[PD-cvs] pd/src s_inter.c,1.1.1.3.2.20,1.1.1.3.2.21

[Mathieu Bouchard]

Update of /cvsroot/pure-data/pd/src
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16337

Modified Files:
      Tag: devel_0_37
	s_inter.c 
Log Message:
sys_vgui(): fixed buffer overflow


Index: s_inter.c
===================================================================
RCS file: /cvsroot/pure-data/pd/src/s_inter.c,v
retrieving revision 1.1.1.3.2.20
retrieving revision 1.1.1.3.2.21
diff -C2 -d -r1.1.1.3.2.20 -r1.1.1.3.2.21
*** s_inter.c	21 Oct 2004 08:12:13 -0000	1.1.1.3.2.20
--- s_inter.c	25 Oct 2004 15:47:08 -0000	1.1.1.3.2.21
***************
*** 589,608 ****
  #endif /* THREADED_GUI */
  
! /* LATER should do a bounds check -- but how do you get printf to do that?
!     See also rtext_senditup() in this regard */
! 
  void sys_vgui(char *fmt, ...)
  {
!     int result, i;
      char buf[2048];
      va_list ap;
- 
      va_start(ap, fmt);
!     vsprintf(buf, fmt, ap);
!     sys_gui(buf);
      va_end(ap);
  }
  
- 
  #define FIRSTPORTNUM 5400
  
--- 589,614 ----
  #endif /* THREADED_GUI */
  
! /* matju's (fixed buffer overflow) */
  void sys_vgui(char *fmt, ...)
  {
!     unsigned n;
      char buf[2048];
      va_list ap;
      va_start(ap, fmt);
!     n = vsnprintf(buf, sizeof(buf), fmt, ap);
      va_end(ap);
+     if (n>=sizeof(buf)) {
+ 	char *buf2 = (char *)malloc(n+1);
+ 	fprintf(stderr,"sys_vgui: warning: big packet: %d bytes\n",n);
+ 	va_start(ap, fmt);
+ 	vsprintf(buf2, fmt, ap);
+ 	va_end(ap);
+         sys_gui(buf2);
+ 	free(buf2);
+     } else {
+ 	sys_gui(buf);
+     }
  }
  
  #define FIRSTPORTNUM 5400