summaryrefslogtreecommitdiff
path: root/foreign
diff options
context:
space:
mode:
authorPieter Hintjens <ph@itmatix.com>2010-06-01 10:40:12 +0200
committerMartin Sustrik <sustrik@250bpm.com>2010-06-01 10:40:12 +0200
commit0b0716661e99a2b55151650ec94cd5fd268d0334 (patch)
tree54904d0659452a2881978c9ac7278cd5133e8712 /foreign
parent8a4df431de872623c761fdeb291748d3d153b8d1 (diff)
multiple vulnerabilities in xml paerser fixed
Diffstat (limited to 'foreign')
-rw-r--r--foreign/xmlParser/xmlParser.cpp37
1 files changed, 31 insertions, 6 deletions
diff --git a/foreign/xmlParser/xmlParser.cpp b/foreign/xmlParser/xmlParser.cpp
index 70fe1d9..bccfaf7 100644
--- a/foreign/xmlParser/xmlParser.cpp
+++ b/foreign/xmlParser/xmlParser.cpp
@@ -421,7 +421,7 @@ XMLNode XMLNode::openFileHelper(XMLCSTR filename, XMLCSTR tag)
// create message
char message[2000],*s1=(char*)"",*s3=(char*)""; XMLCSTR s2=_CXML("");
if (pResults.error==eXMLErrorFirstTagNotFound) { s1=(char*)"First Tag should be '"; s2=tag; s3=(char*)"'.\n"; }
- sprintf(message,
+ snprintf(message,2000,
#ifdef _XMLWIDECHAR
"XML Parsing error inside file '%S'.\n%S\nAt line %i, column %i.\n%s%S%s"
#else
@@ -608,11 +608,18 @@ XMLError XMLNode::writeToFile(XMLCSTR filename, const char *encoding, char nForm
if (!f) return eXMLErrorCannotOpenWriteFile;
#ifdef _XMLWIDECHAR
unsigned char h[2]={ 0xFF, 0xFE };
- if (!fwrite(h,2,1,f)) return eXMLErrorCannotWriteFile;
+ if (!fwrite(h,2,1,f))
+ {
+ fclose(f);
+ return eXMLErrorCannotWriteFile;
+ }
if ((!isDeclaration())&&((d->lpszName)||(!getChildNode().isDeclaration())))
{
if (!fwrite(L"<?xml version=\"1.0\" encoding=\"utf-16\"?>\n",sizeof(wchar_t)*40,1,f))
+ {
+ fclose(f);
return eXMLErrorCannotWriteFile;
+ }
}
#else
if ((!isDeclaration())&&((d->lpszName)||(!getChildNode().isDeclaration())))
@@ -620,23 +627,41 @@ XMLError XMLNode::writeToFile(XMLCSTR filename, const char *encoding, char nForm
if (characterEncoding==char_encoding_UTF8)
{
// header so that windows recognize the file as UTF-8:
- unsigned char h[3]={0xEF,0xBB,0xBF}; if (!fwrite(h,3,1,f)) return eXMLErrorCannotWriteFile;
+ unsigned char h[3]={0xEF,0xBB,0xBF};
+ if (!fwrite(h,3,1,f))
+ {
+ fclose(f);
+ return eXMLErrorCannotWriteFile;
+ }
encoding="utf-8";
} else if (characterEncoding==char_encoding_ShiftJIS) encoding="SHIFT-JIS";
if (!encoding) encoding="ISO-8859-1";
- if (fprintf(f,"<?xml version=\"1.0\" encoding=\"%s\"?>\n",encoding)<0) return eXMLErrorCannotWriteFile;
+ if (fprintf(f,"<?xml version=\"1.0\" encoding=\"%s\"?>\n",encoding)<0)
+ {
+ fclose(f);
+ return eXMLErrorCannotWriteFile;
+ }
} else
{
if (characterEncoding==char_encoding_UTF8)
{
- unsigned char h[3]={0xEF,0xBB,0xBF}; if (!fwrite(h,3,1,f)) return eXMLErrorCannotWriteFile;
+ unsigned char h[3]={0xEF,0xBB,0xBF};
+ if (!fwrite(h,3,1,f))
+ {
+ fclose(f);
+ return eXMLErrorCannotWriteFile;
+ }
}
}
#endif
int i;
XMLSTR t=createXMLString(nFormat,&i);
- if (!fwrite(t,sizeof(XMLCHAR)*i,1,f)) return eXMLErrorCannotWriteFile;
+ if (!fwrite(t,sizeof(XMLCHAR)*i,1,f))
+ {
+ fclose(f);
+ return eXMLErrorCannotWriteFile;
+ }
if (fclose(f)!=0) return eXMLErrorCannotWriteFile;
free(t);
return eXMLErrorNone;