UPBGE: Add safety checks, fix potential buffer overflow and warnings

Author: lordloki

CMakeLists.txt

@@ -14,39 +14,28 @@ execute_process(COMMAND openssl rand -hex 16
                 OUTPUT_VARIABLE GENERATED_SALT
                 OUTPUT_STRIP_TRAILING_WHITESPACE)
 
-# -- Show values --
-message(STATUS "Generated Password: ${GENERATED_PW}")
-message(STATUS "Generated Salt HEX: ${GENERATED_SALT}")
-
 # -- Convert salt hex string to comma-separated bytes --
 string(REGEX REPLACE "([0-9a-fA-F][0-9a-fA-F])" "0x\\1, " SALT_BYTES "${GENERATED_SALT}")
 string(REGEX REPLACE ", $" "" SALT_BYTES "${SALT_BYTES}")  # remove trailing comma
 
 add_compile_definitions(ENCRYPTION_PASSWORD="${GENERATED_PW}")
 add_compile_definitions(ENCRYPTION_SALT=${SALT_BYTES})
 
-#add_compile_definitions(ENCRYPTION_PASSWORD="mi_contraseña_secreta")
+# -- To test own password and salt, uncomment the next lines --
+#add_compile_definitions(ENCRYPTION_PASSWORD="mi_secret_password")
 #add_compile_definitions(ENCRYPTION_SALT="0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F")
 
+# -- Show values --
+message(STATUS "Generated Password: ${GENERATED_PW}")
+message(STATUS "Generated Salt HEX: ${GENERATED_SALT}")
 message(STATUS "Salt bytes: ${SALT_BYTES}")
-message(STATUS "ENCRYPTION_PASSWORD: ${ENCRYPTION_PASSWORD}")
-message(STATUS "ENCRYPTION_SALT: ${ENCRYPTION_SALT}")
 
 add_subdirectory(aes)
 
-# Configuración para evitar conflictos de CRT
-if (MSVC)
-    set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>")
-endif()
-
 # --- upbge_binarycrypt_tool ---
-set(RAYLIB_INCLUDE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../Libs/raylib-5.5_win64_msvc16/include/" CACHE PATH "Path to raylib include")
-set(RAYLIB_LIB_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../Libs/raylib-5.5_win64_msvc16/lib/" CACHE PATH "Path to raylib lib")
-
 add_executable(upbge_binarycrypt_tool
     upbge_binarycrypt_tool/main_tool.c
 )
-
 target_include_directories(upbge_binarycrypt_tool PRIVATE ${RAYLIB_INCLUDE_DIR})
 target_link_directories(upbge_binarycrypt_tool PRIVATE ${RAYLIB_LIB_DIR})
 target_link_libraries(upbge_binarycrypt_tool PRIVATE raylib tiny_aes winmm)

cmake/Findraylib.cmake

@@ -0,0 +1,40 @@
+find_path(RAYLIB_INCLUDE_DIR raylib.h
+  HINTS
+    $ENV{RAYLIB_INCLUDE_DIR}
+    $ENV{RAYLIB_DIR}/include
+    ${CMAKE_PREFIX_PATH}/include
+    ${CMAKE_CURRENT_SOURCE_DIR}/../Libs/raylib-5.5_win64_msvc16/include
+    ENV PATH
+  PATH_SUFFIXES include
+)
+
+find_path (RAYLIB_LIB_DIR raylib.lib
+  HINTS
+    $ENV{RAYLIB_LIB_DIR}
+    $ENV{RAYLIB_DIR}/lib
+    ${CMAKE_PREFIX_PATH}/lib
+    ${CMAKE_CURRENT_SOURCE_DIR}/../Libs/raylib-5.5_win64_msvc16/lib
+    ENV PATH
+  PATH_SUFFIXES lib
+)
+
+find_library(RAYLIB_LIBRARY NAMES raylib
+  HINTS
+    $ENV{RAYLIB_LIBRARY_DIR}
+    $ENV{RAYLIB_DIR}/lib
+    ${CMAKE_PREFIX_PATH}/lib
+    ${CMAKE_CURRENT_SOURCE_DIR}/../Libs/raylib-5.5_win64_msvc16/lib
+    ENV PATH
+  PATH_SUFFIXES lib
+)
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(raylib DEFAULT_MSG RAYLIB_LIBRARY RAYLIB_INCLUDE_DIR)
+
+if(raylib_FOUND)
+  add_library(raylib::raylib UNKNOWN IMPORTED)
+  set_target_properties(raylib::raylib PROPERTIES
+    IMPORTED_LOCATION "${RAYLIB_LIBRARY}"
+    INTERFACE_INCLUDE_DIRECTORIES "${RAYLIB_INCLUDE_DIR}"
+  )
+endif()

