]> git.ipfire.org Git - thirdparty/open-vm-tools.git/commitdiff
projects / thirdparty / open-vm-tools.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e3639cf)
Fix ASSERT in string.cc:80
authorVMware, Inc <>
Sat, 28 May 2011 19:27:44 +0000 (12:27 -0700)
committerMarcelo Vanzin <mvanzin@vmware.com>
Sat, 28 May 2011 19:27:44 +0000 (12:27 -0700)
The reason for the bug is that we assume that there should be ending
NULL for any text clipboard, but for clipboard data from old guest
(win95/98), the text may be not NULL terminated, and caused problem.
The fix is to always attach NULL for any clipboard buffer.

Signed-off-by: Marcelo Vanzin <mvanzin@vmware.com>
open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c patch | blob | blame | history

diff --git a/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c b/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c
index 9940362a785554daa123458888804e9c348902a8..c4523caeebf7685c3cf8d1801b639fa8356f2db0 100644 (file)
--- a/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c
+++ b/open-vm-tools/services/plugins/dndcp/dnd/dndClipboard.c
@@ -115,11 +115,12 @@ CPClipItemCopy(CPClipItem *dest,        // IN: dest clipboard item
 
    if (src->buf) {
       void *tmp = dest->buf;
-      dest->buf = realloc(dest->buf, src->size);
+      dest->buf = realloc(dest->buf, src->size + 1);
       if (!dest->buf) {
          dest->buf = tmp;
          return FALSE;
       }
+      ((uint8 *)dest->buf)[src->size] = 0;
       memcpy(dest->buf, src->buf, src->size);
    }
 
@@ -244,7 +245,7 @@ CPClipboard_SetItem(CPClipboard *clip,          // IN/OUT: the clipboard
                     const size_t size)          // IN: the item size
 {
    CPClipItem *item;
-   void *newBuf = NULL;
+   uint8 *newBuf = NULL;
    /*
     * Image, rtf and text may be put into a clipboard at same time, and total
     * size may be more than limit. Image data will be first dropped, then
@@ -274,16 +275,18 @@ CPClipboard_SetItem(CPClipboard *clip,          // IN/OUT: the clipboard
       if (CPFORMAT_TEXT == fmt) {
          char *str = (char *)clipitem;
          if (!Unicode_IsBufferValid(str,
-                                    strlen(str),
+                                    size,
                                     STRING_ENCODING_UTF8)) {
             return FALSE;
          }
       }
-      newBuf = malloc(size);
+
+      newBuf = malloc(size + 1);
       if (!newBuf) {
          return FALSE;
       }
       memcpy(newBuf, clipitem, size);
+      newBuf[size] = 0;
    }
 
    item->buf = newBuf;
Mirror of https://github.com/vmware/open-vm-tools.git