From ba8fa67d0ae3015d55ffa546aa7c30823643f06b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Wilfried=20G=C3=B6esgens?= Date: Sun, 13 Jan 2008 21:31:19 +0000 Subject: [PATCH] * the same for msgescputs --- webcit/context_loop.c | 6 ++--- webcit/webcit.c | 53 ++++++++++++++++++++++++++++++------------- webcit/webcit.h | 2 +- 3 files changed, 41 insertions(+), 20 deletions(-) diff --git a/webcit/context_loop.c b/webcit/context_loop.c index 032c82a60..452edd2f0 100644 --- a/webcit/context_loop.c +++ b/webcit/context_loop.c @@ -157,7 +157,7 @@ int GenerateSessionID(void) /* * Collapse multiple cookies on one line */ -int req_gets(int sock, char *buf, char *hold) +int req_gets(int sock, char *buf, char *hold, size_t hlen) { int a, b; @@ -177,7 +177,7 @@ int req_gets(int sock, char *buf, char *hold) if (buf[a] == ';') { // we don't refresh len, because of we // only exit from here. - sprintf(hold, "Cookie: %s", &buf[a + 1]); + snprintf(hold, hlen, "Cookie: %s", &buf[a + 1]); buf[a] = 0; b = 8; while (isspace(hold[b])) @@ -303,7 +303,7 @@ void context_loop(int sock) */ memset(hold, 0, sizeof(hold)); do { - if (req_gets(sock, buf, hold) < 0) return; + if (req_gets(sock, buf, hold, SIZ) < 0) return; /** * Can we compress? diff --git a/webcit/webcit.c b/webcit/webcit.c index 7a80d5453..420aa7b14 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -414,23 +414,42 @@ void jsescputs(char *strbuf) * \param target target buffer * \param strbuf source buffer */ -void msgesc(char *target, char *strbuf) +void msgesc(char *target, size_t tlen, char *strbuf) { - int a, len; + int len; + char *tend; + char *send; + char *tptr; + char *sptr; - *target='\0'; - len = strlen(strbuf); - for (a = 0; a < len; ++a) { - if (strbuf[a] == '\n') - strcat(target, " "); - else if (strbuf[a] == '\r') - strcat(target, " "); - else if (strbuf[a] == '\'') - strcat(target, "'"); - else { - strncat(target, &strbuf[a], 1); + target[0]='\0'; + len = strlen (strbuf); + send = strbuf + len; + sptr = strbuf; + tptr = target; + + while (!IsEmptyStr(sptr) && + (sptr < send) && + (tptr < tend)) { + + if (*sptr == '\n') + *tptr = ' '; + else if (*sptr == '\r') + *tptr = ' '; + else if (*sptr == '\'') { + if (tend - tptr < 8) + return; + *(tptr++) = '&'; + *(tptr++) = '#'; + *(tptr++) = '3'; + *(tptr++) = '9'; + *tptr = ';'; + } else { + *tptr = *sptr; } + tptr++; sptr++; } + *tptr = '\0'; } /** @@ -447,7 +466,7 @@ void msgescputs1( char *strbuf) buflen = 3 * strlen(strbuf) + SIZ; outbuf = malloc( buflen); outbuf2 = malloc( buflen); - msgesc(outbuf, strbuf); + msgesc(outbuf, buflen, strbuf); stresc(outbuf2, buflen, outbuf, 0, 0); wprintf("%s", outbuf2); free(outbuf); @@ -460,10 +479,12 @@ void msgescputs1( char *strbuf) */ void msgescputs(char *strbuf) { char *outbuf; + size_t len; if (strbuf == NULL) return; - outbuf = malloc( (3 * strlen(strbuf)) + SIZ); - msgesc(outbuf, strbuf); + len = (3 * strlen(strbuf)) + SIZ; + outbuf = malloc(len); + msgesc(outbuf, len, strbuf); wprintf("%s", outbuf); free(outbuf); } diff --git a/webcit/webcit.h b/webcit/webcit.h index cdb27d1a0..eeb4c5783 100644 --- a/webcit/webcit.h +++ b/webcit/webcit.h @@ -508,7 +508,7 @@ long stresc(char *target, long tSize, char *strbuf, int nbsp, int nolinebreaks); void escputs(char *strbuf); void url(char *buf); void escputs1(char *strbuf, int nbsp, int nolinebreaks); -void msgesc(char *target, char *strbuf); +void msgesc(char *target, size_t tlen, char *strbuf); void msgescputs(char *strbuf); void msgescputs1(char *strbuf); void stripout(char *str, char leftboundary, char rightboundary); -- 2.39.2