summaryrefslogtreecommitdiffstats
path: root/apps/gui/line.c
diff options
context:
space:
mode:
authorThomas Martitz <kugel@rockbox.org>2014-01-09 22:59:46 +0100
committerThomas Martitz <kugel@rockbox.org>2014-01-09 23:17:38 +0100
commit7ba2d0160b6b4bfd68fc1d0819858f7138e2d1d4 (patch)
treee1a185272ccaae14cb8c49befdac07e340a2abb9 /apps/gui/line.c
parent3be3a4013829a5d088904803bdd26e339eea61f0 (diff)
downloadrockbox-7ba2d0160b6b4bfd68fc1d0819858f7138e2d1d4.tar.gz
rockbox-7ba2d0160b6b4bfd68fc1d0819858f7138e2d1d4.tar.bz2
rockbox-7ba2d0160b6b4bfd68fc1d0819858f7138e2d1d4.zip
put_line(): Limit and truncate inline strings to MAX_PATH+32.
Because inline strings have to be copied (to escape '$') the local buffer can be exhaused. The code didn't check for this. The buffer is increased to handle filenames plus some extra chars but truncates to avoid overflow. If you have longer strings please pass them via $t tag, in which case put_line() imposes no additional length-limitation. Change-Id: I0ca20adbe72f6d44cb442f34d665c16b12cbbaeb
Diffstat (limited to 'apps/gui/line.c')
-rw-r--r--apps/gui/line.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/apps/gui/line.c b/apps/gui/line.c
index 5a376c652c..d561f08c76 100644
--- a/apps/gui/line.c
+++ b/apps/gui/line.c
@@ -32,6 +32,7 @@
#include "settings.h"
#include "debug.h"
#include "viewport.h"
+#include "debug.h"
#ifdef HAVE_REMOTE_LCD
#define MAX_LINES (LCD_SCROLLABLE_LINES + LCD_REMOTE_SCROLLABLE_LINES)
@@ -158,8 +159,8 @@ static void print_line(struct screen *display,
int xpos = x;
int icon_y, icon_h, icon_w;
enum themable_icons icon;
- char tempbuf[128];
- int tempbuf_idx;
+ char tempbuf[MAX_PATH+32];
+ unsigned int tempbuf_idx;
height = line->height == -1 ? display->getcharheight() : line->height;
icon_h = get_icon_height(display->screen_type);
@@ -246,7 +247,15 @@ next:
}
else
{ /* handle string constant in format string */
- tempbuf[tempbuf_idx++] = ch;
+ if (tempbuf_idx < sizeof(tempbuf)-1)
+ {
+ tempbuf[tempbuf_idx++] = ch;
+ }
+ else if (tempbuf_idx == sizeof(tempbuf)-1)
+ {
+ tempbuf[tempbuf_idx++] = '\0';
+ DEBUGF("%s ", ch ? "put_line: String truncated" : "");
+ }
if (!ch)
{ /* end of string. put it online */
put_text(display, xpos, y, line, tempbuf, false, 0);