eion/purple-hangouts

Fix various bugs in http.c from static analysis
draft
2018-10-24, Eion Robb
030e64028291
Parents 00ee0103bd61
Children 049ac73c448d
Fix various bugs in http.c from static analysis
1 files changed, 34 insertions(+), 9 deletions(-)
  • +34 -9
    purple2compat/http.c
    • --- a/purple2compat/http.c Tue Oct 16 14:07:04 2018 -0500
    +++ b/purple2compat/http.c Wed Oct 24 17:10:23 2018 +1300
    @@ -48,7 +48,7 @@
    #define PURPLE_HTTP_REQUEST_DEFAULT_MAX_REDIRECTS 20
    #define PURPLE_HTTP_REQUEST_DEFAULT_TIMEOUT 30
    #define PURPLE_HTTP_REQUEST_DEFAULT_MAX_LENGTH 1048576
    -#define PURPLE_HTTP_REQUEST_HARD_MAX_LENGTH G_MAXINT32-1
    +#define PURPLE_HTTP_REQUEST_HARD_MAX_LENGTH (G_MAXINT32 - 1)
    #define PURPLE_HTTP_PROGRESS_WATCHER_DEFAULT_INTERVAL 250000
    @@ -329,15 +329,17 @@
    d_year, month, d_date, d_time);
    g_free(d_date);
    - g_free(d_month);
    g_free(d_year);
    g_free(d_time);
    if (month > 12) {
    purple_debug_warning("http", "Invalid month: %s\n", d_month);
    + g_free(d_month);
    g_free(iso_date);
    return 0;
    }
    +
    + g_free(d_month);
    t = purple_str_to_time(iso_date, TRUE, NULL, NULL, NULL);
    @@ -432,6 +434,7 @@
    "Decompression failed (%d): %s\n", gzres,
    zs->msg);
    gzs->failed = TRUE;
    + g_string_free(ret, TRUE);
    return NULL;
    }
    }
    @@ -714,6 +717,21 @@
    purple_http_conn_cancel(hc);
    }
    +#ifdef _WIN32
    +#include <windows.h>
    +#endif
    +
    +static void memset_zero(gpointer pnt, gsize len)
    +{
    + volatile unsigned char *volatile pnt_ =
    + (volatile unsigned char *volatile) pnt;
    + size_t i = (size_t) 0U;
    +
    + while (i < len) {
    + pnt_[i++] = 0U;
    + }
    +}
    +
    static void _purple_http_gen_headers(PurpleHttpConnection *hc)
    {
    GString *h;
    @@ -777,7 +795,7 @@
    purple_http_request_is_method(req, "post")))
    {
    g_string_append_printf(h, "Content-Length: %u\r\n",
    - req->contents_length);
    + (guint) req->contents_length);
    }
    if (proxy_http)
    @@ -795,7 +813,7 @@
    tmp = g_strdup_printf("%s:%s", proxy_username, proxy_password);
    len = strlen(tmp);
    proxy_auth = purple_base64_encode((const guchar *)tmp, len);
    - memset(tmp, 0, len);
    + memset_zero(tmp, len);
    g_free(tmp);
    ntlm_type1 = purple_ntlm_gen_type1(purple_get_host_name(), "");
    @@ -806,7 +824,7 @@
    ntlm_type1);
    g_string_append(h, "Proxy-Connection: close\r\n"); /* TEST: proxy+KeepAlive */
    - memset(proxy_auth, 0, strlen(proxy_auth));
    + memset_zero(proxy_auth, strlen(proxy_auth));
    g_free(proxy_auth);
    g_free(ntlm_type1);
    }
    @@ -1425,6 +1443,10 @@
    if (hc->response_buffer)
    g_string_free(hc->response_buffer, TRUE);
    hc->response_buffer = NULL;
    +
    + if (hc->gz_stream)
    + purple_http_gz_free(hc->gz_stream);
    + hc->gz_stream = NULL;
    if (hc->socket_request)
    purple_http_keepalive_pool_request_cancel(hc->socket_request);
    @@ -2025,7 +2047,7 @@
    gchar *escaped_name = g_strdup(purple_url_encode(name));
    gchar *escaped_value = NULL;
    - if (escaped_value) {
    + if (value) {
    escaped_value = g_strdup(purple_url_encode(value));
    }
    @@ -3077,7 +3099,9 @@
    if (parsed_url->username || parsed_url->password) {
    if (parsed_url->username)
    g_string_append(url, parsed_url->username);
    - g_string_append_printf(url, ":%s", parsed_url->password);
    + g_string_append_c(url, ':');
    + if (parsed_url->password)
    + g_string_append(url, parsed_url->password);
    g_string_append(url, "@");
    before_host_printed = TRUE;
    }
    @@ -3223,8 +3247,9 @@
    g_regex_unref(purple_http_re_rfc1123);
    purple_http_re_rfc1123 = NULL;
    - g_list_foreach(purple_http_hc_list, purple_http_foreach_conn_cancel,
    - NULL);
    + if (purple_http_hc_list != NULL) {
    + g_list_foreach(purple_http_hc_list, purple_http_foreach_conn_cancel, NULL);
    + }
    if (purple_http_hc_list != NULL ||
    0 != g_hash_table_size(purple_http_hc_by_ptr) ||