Fix tree.c->tree_get_entry_at() buffer overflow

I observed a crash on buflib>move_block after dumping ram I noticed that the buffer for filetypes was being corrupted tree_get_entry_at returns a entry from the buflib 'tree entry' buffer filetree.c->ft_load writes data to this buffer before checking if it has reached the last entry resulting in buffer overflow that overwrites the next entry in the buffer ['filetypes'] Patch checks that the index passed to tree_get_entry_at() is in range otherwise it returns NULL Added checks + panic in other functions using tree_get_entry_at() Fixed tree_lock_cache() calls in playlist and filetree Change-Id: Ibf9e65652b4e00445e8e509629aebbcddffcfd4d
2018-12-13 10:39:49 -06:00 · 2018-12-13 10:39:49 -06:00 · 3f110daf30
commit 3f110daf30
parent ce0b31d87d
4 changed files with 58 additions and 27 deletions
--- a/apps/tree.h
+++ b/apps/tree.h
@ -105,7 +105,9 @@ struct tree_context {
 /*
 * Call one of the two below after yields since the entrys may move inbetween */
 struct entry* tree_get_entries(struct tree_context *t);
+/* returns NULL on invalid index */
 struct entry* tree_get_entry_at(struct tree_context *t, int index);
+
 void tree_mem_init(void) INIT_ATTR;
 void tree_gui_init(void) INIT_ATTR;
 char* get_current_file(char* buffer, size_t buffer_len);