UnrealXR/raylib
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add security checks on file writting

Browse source
This commit is contained in:
Ray 2019-09-30 17:32:06 +02:00
parent a8e63b9724
commit df84f93938
2 changed files with 56 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

53
src/raudio.c
View file

@ -909,38 +909,41 @@ void ExportWaveAsCode(Wave wave, const char *fileName)
int dataSize = wave.sampleCount*wave.channels*wave.sampleSize/8; int dataSize = wave.sampleCount*wave.channels*wave.sampleSize/8;
FILE *txtFile = fopen(fileName, "wt"); FILE *txtFile = fopen(fileName, "wt");
fprintf(txtFile, "\n//////////////////////////////////////////////////////////////////////////////////\n"); if (txtFile != NULL)
fprintf(txtFile, "// //\n"); {
fprintf(txtFile, "// WaveAsCode exporter v1.0 - Wave data exported as an array of bytes //\n"); fprintf(txtFile, "\n//////////////////////////////////////////////////////////////////////////////////\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// more info and bugs-report: github.com/raysan5/raylib //\n"); fprintf(txtFile, "// WaveAsCode exporter v1.0 - Wave data exported as an array of bytes //\n");
fprintf(txtFile, "// feedback and support: ray[at]raylib.com //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// more info and bugs-report: github.com/raysan5/raylib //\n");
fprintf(txtFile, "// Copyright (c) 2018 Ramon Santamaria (@raysan5) //\n"); fprintf(txtFile, "// feedback and support: ray[at]raylib.com //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "//////////////////////////////////////////////////////////////////////////////////\n\n"); fprintf(txtFile, "// Copyright (c) 2018 Ramon Santamaria (@raysan5) //\n");
fprintf(txtFile, "// //\n");
fprintf(txtFile, "//////////////////////////////////////////////////////////////////////////////////\n\n");
#if !defined(RAUDIO_STANDALONE) #if !defined(RAUDIO_STANDALONE)
// Get file name from path and convert variable name to uppercase // Get file name from path and convert variable name to uppercase
strcpy(varFileName, GetFileNameWithoutExt(fileName)); strcpy(varFileName, GetFileNameWithoutExt(fileName));
for (int i = 0; varFileName[i] != '\0'; i++) if (varFileName[i] >= 'a' && varFileName[i] <= 'z') { varFileName[i] = varFileName[i] - 32; } for (int i = 0; varFileName[i] != '\0'; i++) if (varFileName[i] >= 'a' && varFileName[i] <= 'z') { varFileName[i] = varFileName[i] - 32; }
#else #else
strcpy(varFileName, fileName); strcpy(varFileName, fileName);
#endif #endif
fprintf(txtFile, "// Wave data information\n"); fprintf(txtFile, "// Wave data information\n");
fprintf(txtFile, "#define %s_SAMPLE_COUNT %i\n", varFileName, wave.sampleCount); fprintf(txtFile, "#define %s_SAMPLE_COUNT %i\n", varFileName, wave.sampleCount);
fprintf(txtFile, "#define %s_SAMPLE_RATE %i\n", varFileName, wave.sampleRate); fprintf(txtFile, "#define %s_SAMPLE_RATE %i\n", varFileName, wave.sampleRate);
fprintf(txtFile, "#define %s_SAMPLE_SIZE %i\n", varFileName, wave.sampleSize); fprintf(txtFile, "#define %s_SAMPLE_SIZE %i\n", varFileName, wave.sampleSize);
fprintf(txtFile, "#define %s_CHANNELS %i\n\n", varFileName, wave.channels); fprintf(txtFile, "#define %s_CHANNELS %i\n\n", varFileName, wave.channels);
// Write byte data as hexadecimal text // Write byte data as hexadecimal text
fprintf(txtFile, "static unsigned char %s_DATA[%i] = { ", varFileName, dataSize); fprintf(txtFile, "static unsigned char %s_DATA[%i] = { ", varFileName, dataSize);
for (int i = 0; i < dataSize - 1; i++) fprintf(txtFile, ((i%BYTES_TEXT_PER_LINE == 0)? "0x%x,\n" : "0x%x, "), ((unsigned char *)wave.data)[i]); for (int i = 0; i < dataSize - 1; i++) fprintf(txtFile, ((i%BYTES_TEXT_PER_LINE == 0)? "0x%x,\n" : "0x%x, "), ((unsigned char *)wave.data)[i]);
fprintf(txtFile, "0x%x };\n", ((unsigned char *)wave.data)[dataSize - 1]); fprintf(txtFile, "0x%x };\n", ((unsigned char *)wave.data)[dataSize - 1]);
fclose(txtFile); fclose(txtFile);
}
} }
// Play a sound // Play a sound

