gaim/www

update tags
default tip
2019-09-10, convert-repo
7d915c997ccd
update tags
diff -ruN gaim-0.81/src/gtkprefs.c gaim-0.81-patched/src/gtkprefs.c
--- gaim-0.81/src/gtkprefs.c 2004-07-27 20:07:02.000000000 -0400
+++ gaim-0.81-patched/src/gtkprefs.c 2004-08-23 22:23:20.464472424 -0400
@@ -523,7 +523,7 @@
void theme_install_theme(char *path, char *extn) {
#ifndef _WIN32
- gchar *command;
+ gchar *command, *escaped;
#endif
gchar *destdir;
gchar *tail;
@@ -544,7 +544,9 @@
* other platforms, if need be */
if (!g_ascii_strcasecmp(tail, ".gz") || !g_ascii_strcasecmp(tail, ".tgz")) {
#ifndef _WIN32
- command = g_strdup_printf("tar > /dev/null xzf \"%s\" -C %s", path, destdir);
+ escaped = g_shell_quote(path);
+ command = g_strdup_printf("tar > /dev/null xzf %s -C %s", escaped, destdir);
+ g_free(escaped);
#else
if(!wgaim_gz_untar(path, destdir)) {
g_free(destdir);
diff -ruN gaim-0.81/src/protocols/msn/object.c gaim-0.81-patched/src/protocols/msn/object.c
--- gaim-0.81/src/protocols/msn/object.c 2004-06-05 23:42:54.000000000 -0400
+++ gaim-0.81-patched/src/protocols/msn/object.c 2004-08-23 22:23:20.465472272 -0400
@@ -35,11 +35,18 @@
if ((tag = strstr(str, id "=\"")) != NULL) \
{ \
char buf[16]; \
+ size_t offset; \
tag += strlen(id "=\""); \
c = strchr(tag, '"'); \
- strncpy(buf, tag, c - tag); \
- buf[c - tag] = '\0'; \
- obj->field = atoi(buf); \
+ if (c != NULL) \
+ { \
+ memset(buf, 0, sizeof(buf)); \
+ offset = c - tag; \
+ if (offset >= sizeof(buf)) \
+ offset = sizeof(buf) - 1; \
+ strncpy(buf, tag, offset); \
+ obj->field = atoi(buf); \
+ } \
}
static GList *local_objs;
diff -ruN gaim-0.81/src/protocols/msn/slp.c gaim-0.81-patched/src/protocols/msn/slp.c
--- gaim-0.81/src/protocols/msn/slp.c 2004-06-14 22:37:25.000000000 -0400
+++ gaim-0.81-patched/src/protocols/msn/slp.c 2004-08-23 22:23:20.465472272 -0400
@@ -645,8 +645,11 @@
if ((c = strchr(status, '\r')) || (c = strchr(status, '\n')) ||
(c = strchr(status, '\0')))
{
- strncpy(temp, status, c - status);
- temp[c - status] = '\0';
+ size_t offset = c - status;
+ if (offset >= sizeof(temp))
+ offset = sizeof(temp) - 1;
+ strncpy(temp, status, offset);
+ temp[offset] = '\0';
}
gaim_debug_error("msn", "Received non-OK result: %s\n", temp);
diff -ruN gaim-0.81/src/protocols/novell/nmevent.c gaim-0.81-patched/src/protocols/novell/nmevent.c
--- gaim-0.81/src/protocols/novell/nmevent.c 2004-06-12 11:13:29.000000000 -0400
+++ gaim-0.81-patched/src/protocols/novell/nmevent.c 2004-08-23 22:32:49.957896264 -0400
@@ -27,6 +27,8 @@
#include "nmuserrecord.h"
#include "nmrtf.h"
+#define MAX_UINT32 0xFFFFFFFF
+
struct _NMEvent
{
@@ -147,6 +149,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -160,8 +164,9 @@
/* Read the message text */
if (rc == NM_OK) {
rc = nm_read_uint32(conn, &size);
- if (rc == NM_OK) {
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+ if (rc == NM_OK) {
msg = g_new0(char, size + 1);
rc = nm_read_all(conn, msg, size);
@@ -265,6 +270,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -273,6 +280,8 @@
/* Read the the message */
if (rc == NM_OK) {
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
msg = g_new0(char, size + 1);
rc = nm_read_all(conn, msg, size);
@@ -340,6 +349,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -390,6 +401,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -427,6 +440,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -475,6 +490,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -513,6 +530,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -570,6 +589,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
@@ -611,11 +632,11 @@
/* Read the status text */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
- if (size > 0) {
- text = g_new0(char, size + 1);
- rc = nm_read_all(conn, text, size);
- }
+ text = g_new0(char, size + 1);
+ rc = nm_read_all(conn, text, size);
}
}
@@ -649,6 +670,8 @@
/* Read the conference guid */
rc = nm_read_uint32(conn, &size);
+ if (size == MAX_UINT32) return NMERR_PROTOCOL;
+
if (rc == NM_OK) {
guid = g_new0(char, size + 1);
rc = nm_read_all(conn, guid, size);
diff -ruN gaim-0.81/src/protocols/novell/nmrtf.c gaim-0.81-patched/src/protocols/novell/nmrtf.c
