = sscanf( line + 2, "%d %d %d %d %d %d %d %s", &m_Pos.x, &m_Pos.y,
+ cnt = sscanf( line + 2, "%d %d %d %d %d %d %d %255s", &m_Pos.x, &m_Pos.y,
&m_End.x, &m_End.y, &m_Unit, &m_Convert, &m_Width, tmp );
if( cnt < 7 )
=== modified file 'eeschema/lib_text.cpp'
--- eeschema/lib_text.cpp 2014-05-18 15:16:59 +0000
+++ eeschema/lib_text.cpp 2014-08-12 06:23:24 +0000
@@ -98,7 +98,7 @@
bool LIB_TEXT::Load( LINE_READER& aLineReader, wxString& errorMsg )
{
- int cnt, thickness;
+ int cnt, thickness = 0;
char hjustify = 'C', vjustify = 'C';
char buf[256];
char tmp[256];
@@ -108,7 +108,7 @@
buf[0] = 0;
tmp[0] = 0; // For italic option, Not in old versions
- cnt = sscanf( line + 2, "%lf %d %d %d %d %d %d \"%[^\"]\" %s %d %c %c",
+ cnt = sscanf( line + 2, "%lf %d %d %d %d %d %d \"%[^\"]\" %255s %d %c %c",
&angle, &m_Pos.x, &m_Pos.y, &m_Size.x, &m_Attributs,
&m_Unit, &m_Convert, buf, tmp, &thickness, &hjustify,
&vjustify );
@@ -122,7 +122,7 @@
}
else
{
- cnt = sscanf( line + 2, "%lf %d %d %d %d %d %d %s %s %d %c %c",
+ cnt = sscanf( line + 2, "%lf %d %d %d %d %d %d %255s %255s %d %c %c",
&angle, &m_Pos.x, &m_Pos.y, &m_Size.x, &m_Attributs,
&m_Unit, &m_Convert, buf, tmp, &thickness, &hjustify,
&vjustify );
Attachment:
signature.asc
Description: This is a digitally signed message part
Follow ups
