소스 검색

REVIEWED: `DecompressData()`, fixed buffer copying

pull/5170/head
Ray 1 개월 전
부모
커밋
ba046a5d60
1개의 변경된 파일5개의 추가작업 그리고 5개의 파일을 삭제
  1. +5
    -5
      src/rcore.c

+ 5
- 5
src/rcore.c 파일 보기

@ -2563,19 +2563,19 @@ unsigned char *DecompressData(const unsigned char *compData, int compDataSize, i
#if defined(SUPPORT_COMPRESSION_API)
// Decompress data from a valid DEFLATE stream
unsigned char *data0 = (unsigned char *)RL_CALLOC(MAX_DECOMPRESSION_SIZE*1024*1024, 1);
int length = sinflate(data, MAX_DECOMPRESSION_SIZE*1024*1024, compData, compDataSize);
int size = sinflate(data0, MAX_DECOMPRESSION_SIZE*1024*1024, compData, compDataSize);
// WARNING: RL_REALLOC can make (and leave) data copies in memory,
// that can be a security concern in case of compression of sensitive data
// So, we use a second buffer to copy data manually, wiping original buffer memory
data = (unsigned char *)RL_CALLOC(length, 1);
memcpy(data, data0, length);
data = (unsigned char *)RL_CALLOC(size, 1);
memcpy(data, data0, size);
memset(data0, 0, MAX_DECOMPRESSION_SIZE*1024*1024); // Wipe memory, is memset() safe?
RL_FREE(data0);
TRACELOG(LOG_INFO, "SYSTEM: Decompress data: Comp. size: %i -> Original size: %i", compDataSize, length);
TRACELOG(LOG_INFO, "SYSTEM: Decompress data: Comp. size: %i -> Original size: %i", compDataSize, size);
*dataSize = length;
*dataSize = size;
#endif
return data;

불러오는 중...
취소
저장