mirrors/raylib
1
0
Fork 0
mirror of https://github.com/raysan5/raylib.git synced 2025-12-15 02:45:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

ADDED: Multiply security checks to avoid crashes on wrongly provided string data #4751

Browse Source 
- REVIEWED: Checking `NULL` input on functions getting `const char *text`, to avoid crashes
- REVIEWED: `strcpy()` usage, prioritize `strncpy()` with limited copy to buffer size
- REPLACED: `strlen()` by `TextLength()` on [rtext] module
- REVIEWED: Replaced some early returns (but keeping others, for easier code following)
This commit is contained in:
Ray
2025-12-11 12:59:55 +01:00
parent 71a35f661e
commit 2a566544d4
8 changed files with 289 additions and 248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/utils.c
View File

@@ -105,7 +105,7 @@ void TraceLog(int logType, const char *text, ...)
{
#if defined(SUPPORT_TRACELOG)
// Message has level below current threshold, don't emit
if (logType < logTypeLevel) return;
if ((logType < logTypeLevel) || (text == NULL)) return;
va_list args;
va_start(args, text);
@@ -313,7 +313,7 @@ bool ExportDataAsCode(const unsigned char *data, int dataSize, const char *fileN
// Get file name from path
char varFileName[256] = { 0 };
strcpy(varFileName, GetFileNameWithoutExt(fileName));
strncpy(varFileName, GetFileNameWithoutExt(fileName), 256 - 1);
for (int i = 0; varFileName[i] != '\0'; i++)
{
// Convert variable name to uppercase