diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-02-02 17:13:01 +0100 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-02-02 17:13:01 +0100 |
commit | ffa8801644a7d53cc1c785e3450f794c07a14eb0 (patch) | |
tree | 8d72a18a9a08b9151d12badcb1c78ce06a059f62 /backend/gt68xx.c | |
parent | 1687222e1b9e74c89cafbb5910e72d8ec7bfd40f (diff) |
New upstream version 1.0.29upstream/1.0.29
Diffstat (limited to 'backend/gt68xx.c')
-rw-r--r-- | backend/gt68xx.c | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/backend/gt68xx.c b/backend/gt68xx.c index fb3bfb4..00190fe 100644 --- a/backend/gt68xx.c +++ b/backend/gt68xx.c @@ -752,7 +752,7 @@ init_options (GT68xx_Scanner * s) /* calibration needed */ s->opt[OPT_NEED_CALIBRATION_SW].name = "need-calibration"; - s->opt[OPT_NEED_CALIBRATION_SW].title = SANE_I18N ("Need calibration"); + s->opt[OPT_NEED_CALIBRATION_SW].title = SANE_I18N ("Needs calibration"); s->opt[OPT_NEED_CALIBRATION_SW].desc = SANE_I18N ("The scanner needs calibration for the current settings"); s->opt[OPT_NEED_CALIBRATION_SW].type = SANE_TYPE_BOOL; s->opt[OPT_NEED_CALIBRATION_SW].unit = SANE_UNIT_NONE; @@ -947,25 +947,30 @@ download_firmware_file (GT68xx_Device * dev) if (strncmp (dev->model->firmware_name, PATH_SEP, 1) != 0) { /* probably filename only */ - snprintf (filename, PATH_MAX, "%s%s%s%s%s%s%s", + snprintf (filename, sizeof(filename), "%s%s%s%s%s%s%s", STRINGIFY (PATH_SANE_DATA_DIR), PATH_SEP, "sane", PATH_SEP, "gt68xx", PATH_SEP, dev->model->firmware_name); - snprintf (dirname, PATH_MAX, "%s%s%s%s%s", + snprintf (dirname, sizeof(dirname), "%s%s%s%s%s", STRINGIFY (PATH_SANE_DATA_DIR), PATH_SEP, "sane", PATH_SEP, "gt68xx"); - strncpy (basename, dev->model->firmware_name, PATH_MAX); + strncpy (basename, dev->model->firmware_name, sizeof(basename) - 1); + basename[sizeof(basename) - 1] = '\0'; } else { /* absolute path */ char *pos; - strncpy (filename, dev->model->firmware_name, PATH_MAX); - strncpy (dirname, dev->model->firmware_name, PATH_MAX); + strncpy (filename, dev->model->firmware_name, sizeof(filename) - 1); + filename[sizeof(filename) - 1] = '\0'; + strncpy (dirname, dev->model->firmware_name, sizeof(dirname) - 1); + dirname[sizeof(dirname) - 1] = '\0'; + pos = strrchr (dirname, PATH_SEP[0]); if (pos) pos[0] = '\0'; - strncpy (basename, pos + 1, PATH_MAX); + strncpy (basename, pos + 1, sizeof(basename) - 1); + basename[sizeof(basename) - 1] = '\0'; } /* first, try to open with exact case */ @@ -994,11 +999,16 @@ download_firmware_file (GT68xx_Device * dev) { direntry = readdir (dir); if (direntry - && (strncasecmp (direntry->d_name, basename, PATH_MAX) == - 0)) + && (strncasecmp (direntry->d_name, basename, PATH_MAX) == 0)) { - snprintf (filename, PATH_MAX, "%s%s%s", - dirname, PATH_SEP, direntry->d_name); + int len = snprintf (filename, sizeof(filename), "%s%s%s", + dirname, PATH_SEP, direntry->d_name); + if ((len < 0) || (len >= (int) sizeof(filename))) + { + DBG (5, "download_firmware: filepath `%s%s%s' too long\n", + dirname, PATH_SEP, direntry->d_name); + status = SANE_STATUS_INVAL; + } break; } } |