Fixed buffer overflow when some directories can't be scanned

Also changed other occurences of the same situation to use the same checking method (>= rather than a +1) for consistency. Fixes bug #2981704.
2010-04-28 10:08:45 +02:00 · 2010-04-28 10:08:45 +02:00 · c68a229e09
--- a/1
+++ b/1
@ -2,6 +2,7 @@ git - ?
 	- List the detected hard links in file info window
 	- Count the size a hard linked file once for each directory it appears in
 	- Fixed crash on browsing dirs with a small window size (#2991787)
+	- Fixed buffer overflow when some directories can't be scanned (#2981704)
 	- Improved browsing performance
 	- Various minor fixes

--- a/src/calc.c
+++ b/src/calc.c
@ -247,7 +247,7 @@ int calc_dir(struct dir *dest, char *name) {

  /* open & chdir into directory */
  if((dir = opendir(name)) == NULL || chdir(name) < 0) {
-    if(lasterrl < (int)strlen(curpath)) {
+    if(lasterrl <= (int)strlen(curpath)) {
      lasterrl = strlen(curpath)+1;
      lasterr = realloc(lasterr, lasterrl);
    }
@ -465,7 +465,7 @@ int calc_process() {

  /* update curpath */
  if(strcmp(name, ".")) {
-    if((int)strlen(path)+1 > curpathl) {
+    if(curpathl <= (int)strlen(path)) {
      curpathl = strlen(path)+1;
      curpath = realloc(curpath, curpathl);
    }
@ -532,7 +532,7 @@ void calc_init(char *dir, struct dir *org) {
  if(curpathl == 0) {
    curpathl = strlen(dir)+1;
    curpath = malloc(curpathl);
-  } else if(curpathl < (int)strlen(dir)+1) {
+  } else if(curpathl <= (int)strlen(dir)) {
    curpathl = strlen(dir)+1;
    curpath = realloc(curpath, curpathl);
  }