From fa00ffed8da48f720323aea1601898ed2abb76e6 Mon Sep 17 00:00:00 2001 From: dam Date: Sun, 6 Nov 2022 01:34:26 +0000 Subject: Made sure that string_buffer bounds are respected. Added check for memory allocation for string_buffer. --- main.c | 10 ++++++++-- readme.md | 5 +++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/main.c b/main.c index 9c88459..214d61c 100644 --- a/main.c +++ b/main.c @@ -1006,9 +1006,9 @@ void draw_tui(database_st *db, layout_st *layout) { /////////////////////////////////////////////////////////////////////////// // Draw selected/total tasks. - snprintf(string_buffer, string_buffer_size, " %td/%zd ", db->selected_task+1, db->count); // TODO snprintf() > string_buffer_size => error + snprintf(string_buffer, string_buffer_size, " %td/%zd ", db->selected_task+1, db->count); if (strlen(string_buffer) > layout->columns[L_TITLE_IDX].width) { - snprintf(string_buffer, string_buffer_size, "%td", db->selected_task+1); // TODO snprintf() > string_buffer_size => error + snprintf(string_buffer, string_buffer_size, "%td", db->selected_task+1); } mvaddstr(size_y-1, 1, string_buffer); @@ -1306,6 +1306,12 @@ int main(int argc, char *argv[]) { if (string_buffer_size < new_size) { string_buffer_size = new_size; string_buffer = realloc(string_buffer, string_buffer_size); + if (string_buffer == NULL && string_buffer_size > 0) { + fprintf(stderr, "Failed to allocate memory for string buffer: %s.\n", strerror(errno)); + flushinp(); + ungetch('q'); + break; + } } update_layout(); layout = &layouts[size_x > 100 ? L_NORMAL : L_COMPACT]; diff --git a/readme.md b/readme.md index 91752bc..9ac479c 100644 --- a/readme.md +++ b/readme.md @@ -58,9 +58,10 @@ Task Time Tracker - [x] Register kill signals to exit gracefully. - [x] Check if string_buffer needs to be cleared. We may be leaking info on the string_buffer. - [x] Replaced `sprintf` by `snprintf`; +- [x] Make sure that string_buffer bounds are respected; - [ ] Move database actions into functions: - [ ] select_by_id/delta/task - [ ] set_active(db, task) -- [ ] Make sure that string_buffer bounds are respected; -- [ ] REVISE ALL CODE ptrdiff_t/size_t (signed/unsigned)! +- [ ] Re-check if draw_tui may be simplified. +- [ ] Review all code for bugs related to auto-cast on ptrdiff_t/size_t (signed/unsigned); - [ ] Go over all `TODO` items; -- cgit v1.2.3