diff options
| author | Louis Burda <quent.burda@gmail.com> | 2021-06-24 19:34:08 +0200 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2021-06-24 19:34:08 +0200 |
| commit | d1d4462f5661e0d15176375ec297b3c59d0896c3 (patch) | |
| tree | f29c860dea6b4364b579a17a0f1eca0ef5069cf1 /service/src/stlfile.c | |
| parent | 7cc88b34e67b3d35ca10bcbf8b393dbc2713b63e (diff) | |
| download | enowars5-service-stldoctor-d1d4462f5661e0d15176375ec297b3c59d0896c3.tar.gz enowars5-service-stldoctor-d1d4462f5661e0d15176375ec297b3c59d0896c3.zip | |
add more havocs to test stl parsing
Diffstat (limited to 'service/src/stlfile.c')
| -rw-r--r-- | service/src/stlfile.c | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/service/src/stlfile.c b/service/src/stlfile.c index 7b37df4..7c21849 100644 --- a/service/src/stlfile.c +++ b/service/src/stlfile.c @@ -203,6 +203,9 @@ parse_file_ascii(struct parseinfo *info, char *buf, size_t len) if (states.count) PARSE_FAIL("Expected keyword, got:\n%.*s...\n", 30, bp); + bp = skipws(bp); + if (*bp) PARSE_FAIL("Extraneous data at end of file\n"); + stack_free(&states); return OK; @@ -215,7 +218,7 @@ int parse_file_bin(struct parseinfo *info, char *buf, size_t len) { char *bp, *end = buf + len; - int i, k, m; + int i, k; float v; info->type = TYPE_BIN; @@ -225,11 +228,13 @@ parse_file_bin(struct parseinfo *info, char *buf, size_t len) memcpy(info->header, buf, 80); - if (strlen(buf + 1)) + if (*buf == '#' && strlen(buf + 1)) info->solidname = checkp(strdup(buf + 1)); bp = buf + 80; + info->loopcount = le32toh(*(uint32_t*)bp); + bp += 4; if (!info->loopcount) { memset(info->bbmax, 0, sizeof(float) * 3); @@ -245,17 +250,20 @@ parse_file_bin(struct parseinfo *info, char *buf, size_t len) for (i = 0; i < info->loopcount; i++) { if (bp + 50 > end) PARSE_FAIL("Truncated data! (loops missing)\n"); - bp += 12; - for (k = 0; k < 3; k++, bp += 12) { - for (m = 0; m < 3; m++) { - v = fle32toh(*(float*)(bp + 4 * m)); - info->bbmin[m] = MIN(info->bbmin[m], v); - info->bbmax[m] = MAX(info->bbmax[m], v); + for (k = 0; k < 12; k++, bp += 4) { + v = fle32toh(*(float*)bp); + if (v == INFINITY || v == NAN) + PARSE_FAIL("Encountered invalid float\n"); + if (k >= 3) { + info->bbmin[k % 3] = MIN(info->bbmin[k % 3], v); + info->bbmax[k % 3] = MAX(info->bbmax[k % 3], v); } } bp += 2; } + if (bp != end) PARSE_FAIL("Extraneous data at end of file\n"); + return OK; fail: @@ -271,8 +279,8 @@ parse_file(struct parseinfo *info, char *buf, size_t len) if (info->valid) free_info(info); - if (len < 7) { - printf("File too small!\n"); + if (len < 10) { + printf("ERR: File too small!\n"); return FAIL; } @@ -289,7 +297,7 @@ parse_file(struct parseinfo *info, char *buf, size_t len) if (!info->modelname) { resp = ask("Please enter your model name: "); if (strlen(resp) < 4) { - printf("Model name is too short!\n"); + printf("ERR: Model name is too short!\n"); return FAIL; } info->modelname = checkp(strdup(resp)); |