cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6e36dbe210
openbsd-ports/net/bitlbee/patches/patch-protocols_yahoo_libyahoo2_c

305 lines
10 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-protocols_yahoo_libyahoo2_c,v 1.3 2004/10/21 14:48:51 naddy Exp $
--- protocols/yahoo/libyahoo2.c.orig Sat Sep 25 21:26:09 2004
+++ protocols/yahoo/libyahoo2.c Thu Oct 14 15:43:35 2004
@@ -638,7 +638,7 @@ static void yahoo_packet_read(struct yah
}
}
-static void yahoo_packet_write(struct yahoo_packet *pkt, unsigned char *data)
+static void yahoo_packet_write(struct yahoo_packet *pkt, unsigned char *data, size_t data_len)
{
YList *l;
int pos = 0;
@@ -648,12 +648,12 @@ static void yahoo_packet_write(struct ya
unsigned char buf[100];
snprintf((char *)buf, sizeof(buf), "%d", pair->key);
- strcpy((char *)data + pos, (char *)buf);
+ strlcpy((char *)data + pos, (char *)buf, data_len - pos);
pos += strlen((char *)buf);
data[pos++] = 0xc0;
data[pos++] = 0x80;
- strcpy((char *)data + pos, pair->value);
+ strlcpy((char *)data + pos, pair->value, data_len - pos);
pos += strlen(pair->value);
data[pos++] = 0xc0;
data[pos++] = 0x80;
@@ -762,7 +762,7 @@ static void yahoo_send_packet(struct yah
pos += yahoo_put32(data + pos, pkt->status);
pos += yahoo_put32(data + pos, pkt->id);
- yahoo_packet_write(pkt, data + pos);
+ yahoo_packet_write(pkt, data + pos, len - pos);
yahoo_packet_dump(data, len);
@@ -1561,8 +1561,10 @@ static void yahoo_process_auth_pre_0x0b(
char *crypt_result;
unsigned char *password_hash = malloc(25);
unsigned char *crypt_hash = malloc(25);
- unsigned char *hash_string_p = malloc(50 + strlen(sn));
- unsigned char *hash_string_c = malloc(50 + strlen(sn));
+ size_t p_len = 50 + strlen(sn);
+ size_t c_len = 50 + strlen(sn);
+ unsigned char *hash_string_p = malloc(p_len);
+ unsigned char *hash_string_c = malloc(c_len);
char checksum;
@@ -1589,37 +1591,37 @@ static void yahoo_process_auth_pre_0x0b(
switch (sv) {
case 0:
checksum = seed[seed[7] % 16];
- snprintf((char *)hash_string_p, strlen(sn) + 50,
+ snprintf((char *)hash_string_p, p_len,
"%c%s%s%s", checksum, password_hash, yd->user, seed);
- snprintf((char *)hash_string_c, strlen(sn) + 50,
+ snprintf((char *)hash_string_c, c_len,
"%c%s%s%s", checksum, crypt_hash, yd->user, seed);
break;
case 1:
checksum = seed[seed[9] % 16];
- snprintf((char *)hash_string_p, strlen(sn) + 50,
+ snprintf((char *)hash_string_p, p_len,
"%c%s%s%s", checksum, yd->user, seed, password_hash);
- snprintf((char *)hash_string_c, strlen(sn) + 50,
+ snprintf((char *)hash_string_c, c_len,
"%c%s%s%s", checksum, yd->user, seed, crypt_hash);
break;
case 2:
checksum = seed[seed[15] % 16];
- snprintf((char *)hash_string_p, strlen(sn) + 50,
+ snprintf((char *)hash_string_p, p_len,
"%c%s%s%s", checksum, seed, password_hash, yd->user);
- snprintf((char *)hash_string_c, strlen(sn) + 50,
+ snprintf((char *)hash_string_c, c_len,
"%c%s%s%s", checksum, seed, crypt_hash, yd->user);
break;
case 3:
checksum = seed[seed[1] % 16];
- snprintf((char *)hash_string_p, strlen(sn) + 50,
+ snprintf((char *)hash_string_p, p_len,
"%c%s%s%s", checksum, yd->user, password_hash, seed);
- snprintf((char *)hash_string_c, strlen(sn) + 50,
+ snprintf((char *)hash_string_c, c_len,
"%c%s%s%s", checksum, yd->user, crypt_hash, seed);
break;
case 4:
checksum = seed[seed[3] % 16];