cmake/raylib-config.cmake

@@ -0,0 +1,81 @@
+# - Try to find raylib
+# Options:
+#   raylib_USE_STATIC_LIBS - ON by default
+#   raylib_VERBOSE         - OFF by default
+# Once done, this defines a raylib target that can be passed to
+# target_link_libraries as well as following variables:
+#
+#   raylib_FOUND - System has raylib installed
+#   raylib_INCLUDE_DIRS - The include directories for the raylib header(s)
+#   raylib_LIBRARIES - The libraries needed to use raylib
+#   raylib_LDFLAGS - The linker flags needed with raylib
+#   raylib_DEFINITIONS - Compiler switches required for using raylib
+
+option(raylib_USE_STATIC_LIBS "Use static libs" ON)
+option(raylib_VERBOSE "Show raylib verbose messages" OFF)
+
+if (NOT TARGET raylib)
+    set(XPREFIX PC_RAYLIB)
+
+    find_package(PkgConfig QUIET)
+    pkg_check_modules(${XPREFIX} QUIET raylib)
+
+    if (raylib_USE_STATIC_LIBS)
+        set(XPREFIX ${XPREFIX}_STATIC)
+    endif()
+
+    set(raylib_DEFINITIONS ${${XPREFIX}_CFLAGS})
+
+    find_path(raylib_INCLUDE_DIR
+        NAMES raylib.h
+        HINTS ${${XPREFIX}_INCLUDE_DIRS} ${raylib_DIR}/../../../include/
+    )
+
+
+    if (raylib_USE_STATIC_LIBS)
+        set(RAYLIB_NAMES libraylib.a raylib.lib)
+    else ()
+        set(RAYLIB_NAMES raylib)
+    endif ()
+
+    find_library(raylib_LIBRARY
+        NAMES ${RAYLIB_NAMES}
+        HINTS ${${XPREFIX}_LIBRARY_DIRS} ${raylib_DIR}/../../
+    )
+
+    set(raylib_LIBRARIES    ${raylib_LIBRARY})
+    set(raylib_INCLUDE_DIRS ${raylib_INCLUDE_DIR})
+    set(raylib_LDFLAGS      ${${XPREFIX}_LDFLAGS})
+
+    include(FindPackageHandleStandardArgs)
+    find_package_handle_standard_args(raylib DEFAULT_MSG
+        raylib_LIBRARY
+        raylib_INCLUDE_DIR
+    )
+
+    mark_as_advanced(raylib_LIBRARY raylib_INCLUDE_DIR)
+
+    if (raylib_USE_STATIC_LIBS)
+      add_library(raylib STATIC IMPORTED GLOBAL)
+    else()
+      add_library(raylib SHARED IMPORTED GLOBAL)
+    endif()
+    string (REPLACE ";" " " raylib_LDFLAGS "${raylib_LDFLAGS}")
+
+    set_target_properties(raylib
+      PROPERTIES
+      IMPORTED_LOCATION             "${raylib_LIBRARIES}"
+      IMPORTED_IMPLIB               "${raylib_LIBRARIES}"
+      INTERFACE_INCLUDE_DIRECTORIES "${raylib_INCLUDE_DIRS}"
+      INTERFACE_LINK_LIBRARIES      "${raylib_LDFLAGS}"
+      INTERFACE_COMPILE_OPTIONS     "${raylib_DEFINITIONS}"
+    )
+
+    if (raylib_VERBOSE)
+      message(STATUS "raylib_FOUND: ${raylib_FOUND}")
+      message(STATUS "raylib_INCLUDE_DIRS: ${raylib_INCLUDE_DIRS}")
+      message(STATUS "raylib_LIBRARIES: ${raylib_LIBRARIES}")
+      message(STATUS "raylib_LDFLAGS: ${raylib_LDFLAGS}")
+      message(STATUS "raylib_DEFINITIONS: ${raylib_DEFINITIONS}")
+    endif()
+endif()

upbge_binarycrypt_launcher/main_launcher.c

@@ -1,7 +1,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <errno.h>
 #include "aes.h"
 
 #define SALT_LEN 16
@@ -18,9 +17,10 @@ void derive_key(uint8_t *key_out) {
 static int decrypt_file(const char *input, const char *output) {
     FILE *fin = fopen(input, "rb");
     if (!fin) {
-        fprintf(stderr, "Error al abrir archivo de entrada '%s': %s\n", input, strerror(errno));
+        fprintf(stderr, "Error opening input file '%s'\n", input);
         return 1;
     }
+
     fseek(fin, 0, SEEK_END);
     long len = ftell(fin);
     rewind(fin);
@@ -83,7 +83,7 @@ static int decrypt_file(const char *input, const char *output) {
 
