[PATCH 04/15] winedbg: Add snscanf function to safely parse packets.
Rémi Bernon
rbernon at codeweavers.com
Mon Jan 27 06:07:07 CST 2020
Signed-off-by: Rémi Bernon <rbernon at codeweavers.com>
---
programs/winedbg/gdbproxy.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/programs/winedbg/gdbproxy.c b/programs/winedbg/gdbproxy.c
index f85e09353e2..5efaed0acee 100644
--- a/programs/winedbg/gdbproxy.c
+++ b/programs/winedbg/gdbproxy.c
@@ -120,6 +120,21 @@ static struct be_process_io be_process_gdbproxy_io =
* =============================================== *
*/
+static int snscanf(char* src, size_t len, const char* format, ...)
+{
+ int n;
+ char c = src[len];
+ va_list args;
+
+ src[len] = '\0';
+ va_start(args, format);
+ n = vsscanf(src, format, args);
+ va_end(args);
+ src[len] = c;
+
+ return n;
+}
+
static inline int hex_from0(char ch)
{
if (ch >= '0' && ch <= '9') return ch - '0';
@@ -1201,8 +1216,7 @@ static enum packet_return packet_read_memory(struct gdb_context* gdbctx)
SIZE_T r = 0;
assert(gdbctx->in_trap);
- /* FIXME:check in_packet_len for reading %p,%x */
- if (sscanf(gdbctx->in_packet, "%p,%x", &addr, &len) != 2) return packet_error;
+ if (snscanf(gdbctx->in_packet, gdbctx->in_packet_len, "%p,%x", &addr, &len) != 2) return packet_error;
if (len <= 0) return packet_error;
TRACE("Read %u bytes at %p\n", len, addr);
for (nread = 0; nread < len; nread += r, addr += r)
@@ -1240,7 +1254,7 @@ static enum packet_return packet_write_memory(struct gdb_context* gdbctx)
}
*ptr++ = '\0';
- if (sscanf(gdbctx->in_packet, "%p,%x", &addr, &len) != 2)
+ if (snscanf(gdbctx->in_packet, gdbctx->in_packet_len, "%p,%x", &addr, &len) != 2)
{
ERR("Failed to parse %s\n", debugstr_a(gdbctx->in_packet));
return packet_error;
--
2.25.0
More information about the wine-devel
mailing list