- snprintf((char *)hash_string_p, strlen(sn) + 50,
+ snprintf((char *)hash_string_p, p_len,
"%c%s%s%s", checksum, password_hash, seed, yd->user);
- snprintf((char *)hash_string_c, strlen(sn) + 50,
+ snprintf((char *)hash_string_c, c_len,
"%c%s%s%s", checksum, crypt_hash, seed, yd->user);
break;
}
@@ -1945,29 +1947,29 @@ static void yahoo_process_auth_0x0b(stru
lookup &= 0x1f;
if (lookup >= strlen(alphabet1))
break;
- sprintf(byte, "%c", alphabet1[lookup]);
- strcat(resp_6, byte);
- strcat(resp_6, "=");
+ snprintf(byte, sizeof(byte), "%c", alphabet1[lookup]);
+ strlcat(resp_6, byte, sizeof(resp_6));
+ strlcat(resp_6, "=", sizeof(resp_6));
lookup = (val >> 0x06);
lookup &= 0x1f;
if (lookup >= strlen(alphabet2))
break;
- sprintf(byte, "%c", alphabet2[lookup]);
- strcat(resp_6, byte);
+ snprintf(byte, sizeof(byte), "%c", alphabet2[lookup]);
+ strlcat(resp_6, byte, sizeof(resp_6));
lookup = (val >> 0x01);
lookup &= 0x1f;
if (lookup >= strlen(alphabet2))
break;
- sprintf(byte, "%c", alphabet2[lookup]);
- strcat(resp_6, byte);
+ snprintf(byte, sizeof(byte), "%c", alphabet2[lookup]);
+ strlcat(resp_6, byte, sizeof(resp_6));
lookup = (val & 0x01);
if (lookup >= strlen(delimit_lookup))
break;
- sprintf(byte, "%c", delimit_lookup[lookup]);
- strcat(resp_6, byte);
+ snprintf(byte, sizeof(byte), "%c", delimit_lookup[lookup]);
+ strlcat(resp_6, byte, sizeof(resp_6));
}
/* Our second authentication response is based off
@@ -2036,29 +2038,29 @@ static void yahoo_process_auth_0x0b(stru
lookup &= 0x1f;
if (lookup >= strlen(alphabet1))
break;
- sprintf(byte, "%c", alphabet1[lookup]);
- strcat(resp_96, byte);
- strcat(resp_96, "=");
+ snprintf(byte, sizeof(byte), "%c", alphabet1[lookup]);
+ strlcat(resp_96, byte, sizeof(resp_96));
+ strlcat(resp_96, "=", sizeof(resp_96));
lookup = (val >> 0x06);
lookup &= 0x1f;
if (lookup >= strlen(alphabet2))
break;
- sprintf(byte, "%c", alphabet2[lookup]);
- strcat(resp_96, byte);
+ snprintf(byte, sizeof(byte), "%c", alphabet2[lookup]);
+ strlcat(resp_96, byte, sizeof(resp_96));
lookup = (val >> 0x01);
lookup &= 0x1f;
if (lookup >= strlen(alphabet2))
break;
- sprintf(byte, "%c", alphabet2[lookup]);
- strcat(resp_96, byte);
+ snprintf(byte, sizeof(byte), "%c", alphabet2[lookup]);
+ strlcat(resp_96, byte, sizeof(resp_96));
lookup = (val & 0x01);
if (lookup >= strlen(delimit_lookup))
break;
- sprintf(byte, "%c", delimit_lookup[lookup]);
- strcat(resp_96, byte);
+ snprintf(byte, sizeof(byte), "%c", delimit_lookup[lookup]);
+ strlcat(resp_96, byte, sizeof(resp_96));
}
pack = yahoo_packet_new(YAHOO_SERVICE_AUTHRESP, yd->initial_status, yd->session_id);
@@ -3079,11 +3081,9 @@ static void yahoo_process_yab_connection
if(yab->nname) {
bud->real_name = strdup(yab->nname);
} else if(yab->fname && yab->lname) {
- bud->real_name = y_new0(char,
- strlen(yab->fname)+
- strlen(yab->lname)+2
- );
- sprintf(bud->real_name, "%s %s",
+ size_t len = strlen(yab->fname) + strlen(yab->lname) + 2;
+ bud->real_name = y_new0(char, len);
+ snprintf(bud->real_name, len, "%s %s",
yab->fname, yab->lname);
} else if(yab->fname) {
bud->real_name = strdup(yab->fname);
@@ -3682,7 +3682,7 @@ void yahoo_get_yab(int id)
yid->yd = yd;
yid->type = YAHOO_CONNECTION_YAB;
- snprintf(url, 1024, "http://insider.msg.yahoo.com/ycontent/?ab2=0");
+ snprintf(url, sizeof(url), "http://insider.msg.yahoo.com/ycontent/?ab2=0");
