Fix (unreported) potential buffer overflow with BLO_library_path_explode() usage.

Also added warning to func doc, let's try to avoid this in future (for until we
pass string length systematically...).

3 files changed, 9 insertions, 5 deletions

diff --git a/source/blender/blenloader/intern/readfile.c b/source/blender/blenloader/intern/readfile.c
index 8e69408bfd8..323f0a93e05 100644
--- a/source/blender/blenloader/intern/readfile.c
+++ b/source/blender/blenloader/intern/readfile.c
@@ -1326,6 +1326,7 @@ bool BLO_has_bfile_extension(const char *str)
  *
  * \param path the full path to explode.
  * \param r_dir the string that'll contain path up to blend file itself ('library' path).
+ *              WARNING! Must be FILE_MAX_LIBEXTRA long (it also stores group and name strings)!
  * \param r_group the string that'll contain 'group' part of the path, if any. May be NULL.
  * \param r_name the string that'll contain data's name part of the path, if any. May be NULL.
  * \return true if path contains a blend file.
diff --git a/source/blender/editors/space_file/filelist.c b/source/blender/editors/space_file/filelist.c
index fc3341bfb92..5e9eb1f9207 100644
--- a/source/blender/editors/space_file/filelist.c
+++ b/source/blender/editors/space_file/filelist.c
@@ -624,7 +624,7 @@ static bool is_filtered_file(FileListInternEntry *file, const char *UNUSED(root)
 static bool is_filtered_lib(FileListInternEntry *file, const char *root, FileListFilter *filter)
 {
 	bool is_filtered;
-	char path[FILE_MAX_LIBEXTRA], dir[FILE_MAXDIR], *group, *name;
+	char path[FILE_MAX_LIBEXTRA], dir[FILE_MAX_LIBEXTRA], *group, *name;
 
 	BLI_join_dirfile(path, sizeof(path), root, file->relpath);
 
@@ -697,7 +697,7 @@ void filelist_filter(FileList *filelist)
 	if (filelist->max_recursion) {
 		/* Never show lib ID 'categories' directories when we are in 'flat' mode, unless
 		 * root path is a blend file. */
-		char dir[FILE_MAXDIR];
+		char dir[FILE_MAX_LIBEXTRA];
 		if (!filelist_islibrary(filelist, dir, NULL)) {
 			filelist->filter_data.flags |= FLF_HIDE_LIB_DIR;
 		}
@@ -947,7 +947,7 @@ static void filelist_checkdir_dir(struct FileList *UNUSED(filelist), char *r_dir
 
 static void filelist_checkdir_lib(struct FileList *UNUSED(filelist), char *r_dir)
 {
-	char dir[FILE_MAXDIR];
+	char dir[FILE_MAX_LIBEXTRA];
 	if (!BLO_library_path_explode(r_dir, dir, NULL, NULL)) {
 		/* if not a valid library, we need it to be a valid directory! */
 		BLI_make_exist(r_dir);
@@ -2113,6 +2113,7 @@ unsigned int filelist_entry_select_index_get(FileList *filelist, const int index
 	return 0;
 }
 
+/* WARNING! dir must be FILE_MAX_LIBEXTRA long! */
 bool filelist_islibrary(struct FileList *filelist, char *dir, char **group)
 {
 	return BLO_library_path_explode(filelist->filelist.root, dir, group, NULL);
@@ -2208,7 +2209,7 @@ static int filelist_readjob_list_lib(const char *root, ListBase *entries, const
 	FileListInternEntry *entry;
 	LinkNode *ln, *names;
 	int i, nnames, idcode = 0, nbr_entries = 0;
-	char dir[FILE_MAX], *group;
+	char dir[FILE_MAX_LIBEXTRA], *group;
 	bool ok;
 
 	struct BlendHandle *libfiledata = NULL;
diff --git a/source/blender/imbuf/intern/thumbs.c b/source/blender/imbuf/intern/thumbs.c
index 95d061bcb75..3629332a4ac 100644
--- a/source/blender/imbuf/intern/thumbs.c
+++ b/source/blender/imbuf/intern/thumbs.c
@@ -46,6 +46,8 @@
 
 #include "BLO_readfile.h"
 
+#include "DNA_space_types.h"  /* For FILE_MAX_LIBEXTRA */
+
 #include "IMB_imbuf_types.h"
 #include "IMB_imbuf.h"
 #include "IMB_thumbs.h"
@@ -533,7 +535,7 @@ ImBuf *IMB_thumb_manage(const char *org_path, ThumbSize size, ThumbSource source
 	char thumb_path[FILE_MAX];
 	char thumb_name[40];
 	char uri[URI_MAX];
-	char path_buff[FILE_MAX];
+	char path_buff[FILE_MAX_LIBEXTRA];
 	const char *file_path;
 	const char *path;
 	BLI_stat_t st;