Fix for NULL pointer dereference when 'Default' title is selected

Contrary to the Toolbox manual, ColourDbox was taking a zero "max title length" field as the cue to substitute the title, followed by setting the title string pointer to NULL, trying to strlen() it, and ending up with the default from the Res file for this object. The code to look up the default title in the Messages was never called. Changed to follow the docs: a NULL title string pointer uses the default and no significance is attached to the max buffer length in that case. Messages file (which is now used as a result) changed to have the same default title as before. Thanks to Nick Roberts for spotting & testing this. Version 0.21. Tagged as 'ColourDbox-0_21'

Fix for NULL pointer dereference when 'Default' title is selected
Contrary to the Toolbox manual, ColourDbox was taking a zero "max title length" field as the cue to substitute the title, followed by setting the title string pointer to NULL, trying to strlen() it, and ending up with the default from the Res file for this object. The code to look up the default title in the Messages was never called. Changed to follow the docs: a NULL title string pointer uses the default and no significance is attached to the max buffer length in that case. Messages file (which is now used as a result) changed to have the same default title as before. Thanks to Nick Roberts for spotting & testing this. Version 0.21. Tagged as 'ColourDbox-0_21'
7845bbed · Robert Sprowson · 196e1eeb · 7845bbed · 7845bbed · 7845bbed
Commit 7845bbed authored 9 years ago by Robert Sprowson
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 30 deletions

Resources/UK/Messages Resources/UK/Messages +1 -1

VersionNum VersionNum +10 -10

c/create c/create +6 -19

No files found.
--- a/Resources/UK/Messages
+++ b/Resources/UK/Messages
@@ -5,4 +5,4 @@ E02:The allocated buffer is too short.
 E11:Task, %0, does not exist.
 E12:Method, %0, not recognised.
 E13:MiscOp Method, %0, not recognised.
-Title:Colour Selector
+Title:Colour choice
--- a/VersionNum
+++ b/VersionNum
-/* (0.20)
+/* (0.21)
 *
 * This file is automatically maintained by srccommit, do not edit manually.
 * Last processed by srccommit version: 1.1.
 *
 */
-#define Module_MajorVersion_CMHG        0.20
+#define Module_MajorVersion_CMHG        0.21
 #define Module_MinorVersion_CMHG        
-#define Module_Date_CMHG                18 Aug 2015
+#define Module_Date_CMHG                27 Oct 2015

-#define Module_MajorVersion             "0.20"
-#define Module_Version                  20
+#define Module_MajorVersion             "0.21"
+#define Module_Version                  21
 #define Module_MinorVersion             ""
-#define Module_Date                     "18 Aug 2015"
+#define Module_Date                     "27 Oct 2015"

-#define Module_ApplicationDate          "18-Aug-15"
+#define Module_ApplicationDate          "27-Oct-15"

 #define Module_ComponentName            "ColourDbox"
 #define Module_ComponentPath            "castle/RiscOS/Sources/Toolbox/ColourDbox"

-#define Module_FullVersion              "0.20"
-#define Module_HelpVersion              "0.20 (18 Aug 2015)"
-#define Module_LibraryVersionInfo       "0:20"
+#define Module_FullVersion              "0.21"
+#define Module_HelpVersion              "0.21 (27 Oct 2015)"
+#define Module_LibraryVersionInfo       "0:21"
--- a/c/create
+++ b/c/create
@@ -101,9 +101,8 @@ extern _kernel_oserror *create_object (_kernel_swi_regs *r, TaskDescriptor *t)
 */
   internal->x = -1; /* Rogue value */

-   if (!template->max_title) {
-      internal->title = NULL;
-   } else if (!template->title) {
+   if (!template->title) {
+      /* Provide a default title */
      if ((e = messages_file_lookup ("Title", 0, &buffer_size, 0)) != NULL)
         goto clearup1;

@@ -114,25 +113,13 @@ extern _kernel_oserror *create_object (_kernel_swi_regs *r, TaskDescriptor *t)
      if ((e = messages_file_lookup ("Title", internal->title, &buffer_size, 0)) !=NULL)
         goto clearup1;
   } else {
+      /* Caller provided their own title */
      if ((internal->title = mem_alloc (template->max_title)) == NULL) {
         e = make_error (ColourDbox_AllocFailed, 0);
         goto clearup1;
      }
      string_copy_chk (internal->title, template->title, template->max_title);
   }
-/* removed ...
-
-   if (!template->help_message || !template->max_help) {
-      internal->help_message = NULL;
-   } else {
-      if ((internal->help_message = mem_alloc (template->max_help)) == NULL) {
-         e = make_error (ColourDbox_AllocFailed, 0);
-         goto clearup1;
-      }
-      string_copy_chk (internal->help_message, template->help_message, template->max_help);
-   }
-   internal->max_help           = template->max_help;
-*/
   internal->max_title          = strlen(internal->title) + 1;
   if (template->max_title > internal->max_title) internal->max_title = template->max_title;
   internal->colour             = template->colour;
@@ -162,7 +149,7 @@ extern _kernel_oserror *create_object (_kernel_swi_regs *r, TaskDescriptor *t)

   return e;

-   clearup1:
-      mem_freek(internal);
-      return e;
+clearup1:
+   mem_freek(internal);
+   return e;
 }