diff options
| author | Thomas White <taw@physics.org> | 2015-04-04 15:54:09 -0700 |
|---|---|---|
| committer | Thomas White <taw@physics.org> | 2015-04-20 12:55:26 +0200 |
| commit | 3c1f9603ff5078db607597e23d3c8113f2d06e56 (patch) | |
| tree | f8c0b701b96979df10fc9d94a1fb29ac7230c236 | |
| parent | 7094bd7f8d02f96d978db06220dc901e70eccaab (diff) | |
Fix a string overflow vulnerability, and banish extract_f_from_stuff()
| -rw-r--r-- | libcrystfel/src/stream.c | 24 | ||||
| -rw-r--r-- | libcrystfel/src/stream.h | 3 | ||||
| -rw-r--r-- | src/geoptimiser.c | 22 |
3 files changed, 22 insertions, 27 deletions
diff --git a/libcrystfel/src/stream.c b/libcrystfel/src/stream.c index 33e2d84e..91b1fb9e 100644 --- a/libcrystfel/src/stream.c +++ b/libcrystfel/src/stream.c @@ -1530,27 +1530,3 @@ int rewind_stream(Stream *st) return fseek(st->fh, 0, SEEK_SET); } - - -double extract_f_from_stuff(const char *field_name, - struct stuff_from_stream* stuff) -{ - int i; - - char field_name_plus_equal[256]; - sprintf(field_name_plus_equal, "hdf5%s = ", field_name); - - - - for ( i=0; i<stuff->n_fields; i++ ) { - - if ( strncmp(stuff->fields[i], field_name_plus_equal, - strlen(field_name_plus_equal)) == 0 ) { - return atoi(stuff->fields[i]+ - strlen(field_name_plus_equal)); - } - } - - ERROR("Failed to recovery camera length from stream file\n"); - return -1; -} diff --git a/libcrystfel/src/stream.h b/libcrystfel/src/stream.h index afa9acda..a8cf4639 100644 --- a/libcrystfel/src/stream.h +++ b/libcrystfel/src/stream.h @@ -109,9 +109,6 @@ extern void write_geometry_file(Stream *st, const char *geom_filename); extern int rewind_stream(Stream *st); extern int is_stream(const char *filename); -extern double extract_f_from_stuff(const char *field_name, - struct stuff_from_stream* stuff); - #ifdef __cplusplus } #endif diff --git a/src/geoptimiser.c b/src/geoptimiser.c index 93626277..409a6954 100644 --- a/src/geoptimiser.c +++ b/src/geoptimiser.c @@ -229,6 +229,28 @@ static double compute_average_clen (struct detector *det, char **clen_from, } +static double extract_f_from_stuff(const char *field_name, + struct stuff_from_stream* stuff) +{ + int i; + + char field_name_plus_equal[256]; + snprintf(field_name_plus_equal, 256, "hdf5%s = ", field_name); + + for ( i=0; i<stuff->n_fields; i++ ) { + + if ( strncmp(stuff->fields[i], field_name_plus_equal, + strlen(field_name_plus_equal)) == 0 ) { + return atoi(stuff->fields[i]+ + strlen(field_name_plus_equal)); + } + } + + ERROR("Failed to recover camera length from stream file\n"); + return -1; +} + + static struct pattern_list *read_patterns_from_steam_file(const char *infile, struct detector *det) { |