From: Wilfried Goesgens Date: Thu, 7 Apr 2011 21:41:53 +0000 (+0200) Subject: if StrBuf_ServGetln() is called in a loop, its return value has to be checked for... X-Git-Tag: v7.86~2 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=e6a76e17884a941739d7109d927e03a25e390c63 if StrBuf_ServGetln() is called in a loop, its return value has to be checked for error, else we might get into infinite loops. --- diff --git a/webcit/auth.c b/webcit/auth.c index 99e11606d..d37382f22 100644 --- a/webcit/auth.c +++ b/webcit/auth.c @@ -384,6 +384,7 @@ void finalize_openid_login(void) long HKLen; const char *HKey; HashPos *Cursor; + int len; Cursor = GetNewHashPos (WCC->Hdr->urlstrings, 0); while (GetNextHashPos(WCC->Hdr->urlstrings, Cursor, &HKLen, &HKey, &U)) { @@ -396,7 +397,9 @@ void finalize_openid_login(void) serv_puts("000"); linecount = 0; - while (StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) + while (len = StrBuf_ServGetln(Buf), + ((len >= 0) && + ((len != 3) || strcmp(ChrPtr(Buf), "000") ))) { if (linecount == 0) result = NewStrBufDup(Buf); if (!strcasecmp(ChrPtr(result), "authenticate")) { diff --git a/webcit/groupdav_propfind.c b/webcit/groupdav_propfind.c index 867cec9ee..08dd90ad2 100644 --- a/webcit/groupdav_propfind.c +++ b/webcit/groupdav_propfind.c @@ -682,7 +682,10 @@ void groupdav_propfind(void) StrBuf_ServGetln(MsgNum); if (GetServerStatus(MsgNum, NULL) == 1) - while (BufLen = StrBuf_ServGetln(MsgNum), strcmp(ChrPtr(MsgNum), "000")) { + while (BufLen = StrBuf_ServGetln(MsgNum), + ((BufLen >= 0) && + ((BufLen != 3) || strcmp(ChrPtr(MsgNum), "000")) )) + { msgs = realloc(msgs, ++num_msgs * sizeof(long)); msgs[num_msgs-1] = StrTol(MsgNum); } @@ -694,7 +697,9 @@ void groupdav_propfind(void) serv_printf("MSG0 %ld|3", msgs[i]); StrBuf_ServGetln(MsgNum); if (GetServerStatus(MsgNum, NULL) == 1) - while (BufLen = StrBuf_ServGetln(MsgNum), strcmp(ChrPtr(MsgNum), "000")) + while (BufLen = StrBuf_ServGetln(MsgNum), + ((BufLen >= 0) && + ((BufLen != 3) || strcmp(ChrPtr(MsgNum), "000")) )) { if (!strncasecmp(ChrPtr(MsgNum), "exti=", 5)) { strcpy(uid, &ChrPtr(MsgNum)[5]); diff --git a/webcit/inetconf.c b/webcit/inetconf.c index 269967e4a..9e9a73e77 100644 --- a/webcit/inetconf.c +++ b/webcit/inetconf.c @@ -69,7 +69,10 @@ void load_inetconf(void) if (GetServerStatus(Buf, NULL) == 1) { CfgToken = NewStrBuf(); while ((len = StrBuf_ServGetln(Buf), - strcmp(ChrPtr(Buf), "000"))) { + ((len >= 0) && + ((len != 3) || + strcmp(ChrPtr(Buf), "000"))))) + { Value = NewStrBuf(); StrBufExtract_token(CfgToken, Buf, 1, '|'); diff --git a/webcit/mainmenu.c b/webcit/mainmenu.c index 52aa826fc..5022a0c03 100644 --- a/webcit/mainmenu.c +++ b/webcit/mainmenu.c @@ -114,9 +114,10 @@ void do_generic(void) } case 1: while (!Done) { - StrBuf_ServGetln(Buf); - if ( (StrLength(Buf)==3) && - !strcmp(ChrPtr(Buf), "000")) { + if (StrBuf_ServGetln(LineBuf) < 0) + break; + if ( (StrLength(LineBuf)==3) && + !strcmp(ChrPtr(LineBuf), "000")) { Done = 1; } StrEscAppend(WCC->WBuf, Buf, NULL, 0, 0); diff --git a/webcit/messages.c b/webcit/messages.c index ebe8f61dd..b20186ba0 100644 --- a/webcit/messages.c +++ b/webcit/messages.c @@ -547,8 +547,10 @@ message_summary *ReadOneMessageSummary(StrBuf *RawMessage, const char *DefaultSu Msg = (message_summary*)malloc(sizeof(message_summary)); memset(Msg, 0, sizeof(message_summary)); while (len = StrBuf_ServGetln(Buf), + (len >= 0) && ((len != 3) || - strcmp(ChrPtr(Buf), "000")== 0)){ + strcmp(ChrPtr(Buf), "000"))) + { buf = ChrPtr(Buf); ebuf = strchr(ChrPtr(Buf), '='); nBuf = ebuf - buf; @@ -599,7 +601,10 @@ int load_msg_ptrs(const char *servcmd, return (Stat->nummsgs); } Buf2 = NewStrBuf(); - while (len = StrBuf_ServGetln(Buf), ((len != 3) || strcmp(ChrPtr(Buf), "000")!