     FILE *fout = fopen(output, "wb");
     if (!fout) {
-        fprintf(stderr, "Error al abrir archivo de salida '%s': %s\n", output, strerror(errno));
+        fprintf(stderr, "Error al abrir archivo de salida '%s'\n", output);
         free(buffer);
         return 1;
     }
@@ -116,7 +116,7 @@ int main(void) {
     const char *decrypted = "game_decrypted.blend";
 
     if (decrypt_file(encrypted, decrypted)) {
-        fprintf(stderr, "Error encriptando el archivo. No se lanza el blenderplayer: %s\n", strerror(errno));
+        fprintf(stderr, "Error encriptando el archivo. No se lanza el blenderplayer\n");
         return 1;
     }
 

upbge_binarycrypt_tool/main_tool.c

@@ -15,39 +15,85 @@ static void derive_key(uint8_t *key_out) {
     }
 }
 
-static void encrypt_file(const char *input, const char *output) {
-    FILE *fin = fopen(input, "rb");
+static void encrypt_file(const char* input, const char* output) {
+    // Validate input parameters
+    if (!input || !output) return;
+
+    // Open input file
+    FILE* fin = fopen(input, "rb");
     if (!fin) return;
-    fseek(fin, 0, SEEK_END);
+
+    // Get file size with error checking
+    if (fseek(fin, 0, SEEK_END)) {
+        fclose(fin);
+        return;
+    }
+
     long len = ftell(fin);
     rewind(fin);
 
-    uint8_t *buffer = malloc(len);
-    fread(buffer, 1, len, fin);
+    // Validate file length (must be positive)
+    if (len <= 0) {
+        fclose(fin);
+        return;
+    }
+
+    // Allocate buffer for file content
+    uint8_t* buffer = malloc((size_t)len);
+    if (!buffer) {
+        fclose(fin);
+        return;
+    }
+
+    // Read entire file with complete verification
+    size_t bytes_read = fread(buffer, 1, (size_t)len, fin);
     fclose(fin);
+    if (bytes_read != (size_t)len) {
+        free(buffer);
+        return;
+    }
 
-    // Calculate padding PKCS#7
+    // Calculate PKCS#7 padding
     int padding = 16 - (len % 16);
-    if (padding == 0) padding = 16;  // Add complete padding always
+    if (padding == 0) padding = 16;  // Always add full block when aligned
+
+    // Check for potential integer overflow
+    if (len > LONG_MAX - padding) {
+        free(buffer);
+        return;
+    }
     long padded_len = len + padding;
 
-    uint8_t *buffer_padded = malloc(padded_len);
-    memcpy(buffer_padded, buffer, len);
-    memset(buffer_padded + len, padding, padding); // Filled with value 'padding'
+    // Allocate and prepare padded buffer
+    uint8_t* buffer_padded = malloc((size_t)padded_len);
+    if (!buffer_padded) {
+        free(buffer);
+        return;
+    }
+
+    // Copy original data and apply padding
+    memcpy(buffer_padded, buffer, (size_t)len);
+    memset(buffer_padded + len, (uint8_t)padding, (size_t)padding);
 
+    // Initialize AES context
     struct AES_ctx ctx;
     uint8_t key[32];
     derive_key(key);
     AES_init_ctx(&ctx, key);
 
+    // Encrypt each 16-byte block
     for (long i = 0; i < padded_len; i += 16) {
         AES_ECB_encrypt(&ctx, buffer_padded + i);
     }
 
-    FILE *fout = fopen(output, "wb");
-    fwrite(buffer_padded, 1, padded_len, fout);
-    fclose(fout);
+    // Write encrypted data to output file
+    FILE* fout = fopen(output, "wb");
+    if (fout) {
+        fwrite(buffer_padded, 1, (size_t)padded_len, fout);
+        fclose(fout);
+    }
 
+    // Clean up allocated memory
     free(buffer);
     free(buffer_padded);
 }
@@ -61,7 +107,7 @@ int main(void) {
     const char *inputFile = "game.blend";
     const char *outputFile = "game_encrypted.block";
 
-    Rectangle button = { screenWidth/2 - 100, screenHeight/2 - 25, 200, 50 };
+    Rectangle button = { (float)(screenWidth / 2 - 100), (float)(screenHeight / 2 - 25), 200.0f, 50.0f };
 
     SetTargetFPS(60);
     while (!WindowShouldClose()) {
@@ -77,7 +123,7 @@ int main(void) {
         } else {
             DrawRectangleRec(button, GRAY);
         }
-        DrawText("Encrypt", button.x + 60, button.y + 15, 20, BLACK);
+        DrawText("Encrypt", (int)button.x + 60, (int)button.y + 15, 20, BLACK);
 
         EndDrawing();
     }