From: Wilfried Göesgens <willi@citadel.org>
Date: Sun, 13 Jan 2008 21:00:53 +0000 (+0000)
Subject: * jsesc works with pointermagic rather than strcat now.
X-Git-Tag: v7.86~2611
X-Git-Url: https://code.citadel.org/?a=commitdiff_plain;h=543be0cbdc85ca5873af98a05c6b9dbc51b74e57;p=citadel.git

* jsesc works with pointermagic rather than strcat now.
* use snprintf in compress_gzip just to be shure.
---

diff --git a/webcit/webcit.c b/webcit/webcit.c
index c65fd7f3d..7a80d5453 100644
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -343,27 +343,58 @@ void urlescputs(char *strbuf)
  * \param target output string
  * \param strbuf input string
  */
-void jsesc(char *target, char *strbuf)
+void jsesc(char *target, size_t tlen, char *strbuf)
 {
-	int a, len;
+	int len;
+	char *tend;
+	char *send;
+	char *tptr;
+	char *sptr;
 
 	target[0]='\0';
 	len = strlen (strbuf);
-	for (a = 0; a < len; ++a) {
-		if (strbuf[a] == '<')
-			strcat(target, "[");
-		else if (strbuf[a] == '>')
-			strcat(target, "]");
-		else if (strbuf[a] == '\"')
-			strcat(target, "&quot;");
-		else if (strbuf[a] == '&')
-			strcat(target, "&amp;;");
-		else if (strbuf[a] == '\'') 
-			strcat(target, "\\'");
-		else {
-			strncat(target, &strbuf[a], 1);
+	send = strbuf + len;
+	sptr = strbuf;
+	tptr = target;
+	
+	while (!IsEmptyStr(sptr) && 
+	       (sptr < send) &&
+	       (tptr < tend)) {
+	       
+		if (*sptr == '<')
+			*tptr = '[';
+		else if (*sptr == '>')
+			*tptr = ']';
+		else if (*sptr == '\'') {
+			if (tend - tptr < 3)
+				return;
+			*(tptr++) = '\\';
+			*tptr = '\'';
+		}
+		else if (*sptr == '"') {
+			if (tend - tptr < 8)
+				return;
+			*(tptr++) = '&';
+			*(tptr++) = 'q';
+			*(tptr++) = 'u';
+			*(tptr++) = 'o';
+			*(tptr++) = 't';
+			*tptr = ';';
+		}
+		else if (*sptr == '&') {
+			if (tend - tptr < 7)
+				return;
+			*(tptr++) = '&';
+			*(tptr++) = 'a';
+			*(tptr++) = 'm';
+			*(tptr++) = 'p';
+			*tptr = ';';
+		} else {
+			*tptr = *sptr;
 		}
+		tptr++; sptr++;
 	}
+	*tptr = '\0';
 }
 
 /**
@@ -374,7 +405,7 @@ void jsescputs(char *strbuf)
 {
 	char outbuf[SIZ];
 	
-	jsesc(outbuf, strbuf);
+	jsesc(outbuf, SIZ, strbuf);
 	wprintf("%s", outbuf);
 }
 
@@ -576,9 +607,9 @@ void http_transmit_thing(char *thing, size_t length, char *content_type,
 	/** If we can send the data out compressed, please do so. */
 	if (WC->gzip_ok) {
 		char *compressed_data = NULL;
-		uLongf compressed_len;
+		size_t compressed_len;
 
-		compressed_len = (uLongf) ((length * 101) / 100) + 100;
+		compressed_len =  ((length * 101) / 100) + 100;
 		compressed_data = malloc(compressed_len);
 
 		if (compress_gzip((Bytef *) compressed_data,
diff --git a/webcit/webcit.h b/webcit/webcit.h
index 07c181bc7..cdb27d1a0 100644
--- a/webcit/webcit.h
+++ b/webcit/webcit.h
@@ -493,7 +493,7 @@ void serv_printf(const char *format,...);
 char *bstr(char *key);
 void urlesc(char *, char *);
 void urlescputs(char *);
-void jsesc(char *, char *);
+void jsesc(char *, size_t, char *);
 void jsescputs(char *);
 void output_headers(    int do_httpheaders,
 			int do_htmlhead,
@@ -769,7 +769,7 @@ void client_write_ssl(char *buf, int nbytes);
 
 #ifdef HAVE_ZLIB
 #include <zlib.h>
-int ZEXPORT compress_gzip(Bytef * dest, uLongf * destLen,
+int ZEXPORT compress_gzip(Bytef * dest, size_t * destLen,
                           const Bytef * source, uLong sourceLen, int level);
 #endif
 
diff --git a/webcit/webserver.c b/webcit/webserver.c
index 3b3265001..e4dce6679 100644
--- a/webcit/webserver.c
+++ b/webcit/webserver.c
@@ -299,7 +299,7 @@ void begin_burst(void)
 #define DEF_MEM_LEVEL 8 /**< memlevel??? */
 #define OS_CODE 0x03	/**< unix */
 int ZEXPORT compress_gzip(Bytef * dest,         /**< compressed buffer*/
-			  uLongf * destLen,     /**< length of the compresed data */
+			  size_t * destLen,     /**< length of the compresed data */
 			  const Bytef * source, /**< source to encode */
 			  uLong sourceLen,      /**< length of source to encode */
 			  int level)            /**< compression level */
@@ -307,10 +307,11 @@ int ZEXPORT compress_gzip(Bytef * dest,         /**< compressed buffer*/
 	const int gz_magic[2] = { 0x1f, 0x8b };	/** gzip magic header */
 
 	/** write gzip header */
-	sprintf((char *) dest, "%c%c%c%c%c%c%c%c%c%c",
-		gz_magic[0], gz_magic[1], Z_DEFLATED,
-		0 /*flags */ , 0, 0, 0, 0 /*time */ , 0 /** xflags */ ,
-		OS_CODE);
+	snprintf((char *) dest, *destLen, 
+		 "%c%c%c%c%c%c%c%c%c%c",
+		 gz_magic[0], gz_magic[1], Z_DEFLATED,
+		 0 /*flags */ , 0, 0, 0, 0 /*time */ , 0 /** xflags */ ,
+		 OS_CODE);
 
 	/* normal deflate */
 	z_stream stream;
@@ -377,9 +378,9 @@ void end_burst(void)
 	/* Perform gzip compression, if enabled and supported by client */
 	if (WC->gzip_ok) {
 		char *compressed_data = NULL;
-		uLongf compressed_len;
+		size_t compressed_len;
 
-		compressed_len = (uLongf) ((the_len * 101) / 100) + 100;
+		compressed_len = ((the_len * 101) / 100) + 100;
 		compressed_data = malloc(compressed_len);
 
 		if (compress_gzip((Bytef *) compressed_data,