X-Git-Url: http://ncurses.scripts.mit.edu/?p=ncurses.git;a=blobdiff_plain;f=ncurses%2Fbase%2Flib_screen.c;h=4aa58ea2a19c9caa51f9eb29ff7b49361c457d0c;hp=e6aecbdaab4782c90742331b1ca3a2c9b3277f9f;hb=11ca5f62994c7a14c4e500510bd242e1e721f8be;hpb=8f527f87c0b979d9c2598ef5c3394463af288468 diff --git a/ncurses/base/lib_screen.c b/ncurses/base/lib_screen.c index e6aecbda..4aa58ea2 100644 --- a/ncurses/base/lib_screen.c +++ b/ncurses/base/lib_screen.c @@ -1,5 +1,5 @@ /**************************************************************************** - * Copyright (c) 1998-2006,2007 Free Software Foundation, Inc. * + * Copyright (c) 1998-2007,2008 Free Software Foundation, Inc. * * * * Permission is hereby granted, free of charge, to any person obtaining a * * copy of this software and associated documentation files (the * @@ -29,12 +29,14 @@ /**************************************************************************** * Author: Zeyd M. Ben-Halim 1992,1995 * * and: Eric S. Raymond * - * and: Thomas E. Dickey 1996 on * + * and: Thomas E. Dickey 1996 on * ****************************************************************************/ #include -MODULE_ID("$Id: lib_screen.c,v 1.30 2007/03/10 23:20:41 tom Exp $") +MODULE_ID("$Id: lib_screen.c,v 1.31 2008/08/16 19:05:37 tom Exp $") + +#define MAX_SIZE 0x3fff /* 16k is big enough for a window or pad */ NCURSES_EXPORT(WINDOW *) getwin(FILE *filep) @@ -46,7 +48,11 @@ getwin(FILE *filep) clearerr(filep); (void) fread(&tmp, sizeof(WINDOW), 1, filep); - if (ferror(filep)) + if (ferror(filep) + || tmp._maxy == 0 + || tmp._maxy > MAX_SIZE + || tmp._maxx == 0 + || tmp._maxx > MAX_SIZE) returnWin(0); if (tmp._flags & _ISPAD) { @@ -115,7 +121,7 @@ putwin(WINDOW *win, FILE *filep) T((T_CALLED("putwin(%p,%p)"), win, filep)); if (win != 0) { - size_t len = (win->_maxx + 1); + size_t len = (size_t) (win->_maxx + 1); clearerr(filep); if (fwrite(win, sizeof(WINDOW), 1, filep) != 1