= 0)) + while (len = StrBuf_ServGetln(Buf), + ((len >= 0) && + ((len != 3) || + strcmp(ChrPtr(Buf), "000")!= 0))) { if (Stat->nummsgs < Stat->maxload) { skipit = 0; diff --git a/webcit/preferences.c b/webcit/preferences.c index 379fa6509..100781172 100644 --- a/webcit/preferences.c +++ b/webcit/preferences.c @@ -157,7 +157,8 @@ void ParsePref(HashList **List, StrBuf *ReadBuf) Preference *LastData = NULL; while (!Done) { - StrBuf_ServGetln(ReadBuf); + if (StrBuf_ServGetln(ReadBuf) < 0) + break; if ( (StrLength(ReadBuf)==3) && !strcmp(ChrPtr(ReadBuf), "000")) { Done = 1; @@ -224,7 +225,7 @@ void load_preferences(void) serv_puts("000"); } while (!Done && - StrBuf_ServGetln(ReadBuf)) { + (StrBuf_ServGetln(ReadBuf) >= 0)) { if ( (StrLength(ReadBuf)==3) && !strcmp(ChrPtr(ReadBuf), "000")) { Done = 1; @@ -237,7 +238,7 @@ void load_preferences(void) serv_printf("MSG0 %ld", msgnum); StrBuf_ServGetln(ReadBuf); if (GetServerStatus(ReadBuf, NULL) == 1) { - while (StrBuf_ServGetln(ReadBuf), + while ((StrBuf_ServGetln(ReadBuf) >= 0) && (strcmp(ChrPtr(ReadBuf), "text") && strcmp(ChrPtr(ReadBuf), "000"))) { } @@ -378,7 +379,7 @@ void save_preferences(void) serv_puts("000"); } while (!Done && - StrBuf_ServGetln(ReadBuf)) { + (StrBuf_ServGetln(ReadBuf) >= 0)) { if ( (StrLength(ReadBuf)==3) && !strcmp(ChrPtr(ReadBuf), "000")) { Done = 1; diff --git a/webcit/pushemail.c b/webcit/pushemail.c index 482ee8a58..2f59929eb 100644 --- a/webcit/pushemail.c +++ b/webcit/pushemail.c @@ -29,7 +29,7 @@ void display_pushemail(void) serv_puts("subj|__ Push email settings __"); serv_puts("000"); while (!Done && - StrBuf_ServGetln(Buf)) { + StrBuf_ServGetln(Buf) >= 0) { if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; @@ -45,7 +45,7 @@ void display_pushemail(void) int i =0; Done = 0; while (!Done && - StrBuf_ServGetln(Buf)) { + StrBuf_ServGetln(Buf) >= 0) { if (( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000"))|| ((StrLength(Buf)==4) && @@ -58,7 +58,7 @@ void display_pushemail(void) if (!strcmp(ChrPtr(Buf), "text")) { Done = 0; while (!Done && - StrBuf_ServGetln(Buf)) { + StrBuf_ServGetln(Buf) >= 0) { if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; @@ -126,7 +126,7 @@ void save_pushemail(void) } while (!Done && - StrBuf_ServGetln(Buf)) { + StrBuf_ServGetln(Buf) >= 0) { if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; diff --git a/webcit/roomlist.c b/webcit/roomlist.c index 928e34adc..078ba6c2a 100644 --- a/webcit/roomlist.c +++ b/webcit/roomlist.c @@ -64,7 +64,7 @@ HashList *GetFloorListHash(StrBuf *Target, WCTemplputParams *TP) StrBufTCP_read_line(Buf, &WC->serv_sock, 0, &Err); /* '100', we hope */ if (GetServerStatus(Buf, NULL) == 1) { - while(!Done && StrBuf_ServGetln(Buf)) + while(!Done && StrBuf_ServGetln(Buf) >= 0) if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { @@ -181,7 +181,7 @@ HashList *GetRoomListHash(StrBuf *Target, WCTemplputParams *TP) StrBuf_ServGetln(Buf); if (GetServerStatus(Buf, NULL) == 1) { - while(!Done && StrBuf_ServGetln(Buf)) + while(!Done && (StrBuf_ServGetln(Buf) >= 0)) if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { diff --git a/webcit/serv_func.c b/webcit/serv_func.c index 50bf1f771..f4162a5a0 100644 --- a/webcit/serv_func.c +++ b/webcit/serv_func.c @@ -54,6 +54,7 @@ ServInfo *get_serv_info(StrBuf *browser_host, StrBuf *user_agent) ServInfo *info; StrBuf *Buf; int a; + int rc; Buf = NewStrBuf(); @@ -100,7 +101,11 @@ ServInfo *get_serv_info(StrBuf *browser_host, StrBuf *user_agent) info = (ServInfo*)malloc(sizeof(ServInfo)); memset(info, 0, sizeof(ServInfo)); a = 0; - while (StrBuf_ServGetln(Buf), (strcmp(ChrPtr(Buf), "000")!