[sword-devel] crashes with ciphering code
Joachim Ansorg
nospam+sword-devel at joachim-ansorg.de
Mon Nov 27 14:21:49 MST 2006
> zStr::getCompressedText calls
> strcpy(*buf, cacheBlock->getEntry(entry));
My fix for this would be (without digging deep into the sources) in line 438
of zstr.cpp:
strncpy(*buf, cacheBlock->getEntry(entry), size);
strcpy expects a \0-terminated string. If the deciphering with the wrong key
creates a char* without a proper \0 this would result in an address out of
bounds. So the fix is to make sure we just copy the number of bytes which are
available in the cacheBlock.
I did not yet think whether a \0 has to explicitely be set at the end of *buf.
Does this make sense?
Does somebody have the setup to test this?
Thanks,
Joachim
--
<>< Re: deemed
www.bibletime.info
More information about the sword-devel
mailing list