--- gaim-0.81/src/protocols/novell/nmrtf.c 2004-06-12 11:13:29.000000000 -0400
+++ gaim-0.81-patched/src/protocols/novell/nmrtf.c 2004-08-23 22:31:54.135382576 -0400
@@ -506,9 +506,9 @@
gboolean param_set = FALSE;
gboolean is_neg = FALSE;
int param = 0;
- char *pch;
char keyword[30];
char parameter[20];
+ int i;
keyword[0] = '\0';
parameter[0] = '\0';
@@ -523,11 +523,11 @@
}
/* parse keyword */
- for (pch = keyword; isalpha(ch); rtf_get_char(ctx, &ch)) {
- *pch = (char) ch;
- pch++;
+ for (i = 0; isalpha(ch) && (i < sizeof(keyword) - 1); rtf_get_char(ctx, &ch)) {
+ keyword[i] = (char) ch;
+ i++;
}
- *pch = '\0';
+ keyword[i] = '\0';
/* check for '-' indicated a negative parameter value */
if (ch == '-') {
@@ -540,11 +540,11 @@
if (isdigit(ch)) {
param_set = TRUE;
- for (pch = parameter; isdigit(ch); rtf_get_char(ctx, &ch)) {
- *pch = (char) ch;
- pch++;
+ for (i = 0; isdigit(ch) && (i < sizeof(parameter) - 1); rtf_get_char(ctx, &ch)) {
+ parameter[i] = (char) ch;
+ i++;
}
- *pch = '\0';
+ parameter[i] = '\0';
ctx->param = param = atoi(parameter);
if (is_neg)
diff -ruN gaim-0.81/src/protocols/zephyr/zephyr.c gaim-0.81-patched/src/protocols/zephyr/zephyr.c
--- gaim-0.81/src/protocols/zephyr/zephyr.c 2004-07-27 20:51:27.000000000 -0400
+++ gaim-0.81-patched/src/protocols/zephyr/zephyr.c 2004-08-23 22:30:38.018954032 -0400
@@ -67,8 +67,8 @@
GSList *subscrips;
int last_id;
unsigned short port;
- char ourhost[MAXHOSTNAMELEN];
- char ourhostcanon[MAXHOSTNAMELEN];
+ char ourhost[HOST_NAME_MAX + 1];
+ char ourhostcanon[HOST_NAME_MAX + 1];
};
/* struct I need for zephyr_to_html */
@@ -860,19 +860,21 @@
/* XXX This code may not be Win32 clean */
struct hostent *hent;
- if (gethostname(zephyr->ourhost, sizeof(zephyr->ourhost)-1) == -1) {
+ if (gethostname(zephyr->ourhost, sizeof(zephyr->ourhost)) == -1) {
gaim_debug(GAIM_DEBUG_ERROR, "zephyr", "unable to retrieve hostname, %%host%% and %%canon%% will be wrong in subscriptions and have been set to unknown\n");
- g_stpcpy(zephyr->ourhost,"unknown");
- g_stpcpy(zephyr->ourhostcanon,"unknown");
+ g_strlcpy(zephyr->ourhost, "unknown", sizeof(zephyr->ourhost));
+ g_strlcpy(zephyr->ourhostcanon, "unknown", sizeof(zephyr->ourhostcanon));
return;
}
if (!(hent = gethostbyname(zephyr->ourhost))) {
gaim_debug(GAIM_DEBUG_ERROR,"zephyr", "unable to resolve hostname, %%canon%% will be wrong in subscriptions.and has been set to the value of %%host%%, %s\n",zephyr->ourhost);
- g_stpcpy(zephyr->ourhostcanon,zephyr->ourhost);
+ g_strlcpy(zephyr->ourhostcanon, zephyr->ourhost, sizeof(zephyr->ourhostcanon));
return;
}
- g_stpcpy(zephyr->ourhostcanon,hent->h_name);
+
+ g_strlcpy(zephyr->ourhostcanon, hent->h_name, sizeof(zephyr->ourhostcanon));
+
return;
}
diff -ruN gaim-0.81/src/util.c gaim-0.81-patched/src/util.c
--- gaim-0.81/src/util.c 2004-08-05 10:17:03.000000000 -0400
+++ gaim-0.81-patched/src/util.c 2004-08-23 22:51:18.928307136 -0400
@@ -2627,8 +2627,8 @@
* if we make sure that there is indeed a \n in our header.
*/
if (p && g_strstr_len(p, data_len - (p - data), "\n")) {
- sscanf(p, "Content-Length: %d", (int *)&content_len);
- gaim_debug_misc("parse_content_len", "parsed %d\n", content_len);
+ sscanf(p, "Content-Length: %u", (int *)&content_len);
+ gaim_debug_misc("parse_content_len", "parsed %u\n", content_len);
}
return content_len;
@@ -2752,7 +2752,14 @@
/* In with the new. */
gfud->data_len = content_len;
- gfud->webdata = g_malloc(gfud->data_len);
+ gfud->webdata = g_try_malloc(gfud->data_len);
+ if (gfud->webdata == NULL) {
+ gaim_debug_error("gaim_url_fetch", "Failed to allocate %u bytes: %s\n", gfud->data_len, strerror(errno));
+ gaim_input_remove(gfud->inpa);
+ close(sock);
+ gfud->callback(gfud->user_data, NULL, 0);
+ destroy_fetch_url_data(gfud);
+ }
}
else
gfud->newline = TRUE;
@@ -2839,11 +2846,18 @@
static char buf[BUF_LEN];
guint i, j = 0;
char *bum;
+ char hex[3];
g_return_val_if_fail(str != NULL, NULL);
+ /*
+ * XXX - This check could be removed and buf could be made
+ * dynamically allocated, but this is easier.
+ */
+ if (strlen(str) >= BUF_LEN)
+ return NULL;
+
for (i = 0; i < strlen(str); i++) {
- char hex[3];
if (str[i] != '%')
buf[j++] = str[i];