snprintf(buff, sizeof(buff), "Y=%s; T=%s",
yd->cookie_y, yd->cookie_t);
@@ -3709,63 +3709,63 @@ void yahoo_set_yab(int id, struct yab *
yid->type = YAHOO_CONNECTION_YAB;
yid->yd = yd;
- strncpy(url, "http://insider.msg.yahoo.com/ycontent/?addab2=0", size);
+ strlcpy(url, "http://insider.msg.yahoo.com/ycontent/?addab2=0", size);
if(yab->dbid) {
/* change existing yab */
char tmp[32];
- strncat(url, "&ee=1&ow=1&id=", size - strlen(url));
+ strlcat(url, "&ee=1&ow=1&id=", sizeof(url));
snprintf(tmp, sizeof(tmp), "%d", yab->dbid);
- strncat(url, tmp, size - strlen(url));
+ strlcat(url, tmp, sizeof(url));
}
if(yab->fname) {
- strncat(url, "&fn=", size - strlen(url));
+ strlcat(url, "&fn=", sizeof(url));
temp = yahoo_urlencode(yab->fname);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
if(yab->lname) {
- strncat(url, "&ln=", size - strlen(url));
+ strlcat(url, "&ln=", sizeof(url));
temp = yahoo_urlencode(yab->lname);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
- strncat(url, "&yid=", size - strlen(url));
+ strlcat(url, "&yid=", sizeof(url));
temp = yahoo_urlencode(yab->id);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
if(yab->nname) {
- strncat(url, "&nn=", size - strlen(url));
+ strlcat(url, "&nn=", sizeof(url));
temp = yahoo_urlencode(yab->nname);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
if(yab->email) {
- strncat(url, "&e=", size - strlen(url));
+ strlcat(url, "&e=", sizeof(url));
temp = yahoo_urlencode(yab->email);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
if(yab->hphone) {
- strncat(url, "&hp=", size - strlen(url));
+ strlcat(url, "&hp=", sizeof(url));
temp = yahoo_urlencode(yab->hphone);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
if(yab->wphone) {
- strncat(url, "&wp=", size - strlen(url));
+ strlcat(url, "&wp=", sizeof(url));
temp = yahoo_urlencode(yab->wphone);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
if(yab->mphone) {
- strncat(url, "&mp=", size - strlen(url));
+ strlcat(url, "&mp=", sizeof(url));
temp = yahoo_urlencode(yab->mphone);
- strncat(url, temp, size - strlen(url));
+ strlcat(url, temp, sizeof(url));
free(temp);
}
- strncat(url, "&pp=0", size - strlen(url));
+ strlcat(url, "&pp=0", sizeof(url));
snprintf(buff, sizeof(buff), "Y=%s; T=%s",
yd->cookie_y, yd->cookie_t);
@@ -4136,9 +4136,9 @@ void yahoo_get_chatrooms(int id, int cha
yid->type = YAHOO_CONNECTION_CHATCAT;
if (chatroomid == 0) {
- snprintf(url, 1024, "http://insider.msg.yahoo.com/ycontent/?chatcat=0");
+ snprintf(url, sizeof(url), "http://insider.msg.yahoo.com/ycontent/?chatcat=0");
} else {
- snprintf(url, 1024, "http://insider.msg.yahoo.com/ycontent/?chatroom_%d=0",chatroomid);
+ snprintf(url, sizeof(url), "http://insider.msg.yahoo.com/ycontent/?chatroom_%d=0",chatroomid);
}
snprintf(buff, sizeof(buff), "Y=%s; T=%s", yd->cookie_y, yd->cookie_t);
@@ -4373,7 +4373,7 @@ static void yahoo_search_internal(int id
while((p = strchr(ctext, ' ')))
*p = '+';
- snprintf(url, 1024, "http://members.yahoo.com/interests?.oc=m&.kw=%s&.sb=%d&.g=%d&.ar=0%s%s%s",
+ snprintf(url, sizeof(url), "http://members.yahoo.com/interests?.oc=m&.kw=%s&.sb=%d&.g=%d&.ar=0%s%s%s",
ctext, t, g, photo ? "&.p=y" : "", yahoo_only ? "&.pg=y" : "",
startpos ? buff : "");
Reference in New Issue View Git Blame Copy Permalink