]> code.citadel.org Git - citadel.git/blobdiff - citadel/modules/calendar/serv_calendar.c
projects / citadel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix possible crashes of not NULL-checking the result of icalproperty_get_attendee()
[citadel.git] / citadel / modules / calendar / serv_calendar.c
diff --git a/citadel/modules/calendar/serv_calendar.c b/citadel/modules/calendar/serv_calendar.c
index 2e7dc422e72c99abab054b08c2c13fef72044fe5..04fb02484119e977a2d3f508b3dfe114aed524e0 100644 (file)
--- a/citadel/modules/calendar/serv_calendar.c
+++ b/citadel/modules/calendar/serv_calendar.c
@@ -25,29 +25,14 @@
 
 #define PRODID "-//Citadel//NONSGML Citadel Calendar//EN"
 
-#include "sysdep.h"
-#include <stdlib.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
+#include "ctdl_module.h"
+
 #include <libical/ical.h>
-#include <libcitadel.h>
-#include "citadel.h"
-#include "server.h"
-#include "citserver.h"
-#include "support.h"
-#include "config.h"
-#include "user_ops.h"
+
 #include "msgbase.h"
 #include "internet_addressing.h"
 #include "serv_calendar.h"
 #include "euidindex.h"
-#include "ctdl_module.h"
 #include "ical_dezonify.h"
 
 
@@ -196,6 +181,7 @@ void ical_send_a_reply(icalcomponent *request, char *action) {
        icalparameter *partstat = NULL;
        char *serialized_reply = NULL;
        char *reply_message_text = NULL;
+       const char *ch;
        struct CtdlMessage *msg = NULL;
        struct recptypes *valid = NULL;
 
@@ -225,22 +211,20 @@ void ical_send_a_reply(icalcomponent *request, char *action) {
                while (attendee = icalcomponent_get_first_property(vevent,
                    ICAL_ATTENDEE_PROPERTY), (attendee != NULL)
                ) {
-                       if (icalproperty_get_attendee(attendee)) {
-                               strcpy(attendee_string,
-                                       icalproperty_get_attendee(attendee) );
-                               if (!strncasecmp(attendee_string, "MAILTO:", 7)) {
-                                       strcpy(attendee_string, &attendee_string[7]);
-                                       striplt(attendee_string);
-                                       recp = validate_recipients(attendee_string, NULL, 0);
-                                       if (recp != NULL) {
-                                               if (!strcasecmp(recp->recp_local, CC->user.fullname)) {
-                                                       if (me_attend) icalproperty_free(me_attend);
-                                                       me_attend = icalproperty_new_clone(attendee);
-                                               }
-                                               free_recipients(recp);
+                       ch = icalproperty_get_attendee(attendee);
+                       if ((ch != NULL) && !strncasecmp(ch, "MAILTO:", 7)) {
+                               safestrncpy(attendee_string, ch + 7, sizeof (attendee_string));
+                               striplt(attendee_string);
+                               recp = validate_recipients(attendee_string, NULL, 0);
+                               if (recp != NULL) {
+                                       if (!strcasecmp(recp->recp_local, CC->user.fullname)) {
+                                               if (me_attend) icalproperty_free(me_attend);
+                                               me_attend = icalproperty_new_clone(attendee);
                                        }
+                                       free_recipients(recp);
                                }
                        }
+
                        /* Remove it... */
                        icalcomponent_remove_property(vevent, attendee);
                        icalproperty_free(attendee);
@@ -555,10 +539,13 @@ STARTOVER:
 
                        /* Check to see if these two attendees match...
                         */
-                       if (!strcasecmp(
-                          icalproperty_get_attendee(e_attendee),
-                          icalproperty_get_attendee(r_attendee)
-                       )) {
+                       const char *e, *r;
+                       e = icalproperty_get_attendee(e_attendee);
+                       r = icalproperty_get_attendee(r_attendee);
+
+                       if ((e != NULL) && 
+                           (r != NULL) && 
+                           !strcasecmp(e, r)) {
                                /* ...and if they do, remove the attendee from the event
                                 * and replace it with the attendee from the reply.  (The
                                 * reply's copy will have the same address, but an updated
@@ -627,7 +614,7 @@ int ical_update_my_calendar_with_reply(icalcomponent *cal) {
         * Citadel always sets the message EUID to the iCalendar UID of
         * the event, this will work.
         */
-       msgnum_being_replaced = locate_message_by_euid(uid, &CC->room);
+       msgnum_being_replaced = CtdlLocateMessageByEuid(uid, &CC->room);
 
        CtdlGetRoom(&CC->room, hold_rm);        /* return to saved room */
 
@@ -670,7 +657,7 @@ int ical_update_my_calendar_with_reply(icalcomponent *cal) {
        icalcomponent_free(original_event);     /* Don't need this anymore. */
        if (serialized_event == NULL) return(2);
 
-       MailboxName(roomname, sizeof roomname, &CC->user, USERCALENDARROOM);
+       CtdlMailboxName(roomname, sizeof roomname, &CC->user, USERCALENDARROOM);
 
        message_text = malloc(strlen(serialized_event) + SIZ);
        if (message_text != NULL) {
@@ -1501,7 +1488,7 @@ void ical_freebusy(char *who) {
                return;
        }
 
-       MailboxName(calendar_room_name, sizeof calendar_room_name,
+       CtdlMailboxName(calendar_room_name, sizeof calendar_room_name,
                &usbuf, USERCALENDARROOM);
 
        strcpy(hold_rm, CC->room.QRname);       /* save current room */
@@ -1721,7 +1708,7 @@ void ical_putics_grabtzids(icalparameter *param, void *data)
        HashList *keys = (HashList *) data;
        
        if ( (keys) && (tzid) && (!IsEmptyStr(tzid)) ) {
-               Put(keys, tzid, strlen(tzid), strdup(tzid), generic_free_handler);
+               Put(keys, tzid, strlen(tzid), strdup(tzid), NULL);
        }
 }
 