54
src/textures.c
View file

@ -849,38 +849,40 @@ void ExportImageAsCode(Image image, const char *fileName)
{ {
#define BYTES_TEXT_PER_LINE 20 #define BYTES_TEXT_PER_LINE 20
char varFileName[256] = { 0 };
int dataSize = GetPixelDataSize(image.width, image.height, image.format);
FILE *txtFile = fopen(fileName, "wt"); FILE *txtFile = fopen(fileName, "wt");
if (txtFile != NULL)
{
char varFileName[256] = { 0 };
int dataSize = GetPixelDataSize(image.width, image.height, image.format);
fprintf(txtFile, "\n"); fprintf(txtFile, "////////////////////////////////////////////////////////////////////////////////////////\n");
fprintf(txtFile, "////////////////////////////////////////////////////////////////////////////////////////\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// ImageAsCode exporter v1.0 - Image pixel data exported as an array of bytes //\n");
fprintf(txtFile, "// ImageAsCode exporter v1.0 - Image pixel data exported as an array of bytes //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// more info and bugs-report: github.com/raysan5/raylib //\n");
fprintf(txtFile, "// more info and bugs-report: github.com/raysan5/raylib //\n"); fprintf(txtFile, "// feedback and support: ray[at]raylib.com //\n");
fprintf(txtFile, "// feedback and support: ray[at]raylib.com //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "// Copyright (c) 2019 Ramon Santamaria (@raysan5) //\n");
fprintf(txtFile, "// Copyright (c) 2019 Ramon Santamaria (@raysan5) //\n"); fprintf(txtFile, "// //\n");
fprintf(txtFile, "// //\n"); fprintf(txtFile, "////////////////////////////////////////////////////////////////////////////////////////\n\n");
fprintf(txtFile, "////////////////////////////////////////////////////////////////////////////////////////\n\n");
// Get file name from path and convert variable name to uppercase // Get file name from path and convert variable name to uppercase
strcpy(varFileName, GetFileNameWithoutExt(fileName)); strcpy(varFileName, GetFileNameWithoutExt(fileName));
for (int i = 0; varFileName[i] != '\0'; i++) if ((varFileName[i] >= 'a') && (varFileName[i] <= 'z')) { varFileName[i] = varFileName[i] - 32; } for (int i = 0; varFileName[i] != '\0'; i++) if ((varFileName[i] >= 'a') && (varFileName[i] <= 'z')) { varFileName[i] = varFileName[i] - 32; }
// Add image information // Add image information
fprintf(txtFile, "// Image data information\n"); fprintf(txtFile, "// Image data information\n");
fprintf(txtFile, "#define %s_WIDTH %i\n", varFileName, image.width); fprintf(txtFile, "#define %s_WIDTH %i\n", varFileName, image.width);
fprintf(txtFile, "#define %s_HEIGHT %i\n", varFileName, image.height); fprintf(txtFile, "#define %s_HEIGHT %i\n", varFileName, image.height);
fprintf(txtFile, "#define %s_FORMAT %i // raylib internal pixel format\n\n", varFileName, image.format); fprintf(txtFile, "#define %s_FORMAT %i // raylib internal pixel format\n\n", varFileName, image.format);
fprintf(txtFile, "static unsigned char %s_DATA[%i] = { ", varFileName, dataSize); fprintf(txtFile, "static unsigned char %s_DATA[%i] = { ", varFileName, dataSize);
for (int i = 0; i < dataSize - 1; i++) fprintf(txtFile, ((i%BYTES_TEXT_PER_LINE == 0)? "0x%x,\n" : "0x%x, "), ((unsigned char *)image.data)[i]); for (int i = 0; i < dataSize - 1; i++) fprintf(txtFile, ((i%BYTES_TEXT_PER_LINE == 0)? "0x%x,\n" : "0x%x, "), ((unsigned char *)image.data)[i]);
fprintf(txtFile, "0x%x };\n", ((unsigned char *)image.data)[dataSize - 1]); fprintf(txtFile, "0x%x };\n", ((unsigned char *)image.data)[dataSize - 1]);
fclose(txtFile); fclose(txtFile);
}
} }
// Copy an image to a new image // Copy an image to a new image