= 0)) { + while (rc = StrBuf_ServGetln(Buf), + (rc >= 0) && + ((rc != 3) || + strcmp(ChrPtr(Buf), "000"))) + { switch (a) { case 0: info->serv_pid = StrToi(Buf); diff --git a/webcit/siteconfig.c b/webcit/siteconfig.c index 6a5eea83b..4b1fc5ce0 100644 --- a/webcit/siteconfig.c +++ b/webcit/siteconfig.c @@ -225,10 +225,10 @@ void load_siteconfig(void) serv_getln(buf, sizeof buf); i = 0; Buf = NewStrBuf(); - while ((sizeof(ServerConfig) / sizeof(CfgMapping)) && - (len = StrBuf_ServGetln(Buf), - strcmp(ChrPtr(Buf), "000")) && - (i <= sizeof(ServerConfig))) + while (len = StrBuf_ServGetln(Buf), + (len >= 0) && + (i <= (sizeof(ServerConfig) / sizeof(CfgMapping))) && + ((len != 3) || strcmp(ChrPtr(Buf), "000"))) { Put(Cfg, ServerConfig[i].Key, diff --git a/webcit/tcp_sockets.c b/webcit/tcp_sockets.c index e783feb7f..6bbef24fb 100644 --- a/webcit/tcp_sockets.c +++ b/webcit/tcp_sockets.c @@ -333,7 +333,10 @@ int serv_read_binary(StrBuf *Ret, size_t total_len, StrBuf *Buf) } serv_printf("READ %d|%d", bytes_read, total_len-bytes_read); - if ( (StrBuf_ServGetln(Buf) > 0) && (GetServerStatus(Buf, NULL) == 6) ) { + if ( (rc = StrBuf_ServGetln(Buf) > 0) && (GetServerStatus(Buf, NULL) == 6) ) + { + if (rc < 0) + return rc; StrBufCutLeft(Buf, 4); this_block = StrTol(Buf); rc = StrBuf_ServGetBLOBBuffered(Ret, this_block); diff --git a/webcit/useredit.c b/webcit/useredit.c index 85e55f43a..a95670a80 100644 --- a/webcit/useredit.c +++ b/webcit/useredit.c @@ -272,8 +272,10 @@ HashList *iterate_load_userlist(StrBuf *Target, WCTemplputParams *TP) while (!Done) { len = StrBuf_ServGetln(Buf); - if ((len == 3) && - (strcmp(ChrPtr(Buf), "000")==0)) { + if ((len <0) || + ((len == 3) && + strcmp(ChrPtr(Buf), "000"))) + { Done = 1; break; } diff --git a/webcit/webcit.c b/webcit/webcit.c index 251c7df9a..9de1ad242 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -407,7 +407,8 @@ void ajax_servcmd(void) } case 1: while (!Done) { - StrBuf_ServGetln(Buf); + if (StrBuf_ServGetln(Buf) < 0) + break; if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; diff --git a/webcit/who.c b/webcit/who.c index 692481e38..890432587 100644 --- a/webcit/who.c +++ b/webcit/who.c @@ -51,7 +51,10 @@ int GetWholistSection(HashList *List, time_t now, StrBuf *Buf) serv_puts("RWHO"); StrBuf_ServGetln(Buf); if (GetServerStatus(Buf, NULL) == 1) { - while (BufLen = StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) { + while (BufLen = StrBuf_ServGetln(Buf), + ((BufLen >= 0) && + ((BufLen != 3) || strcmp(ChrPtr(Buf), "000")))) + { if (BufLen <= 0) continue; Pos = NULL; diff --git a/webcit/wiki.c b/webcit/wiki.c index 2b0ba7f88..627424fe5 100644 --- a/webcit/wiki.c +++ b/webcit/wiki.c @@ -169,7 +169,7 @@ void tmplput_display_wiki_history(StrBuf *Target, WCTemplputParams *TP) wc_printf("%s", _("Date")); wc_printf("%s", _("Author")); - while(StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) { + while((StrBuf_ServGetln(Buf) >= 0) && strcmp(ChrPtr(Buf), "000")) { rev_date = extract_long(ChrPtr(Buf), 1); webcit_fmt_date(rev_date_displayed, sizeof rev_date_displayed, rev_date, DATEFMT_FULL); @@ -290,7 +290,7 @@ void tmplput_display_wiki_pagelist(StrBuf *Target, WCTemplputParams *TP) wc_printf("%s", _("Page title")); - while(StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) { + while((StrBuf_ServGetln(Buf) >= 0) && strcmp(ChrPtr(Buf), "000")) { StrBufExtract_token(pagetitle, Buf, 1, '|'); if (!bmstrcasestr((char *)ChrPtr(pagetitle), "_HISTORY_")) { /* no history pages */