@@ -1756,7 +1743,7 @@ void ical_putics(void)
        }
 
        cprintf("%d Transmit data now\n", SEND_LISTING);
-       calstream = CtdlReadMessageBody("000", config.c_maxmsglen, NULL, 0, 0);
+       calstream = CtdlReadMessageBody(HKEY("000"), config.c_maxmsglen, NULL, 0, 0);
        if (calstream == NULL) {
                return;
        }
@@ -1804,7 +1791,7 @@ void ical_putics(void)
                                HashPos = GetNewHashPos(tzidlist, 0);
 
                                while (GetNextHashPos(tzidlist, HashPos, &len, &Key, &Value)) {
-                                       CtdlLogPrintf(CTDL_DEBUG, "Attaching timezone '%s'\n", Value);
+                                       CtdlLogPrintf(CTDL_DEBUG, "Attaching timezone '%s'\n", (char*) Value);
                                        icaltimezone *t = NULL;
 
                                        /* First look for a timezone attached to the original calendar */
@@ -1922,7 +1909,7 @@ void cmd_ical(char *argbuf)
 void ical_CtdlCreateRoom(void)
 {
        struct ctdlroom qr;
-       struct visit vbuf;
+       visit vbuf;
 
        /* Create the calendar room if it doesn't already exist */
        CtdlCreateRoom(USERCALENDARROOM, 4, "", 0, 1, 0, VIEW_CALENDAR);
@@ -2049,19 +2036,17 @@ void ical_send_out_invitations(icalcomponent *top_level_cal, icalcomponent *cal)
        /* Determine who the recipients of this message are (the attendees) */
        strcpy(attendees_string, "");
        for (attendee = icalcomponent_get_first_property(the_request, ICAL_ATTENDEE_PROPERTY); attendee != NULL; attendee = icalcomponent_get_next_property(the_request, ICAL_ATTENDEE_PROPERTY)) {
-               if (icalproperty_get_attendee(attendee)) {
-                       safestrncpy(this_attendee, icalproperty_get_attendee(attendee), sizeof this_attendee);
-                       if (!strncasecmp(this_attendee, "MAILTO:", 7)) {
-                               strcpy(this_attendee, &this_attendee[7]);
-
-                               if (!CtdlIsMe(this_attendee, sizeof this_attendee)) {   /* don't send an invitation to myself! */
-                                       snprintf(&attendees_string[strlen(attendees_string)],
-                                               sizeof(attendees_string) - strlen(attendees_string),
-                                               "%s, ",
-                                               this_attendee
+               const char *ch = icalproperty_get_attendee(attendee);
+               if ((ch != NULL) && !strncasecmp(ch, "MAILTO:", 7)) {
+                       safestrncpy(this_attendee, ch + 7, sizeof(this_attendee));
+                       
+                       if (!CtdlIsMe(this_attendee, sizeof this_attendee)) {   /* don't send an invitation to myself! */
+                               snprintf(&attendees_string[strlen(attendees_string)],
+                                        sizeof(attendees_string) - strlen(attendees_string),
+                                        "%s, ",
+                                        this_attendee
                                        );
-                                       ++num_attendees;
-                               }
+                               ++num_attendees;
                        }
                }
        }
@@ -2359,7 +2344,7 @@ void ical_obj_beforesave_backend(char *name, char *filename, char *partnum,
                                        if (msg->cm_fields['U'] != NULL) {
                                                free(msg->cm_fields['U']);
                                        }
-                                       msg->cm_fields['U'] = strdup(buf);
+                                       msg->cm_fields['U'] = rfc2047encode(buf, strlen(buf));
                                }
                        }
 
@@ -2473,7 +2458,7 @@ int ical_obj_aftersave(struct CtdlMessage *msg)
         */
 
        /* First determine if this is our room */
-       MailboxName(roomname, sizeof roomname, &CC->user, USERCALENDARROOM);
+       CtdlMailboxName(roomname, sizeof roomname, &CC->user, USERCALENDARROOM);
        if (strcasecmp(roomname, CC->room.QRname)) {
                return(0);      /* Not the Calendar room -- don't do anything. */
        }
@@ -2516,6 +2501,7 @@ void ical_fixed_output_backend(icalcomponent *cal,
        icalcomponent *c;
        icalproperty *p;
        char buf[256];
+       const char *ch;
 
        p = icalcomponent_get_first_property(cal, ICAL_SUMMARY_PROPERTY);
        if (p != NULL) {
@@ -2534,11 +2520,12 @@ void ical_fixed_output_backend(icalcomponent *cal,
 
        /* If the component has attendees, iterate through them. */
        for (p = icalcomponent_get_first_property(cal, ICAL_ATTENDEE_PROPERTY); (p != NULL); p = icalcomponent_get_next_property(cal, ICAL_ATTENDEE_PROPERTY)) {
-               safestrncpy(buf, icalproperty_get_attendee(p), sizeof buf);
-               if (!strncasecmp(buf, "MAILTO:", 7)) {
+               ch =  icalproperty_get_attendee(p);
+               if ((ch != NULL) && 
+                   !strncasecmp(ch, "MAILTO:", 7)) {
 
                        /* screen name or email address */
-                       strcpy(buf, &buf[7]);
+                       safestrncpy(buf, ch + 7, sizeof(buf));
                        striplt(buf);
                        cprintf("%s ", buf);
                }
Citadel server, clients, utilities