Coverity: tackled a few CIDs (#470)

This commit is contained in:
tomcw 2018-08-12 12:48:08 +01:00
parent 74c0ca2cde
commit 396c55d8a3
4 changed files with 60 additions and 32 deletions

View File

@ -1399,6 +1399,8 @@ int APIENTRY WinMain(HINSTANCE passinstance, HINSTANCE, LPSTR lpCmdLine, int)
unsigned long fix_minor = g_AppleWinVersion[3] = pFixedFileInfo->dwFileVersionLS & 0xffff;
sprintf(VERSIONSTRING, "%d.%d.%d.%d", major, minor, fix, fix_minor); // potential buffer overflow
}
delete [] pVerInfoBlock;
}
LogFileOutput("AppleWin version: %s\n", VERSIONSTRING);

View File

@ -1214,41 +1214,53 @@ ImageError_e CImageHelperBase::CheckZipFile(LPCTSTR pszImageFilename, ImageInfo*
return eIMAGE_ERROR_UNABLE_TO_OPEN_ZIP;
unz_global_info global_info;
int nRes = unzGetGlobalInfo(hZipFile, &global_info);
if (nRes != UNZ_OK)
return eIMAGE_ERROR_ZIP;
nRes = unzGoToFirstFile(hZipFile); // Only support 1st file in zip archive for now
if (nRes != UNZ_OK)
return eIMAGE_ERROR_ZIP;
unz_file_info file_info;
char szFilename[MAX_PATH];
memset(szFilename, 0, sizeof(szFilename));
nRes = unzGetCurrentFileInfo(hZipFile, &file_info, szFilename, MAX_PATH, NULL, 0, NULL, 0);
if (nRes != UNZ_OK)
return eIMAGE_ERROR_ZIP;
int nRes = 0, nLen = 0;
const UINT uFileSize = file_info.uncompressed_size;
if (uFileSize > GetMaxImageSize())
return eIMAGE_ERROR_BAD_SIZE;
pImageInfo->pImageBuffer = new BYTE[uFileSize];
nRes = unzOpenCurrentFile(hZipFile);
if (nRes != UNZ_OK)
return eIMAGE_ERROR_ZIP;
int nLen = unzReadCurrentFile(hZipFile, pImageInfo->pImageBuffer, uFileSize);
if (nLen < 0)
try
{
unzCloseCurrentFile(hZipFile); // Must CloseCurrentFile before Close
return eIMAGE_ERROR_UNSUPPORTED;
}
nRes = unzGetGlobalInfo(hZipFile, &global_info);
if (nRes != UNZ_OK)
throw eIMAGE_ERROR_ZIP;
nRes = unzCloseCurrentFile(hZipFile);
if (nRes != UNZ_OK)
return eIMAGE_ERROR_ZIP;
nRes = unzGoToFirstFile(hZipFile); // Only support 1st file in zip archive for now
if (nRes != UNZ_OK)
throw eIMAGE_ERROR_ZIP;
nRes = unzGetCurrentFileInfo(hZipFile, &file_info, szFilename, MAX_PATH, NULL, 0, NULL, 0);
if (nRes != UNZ_OK)
throw eIMAGE_ERROR_ZIP;
const UINT uFileSize = file_info.uncompressed_size;
if (uFileSize > GetMaxImageSize())
throw eIMAGE_ERROR_BAD_SIZE;
pImageInfo->pImageBuffer = new BYTE[uFileSize];
nRes = unzOpenCurrentFile(hZipFile);
if (nRes != UNZ_OK)
throw eIMAGE_ERROR_ZIP;
nLen = unzReadCurrentFile(hZipFile, pImageInfo->pImageBuffer, uFileSize);
if (nLen < 0)
{
unzCloseCurrentFile(hZipFile); // Must CloseCurrentFile before Close
throw eIMAGE_ERROR_UNSUPPORTED;
}
nRes = unzCloseCurrentFile(hZipFile);
if (nRes != UNZ_OK)
throw eIMAGE_ERROR_ZIP;
}
catch (ImageError_e error)
{
if (hZipFile)
unzClose(hZipFile);
return error;
}
nRes = unzClose(hZipFile);
hZipFile = NULL;

View File

@ -29,6 +29,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#include "StdAfx.h"
#include "Applewin.h"
#include "Frame.h" // g_hFrameWindow
#include "Memory.h"
#include "ParallelPrinter.h"
#include "Registry.h"
@ -234,14 +235,26 @@ char* Printer_GetFilename()
void Printer_SetFilename(char* prtFilename)
{
if(*prtFilename)
if (*prtFilename)
{
strcpy(g_szPrintFilename, (const char *) prtFilename);
}
else //No registry entry is available
{
_tcsncpy(g_szPrintFilename, g_sProgramDir, MAX_PATH);
g_szPrintFilename[MAX_PATH - 1] = 0;
_tcsncat(g_szPrintFilename, _T(DEFAULT_PRINT_FILENAME), MAX_PATH);
RegSaveString(TEXT("Configuration"),REGVALUE_PRINTER_FILENAME,1,g_szPrintFilename);
// NB. _tcsncat_s() terminates program if buffer is too small! So continue to use manual buffer check & _tcsncat()
int nLen = sizeof(g_szPrintFilename) - strlen(g_szPrintFilename) - (sizeof(DEFAULT_PRINT_FILENAME)-1) - 1;
if (nLen < 0)
{
MessageBox(g_hFrameWindow, "Printer - SetFilename(): folder too deep", "Warning", MB_ICONWARNING | MB_OK);
return;
}
_tcsncat(g_szPrintFilename, DEFAULT_PRINT_FILENAME, sizeof(DEFAULT_PRINT_FILENAME)-1);
RegSaveString(REG_CONFIG, REGVALUE_PRINTER_FILENAME, 1, g_szPrintFilename);
}
}

View File

@ -216,6 +216,7 @@ bool CSuperSerialCard::CheckComm()
// have socket so attempt to bind it
SOCKADDR_IN saAddress;
memset(&saAddress, 0, sizeof(SOCKADDR_IN));
saAddress.sin_family = AF_INET;
saAddress.sin_port = htons(TCP_SERIAL_PORT); // TODO: get from registry / GUI
saAddress.sin_addr.s_addr = htonl(INADDR_ANY);