2012-06-27 Leandro Santiago
* Fix crash when cyphering huge amount of data.
+
+2012-07-16 Cedric Bail
+
+ * Add code to detect overrun and underrun in eet_data_descriptor_element_add.
Changes since Eet 1.6.0:
--------------------------
+Additions:
+ * Add code to detect overrun and underrun during Eet Data Descriptor setup.
+
Fixes:
* Force destruction of all pending file when shuting down eet.
* Make eet_dictionary thread safe.
Eet_Data_Element *ede;
Eet_Data_Element *tmp;
+ /* Sanity check to avoid crash later at runtime */
+ if (type < EET_T_UNKNOW ||
+ type >= EET_T_LAST)
+ {
+ CRIT("Preventing later bug due to unknow type: %i", type);
+ return ;
+ }
+ if (offset < 0)
+ {
+ CRIT("Preventing later buffer underrun : offset = %i", offset);
+ return ;
+ }
+ if (offset > edd->size)
+ {
+ CRIT("Preventing later buffer overrun : offset = %i in a structure of %i bytes", offset, edd->size);
+ return ;
+ }
+ if (group_type == EET_G_UNKNOWN && type != EET_T_UNKNOW)
+ {
+ if (offset + eet_basic_codec[type - 1].size > edd->size)
+ {
+ CRIT("Preventing later buffer overrun : offset = %i, size = %i in a structure of %i bytes", offset, eet_basic_codec[type - 1].size, edd->size);
+ return ;
+ }
+ }
+ else if ((offset + sizeof (void*)) > (unsigned int) edd->size)
+ {
+ CRIT("Preventing later buffer overrun : offset = %i, estimated size = %i in a structure of %i bytes", offset, sizeof (void*), edd->size);
+ return ;
+ }
+
/* UNION, VARIANT type would not work with simple type, we need a way to map the type. */
if ((group_type == EET_G_UNION
|| group_type == EET_G_VARIANT)
projects / profile / ivi / eet.git / commitdiff