celix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From abroekh...@apache.org
Subject svn commit: r1658958 - /celix/trunk/framework/private/src/framework.c
Date Wed, 11 Feb 2015 13:47:52 GMT
Author: abroekhuis
Date: Wed Feb 11 13:47:52 2015
New Revision: 1658958

URL: http://svn.apache.org/r1658958
Log:
CELIX-219: Librarypath is now constructed using snprintf to prevent buffer overflows.

Modified:
    celix/trunk/framework/private/src/framework.c

Modified: celix/trunk/framework/private/src/framework.c
URL: http://svn.apache.org/viewvc/celix/trunk/framework/private/src/framework.c?rev=1658958&r1=1658957&r2=1658958&view=diff
==============================================================================
--- celix/trunk/framework/private/src/framework.c (original)
+++ celix/trunk/framework/private/src/framework.c Wed Feb 11 13:47:52 2015
@@ -2394,21 +2394,26 @@ static celix_status_t framework_loadLibr
     status = CELIX_DO_IF(status, bundleArchive_getArchiveRoot(archive, &archiveRoot));
     status = CELIX_DO_IF(status, bundleArchive_getCurrentRevisionNumber(archive, &revisionNumber));
 
-    sprintf(libraryPath, "%s/version%ld.%ld/%s%s%s", archiveRoot, refreshCount, revisionNumber,
library_prefix, library, library_extension);
+    int written = snprintf(libraryPath, 256, "%s/version%ld.%ld/%s%s%s", archiveRoot, refreshCount,
revisionNumber, library_prefix, library, library_extension);
 
-    *handle = fw_openLibrary(libraryPath);
-    if (*handle == NULL) {
-        error = fw_getLastError();
-        // #TODO this is wrong
-        status =  CELIX_BUNDLE_EXCEPTION;
+    if (written >= 256) {
+    	error = "library path is too long";
+    	status = CELIX_FRAMEWORK_EXCEPTION;
     } else {
-        bundle_revision_pt revision = NULL;
-        array_list_pt handles = NULL;
+		*handle = fw_openLibrary(libraryPath);
+		if (*handle == NULL) {
+			error = fw_getLastError();
+			// #TODO this is wrong
+			status =  CELIX_BUNDLE_EXCEPTION;
+		} else {
+			bundle_revision_pt revision = NULL;
+			array_list_pt handles = NULL;
 
-        status = CELIX_DO_IF(status, bundleArchive_getCurrentRevision(archive, &revision));
-        status = CELIX_DO_IF(status, bundleRevision_getHandles(revision, &handles));
+			status = CELIX_DO_IF(status, bundleArchive_getCurrentRevision(archive, &revision));
+			status = CELIX_DO_IF(status, bundleRevision_getHandles(revision, &handles));
 
-        arrayList_add(handles, *handle);
+			arrayList_add(handles, *handle);
+		}
     }
 
     framework_logIfError(framework->logger, status, error, "Could not load library: %s",
libraryPath);



Mime
View raw message