From 0542dc1206fa35134e90d2bb40c67f97ed82b481 Mon Sep 17 00:00:00 2001
From: Jan Willamowius <jan@willamowius.de>
Date: 周一, 22 4月 2019 00:55:30 +0800
Subject: [PATCH] make sure there is room for nul byte

---
 src/library/LicenseReader.cpp |   70 ++++++++++++++++++++---------------
 1 files changed, 40 insertions(+), 30 deletions(-)

diff --git a/src/library/LicenseReader.cpp b/src/library/LicenseReader.cpp
index f9f7531..2c6a179 100644
--- a/src/library/LicenseReader.cpp
+++ b/src/library/LicenseReader.cpp
@@ -2,7 +2,7 @@
  * LicenseReader.cpp
  *
  *  Created on: Mar 30, 2014
- *      Author: devel
+ *      
  */
 
 #ifdef _WIN32
@@ -21,12 +21,13 @@
 #include "pc-identifiers.h"
 #include "LicenseReader.h"
 #include "base/StringUtils.h"
-#include "base/public-key.h"
+#include "base/logger.h"
+#include "public-key.h"
 #include <build_properties.h>
 
-#include "os/os-cpp.h"
-
 namespace license {
+
+const char *FullLicenseInfo::UNUSED_TIME = "0000-00-00";
 
 FullLicenseInfo::FullLicenseInfo(const string& source, const string& product,
 		const string& license_signature, int licenseVersion, string from_date,
@@ -49,8 +50,9 @@
 EventRegistry FullLicenseInfo::validate(int sw_version) {
 	EventRegistry er;
 	os_initialize();
-	bool sigVerified = OsFunctions::verifySignature(printForSign().c_str(),
+	FUNCTION_RETURN sigVer = verifySignature(printForSign().c_str(),
 			license_signature.c_str());
+	bool sigVerified = sigVer == FUNC_RET_OK;
 	if (sigVerified) {
 		er.addEvent(LICENSE_VERIFIED, SVRT_INFO);
 	} else {
@@ -67,7 +69,7 @@
 	}
 	if (has_client_sig) {
 		PcSignature str_code;
-		strncpy(str_code, client_signature.c_str(), sizeof(str_code));
+		strncpy(str_code, client_signature.c_str(), sizeof(str_code)-1);
 		EVENT_TYPE event = validate_pc_signature(str_code);
 		if (event != LICENSE_OK) {
 			er.addEvent(event, SVRT_ERROR);
@@ -87,9 +89,10 @@
 			license->expiry_date[0] = '\0';
 			license->days_left = 999999;
 		} else {
-			strncpy(license->expiry_date, to_date.c_str(), 11);
-			double secs = difftime(time(NULL),
-					seconds_from_epoch(to_date.c_str()));
+			strncpy(license->expiry_date, to_date.c_str(), 11-1);
+			double secs = difftime(
+				seconds_from_epoch(to_date.c_str()),
+				time(NULL));
 			license->days_left = (int) secs / 60 * 60 * 24;
 		}
 	}
@@ -150,15 +153,16 @@
 			string client_signature = trim_copy(
 					ini.GetValue(productNamePtr, "client_signature", ""));
 			/*client_signature.erase(
-					std::remove(client_signature.begin(), client_signature.end(), '-'),
-					client_signature.end());*/
+			 std::remove(client_signature.begin(), client_signature.end(), '-'),
+			 client_signature.end());*/
 			int from_sw_version = ini.GetLongValue(productNamePtr,
-					"from_sw_version", FullLicenseInfo::UNUSED_SOFTWARE_VERSION);
+					"from_sw_version",
+					FullLicenseInfo::UNUSED_SOFTWARE_VERSION);
 			int to_sw_version = ini.GetLongValue(productNamePtr,
 					"to_sw_version", FullLicenseInfo::UNUSED_SOFTWARE_VERSION);
 			FullLicenseInfo licInfo(*it, product, license_signature,
-					(int) license_version, from_date, to_date,
-					client_signature,from_sw_version,to_sw_version);
+					(int) license_version, from_date, to_date, client_signature,
+					from_sw_version, to_sw_version);
 			licenseInfoOut.push_back(licInfo);
 			atLeastOneLicenseComplete = true;
 		} else {
@@ -197,8 +201,7 @@
 				}
 			}
 		} else {
-			eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND, SVRT_WARN,
-					varName);
+			eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND, SVRT_WARN, varName);
 		}
 	}
 	return licenseFoundWithExplicitLocation;
@@ -223,19 +226,19 @@
 					for (auto it = existing_pos.begin();
 							it != existing_pos.end(); ++it) {
 						diskFiles.push_back(*it);
-						eventRegistry.addEvent(LICENSE_FILE_FOUND, SVRT_INFO, *it);
+						eventRegistry.addEvent(LICENSE_FILE_FOUND, SVRT_INFO,
+								*it);
 					}
 				} else {
-					eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND,
-							SVRT_WARN, env_var_value);
+					eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND, SVRT_WARN,
+							env_var_value);
 				}
 			} else {
 				eventRegistry.addEvent(ENVIRONMENT_VARIABLE_NOT_DEFINED,
 						SVRT_WARN);
 			}
 		} else {
-			eventRegistry.addEvent(ENVIRONMENT_VARIABLE_NOT_DEFINED,
-					SVRT_WARN);
+			eventRegistry.addEvent(ENVIRONMENT_VARIABLE_NOT_DEFINED, SVRT_WARN);
 		}
 	}
 	return licenseFileFoundWithEnvVariable;
@@ -247,17 +250,24 @@
 			diskFiles, eventRegistry);
 	bool foundNearModule = false;
 	if (licenseLocation.openFileNearModule) {
-		string temptativeLicense = OsFunctions::getModuleName() + ".lic";
-		ifstream f(temptativeLicense.c_str());
-		if (f.good()) {
-			foundNearModule = true;
-			diskFiles.push_back(temptativeLicense);
-			eventRegistry.addEvent(LICENSE_FILE_FOUND, SVRT_INFO, temptativeLicense);
+		char fname[MAX_PATH] = { 0 };
+		FUNCTION_RETURN fret = getModuleName(fname);
+		if (fret == FUNC_RET_OK) {
+			string temptativeLicense = string(fname) + ".lic";
+			ifstream f(temptativeLicense.c_str());
+			if (f.good()) {
+				foundNearModule = true;
+				diskFiles.push_back(temptativeLicense);
+				eventRegistry.addEvent(LICENSE_FILE_FOUND, SVRT_INFO,
+						temptativeLicense);
+			} else {
+				eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND, SVRT_WARN,
+						temptativeLicense);
+			}
+			f.close();
 		} else {
-			eventRegistry.addEvent(LICENSE_FILE_NOT_FOUND, SVRT_WARN,
-					temptativeLicense);
+			LOG_WARN("Error determining module name.");
 		}
-		f.close();
 	}
 	bool licenseFileFoundWithEnvVariable = findFileWithEnvironmentVariable(
 			diskFiles, eventRegistry);

--
Gitblit v1.9.1