127 lines
4.2 KiB
Plaintext
127 lines
4.2 KiB
Plaintext
$OpenBSD: patch-bitlbee_c,v 1.2 2004/10/21 14:48:51 naddy Exp $
|
|
--- bitlbee.c.orig Wed Jul 21 09:36:07 2004
|
|
+++ bitlbee.c Fri Oct 15 14:43:15 2004
|
|
@@ -306,7 +306,7 @@ int bitlbee_load( irc_t *irc, char* pass
|
|
if( irc->status == USTATUS_IDENTIFIED )
|
|
return( 1 );
|
|
|
|
- g_snprintf( s, 511, "%s%s%s", global.conf->configdir, irc->nick, ".accounts" );
|
|
+ g_snprintf( s, sizeof(s), "%s%s%s", global.conf->configdir, irc->nick, ".accounts" );
|
|
fp = fopen( s, "r" );
|
|
if( !fp ) return( 0 );
|
|
|
|
@@ -318,6 +318,7 @@ int bitlbee_load( irc_t *irc, char* pass
|
|
account command will not work otherwise. */
|
|
irc->status = USTATUS_IDENTIFIED;
|
|
|
|
+ COMPILE_TIME_ASSERT(511 < sizeof(s));
|
|
while( fscanf( fp, "%511[^\n]s", s ) > 0 )
|
|
{
|
|
fgetc( fp );
|
|
@@ -327,7 +328,7 @@ int bitlbee_load( irc_t *irc, char* pass
|
|
}
|
|
fclose( fp );
|
|
|
|
- g_snprintf( s, 511, "%s%s%s", global.conf->configdir, irc->nick, ".nicks" );
|
|
+ g_snprintf( s, sizeof(s), "%s%s%s", global.conf->configdir, irc->nick, ".nicks" );
|
|
fp = fopen( s, "r" );
|
|
if( !fp ) return( 0 );
|
|
while( fscanf( fp, "%s %d %s", s, &proto, nick ) > 0 )
|
|
@@ -339,7 +340,7 @@ int bitlbee_load( irc_t *irc, char* pass
|
|
|
|
if( set_getint( irc, "auto_connect" ) )
|
|
{
|
|
- strcpy( s, "account on" ); /* Can't do this directly because r_c_s alters the string */
|
|
+ strlcpy( s, "account on", sizeof(s) ); /* Can't do this directly because r_c_s alters the string */
|
|
root_command_string( irc, ru, s );
|
|
}
|
|
|
|
@@ -380,15 +381,15 @@ int bitlbee_save( irc_t *irc )
|
|
return( 0 );
|
|
}
|
|
|
|
- g_snprintf( path, 511, "%s%s%s", global.conf->configdir, irc->nick, ".nicks~" );
|
|
+ g_snprintf( path, sizeof(s), "%s%s%s", global.conf->configdir, irc->nick, ".nicks~" );
|
|
fp = fopen( path, "w" );
|
|
if( !fp ) return( 0 );
|
|
for( n = irc->nicks; n; n = n->next )
|
|
{
|
|
- strcpy( s, n->handle );
|
|
- s[169] = 0; /* Prevent any overflow (169 ~ 512 / 3) */
|
|
- http_encode( s );
|
|
- g_snprintf( s + strlen( s ), 510 - strlen( s ), " %d %s", n->proto, n->nick );
|
|
+ strlcpy( s, n->handle, sizeof(s) );
|
|
+ s[sizeof(s)/3] = 0; /* Prevent any overflow (169 ~ 512 / 3) */
|
|
+ http_encode( s, sizeof(s) );
|
|
+ g_snprintf( s + strlen( s ), sizeof(s) - strlen( s ), " %d %s", n->proto, n->nick );
|
|
if( fprintf( fp, "%s\n", s ) != strlen( s ) + 1 )
|
|
{
|
|
irc_usermsg( irc, "fprintf() wrote too little. Disk full?" );
|
|
@@ -398,7 +399,7 @@ int bitlbee_save( irc_t *irc )
|
|
}
|
|
fclose( fp );
|
|
|
|
- g_snprintf( new_path, 512, "%s%s%s", global.conf->configdir, irc->nick, ".nicks" );
|
|
+ g_snprintf( new_path, sizeof(new_path), "%s%s%s", global.conf->configdir, irc->nick, ".nicks" );
|
|
if( unlink( new_path ) != 0 )
|
|
{
|
|
if( errno != ENOENT )
|
|
@@ -413,7 +414,7 @@ int bitlbee_save( irc_t *irc )
|
|
return( 0 );
|
|
}
|
|
|
|
- g_snprintf( path, 511, "%s%s%s", global.conf->configdir, irc->nick, ".accounts~" );
|
|
+ g_snprintf( path, sizeof(path), "%s%s%s", global.conf->configdir, irc->nick, ".accounts~" );
|
|
fp = fopen( path, "w" );
|
|
if( !fp ) return( 0 );
|
|
if( fprintf( fp, "%s", hash ) != strlen( hash ) )
|
|
@@ -481,7 +482,7 @@ int bitlbee_save( irc_t *irc )
|
|
}
|
|
fclose( fp );
|
|
|
|
- g_snprintf( new_path, 512, "%s%s%s", global.conf->configdir, irc->nick, ".accounts" );
|
|
+ g_snprintf( new_path, sizeof(new_path), "%s%s%s", global.conf->configdir, irc->nick, ".accounts" );
|
|
if( unlink( new_path ) != 0 )
|
|
{
|
|
if( errno != ENOENT )
|
|
@@ -565,8 +566,9 @@ void http_decode( char *s )
|
|
{
|
|
char *t;
|
|
int i, j, k;
|
|
+ size_t s_len = strlen(s) + 1;
|
|
|
|
- t = bitlbee_alloc( strlen( s ) + 1 );
|
|
+ t = bitlbee_alloc(s_len);
|
|
|
|
for( i = j = 0; s[i]; i ++, j ++ )
|
|
{
|
|
@@ -590,24 +592,24 @@ void http_decode( char *s )
|
|
}
|
|
t[j] = 0;
|
|
|
|
- strcpy( s, t );
|
|
+ strlcpy( s, t, s_len );
|
|
g_free( t );
|
|
}
|
|
|
|
/* Warning: This one explodes the string. Worst-cases can make the string 3x its original size! */
|
|
/* This fuction is safe, but make sure you call it safely as well! */
|
|
-void http_encode( char *s )
|
|
+void http_encode( char *s, size_t s_len )
|
|
{
|
|
char *t;
|
|
int i, j;
|
|
|
|
t = g_strdup( s );
|
|
|
|
- for( i = j = 0; t[i]; i ++, j ++ )
|
|
+ for( i = j = 0; t[i] && j < s_len -1; i ++, j ++ )
|
|
{
|
|
if( t[i] <= ' ' || ((unsigned char *)t)[i] >= 128 || t[i] == '%' )
|
|
{
|
|
- sprintf( s + j, "%%%02X", t[i] );
|
|
+ g_snprintf( s + j, s_len - j, "%%%02X", t[i] );
|
|
j += 2;
|
|
}
|
|
else
|