From 8c7819e29bd976ec4882075f12480c12dc3691bd Mon Sep 17 00:00:00 2001 From: =?utf8?q?Wilfried=20G=C3=B6esgens?= Date: Thu, 6 Sep 2007 23:40:33 +0000 Subject: [PATCH] * lets start knit-picking on buffersizes. --- webcit/auth.c | 4 ++-- webcit/listsub.c | 4 ++-- webcit/messages.c | 12 +++++++----- webcit/notes.c | 4 ++-- webcit/paging.c | 2 +- webcit/roomops.c | 6 +++--- webcit/smtpqueue.c | 34 +++++++++++++++++++++++++++------- webcit/webcit.c | 22 ++++++++++++++-------- webcit/webcit.h | 2 +- 9 files changed, 59 insertions(+), 31 deletions(-) diff --git a/webcit/auth.c b/webcit/auth.c index f7a35c780..505d8ccb8 100644 --- a/webcit/auth.c +++ b/webcit/auth.c @@ -44,8 +44,8 @@ void display_login(char *mesg) wprintf("
\n"); if (mesg != NULL) if (!IsEmptyStr(mesg)) { - stresc(buf, mesg, 0, 0); - svprintf("mesg", WCS_STRING, "%s", buf); + stresc(buf, SIZ, mesg, 0, 0); + svprintf("mesg", WCS_STRING, "%s", buf); } svprintf("LOGIN_INSTRUCTIONS", WCS_STRING, diff --git a/webcit/listsub.c b/webcit/listsub.c index 2000c3c18..f219ffcb8 100644 --- a/webcit/listsub.c +++ b/webcit/listsub.c @@ -69,8 +69,8 @@ void do_listsub(void) ); serv_getln(buf, sizeof buf); if (buf[0] == '2') { - stresc(escaped_email, email, 0, 0); - stresc(escaped_room, room, 0, 0); + stresc(escaped_email, 256, email, 0, 0); + stresc(escaped_room, 256, room, 0, 0); wprintf("

"); wprintf(_("Confirmation request sent")); diff --git a/webcit/messages.c b/webcit/messages.c index fdf9f1240..032b79c04 100644 --- a/webcit/messages.c +++ b/webcit/messages.c @@ -493,6 +493,7 @@ void display_parsed_vcard(struct vCard *v, int full) { else if (!strcasecmp(firsttoken, "email")) { if (!IsEmptyStr(mailto)) strcat(mailto, "
"); + long len; strcat(mailto, ""); strcat(mailto, "\">"); - stresc(&mailto[strlen(mailto)], thisvalue, 1, 1); + len = strlen(mailto); + stresc(mailto+len, SIZ - len, thisvalue, 1, 1); strcat(mailto, ""); } else if (!strcasecmp(firsttoken, "tel")) { @@ -1836,8 +1838,8 @@ int abcmp(const void *ab1, const void *ab2) { * \param tabbuf the tabbuffer to add name to * \param name the name to add to the tabbuffer */ -void nametab(char *tabbuf, char *name) { - stresc(tabbuf, name, 0, 0); +void nametab(char *tabbuf, long len, char *name) { + stresc(tabbuf, len, name, 0, 0); tabbuf[0] = toupper(tabbuf[0]); tabbuf[1] = tolower(tabbuf[1]); tabbuf[2] = tolower(tabbuf[2]); @@ -1889,8 +1891,8 @@ void do_addrbook_view(struct addrbookent *addrbook, int num_ab) { tabfirst = i * NAMESPERPAGE; tablast = tabfirst + NAMESPERPAGE - 1; if (tablast > (num_ab - 1)) tablast = (num_ab - 1); - nametab(tabfirst_label, addrbook[tabfirst].ab_name); - nametab(tablast_label, addrbook[tablast].ab_name); + nametab(tabfirst_label, 64, addrbook[tabfirst].ab_name); + nametab(tablast_label, 64, addrbook[tablast].ab_name); sprintf(this_tablabel, "%s - %s", tabfirst_label, tablast_label); tablabels[i] = strdup(this_tablabel); } diff --git a/webcit/notes.c b/webcit/notes.c index 76db3909b..d41ed4d2f 100644 --- a/webcit/notes.c +++ b/webcit/notes.c @@ -57,7 +57,7 @@ void display_note(long msgnum) } /** Make it HTML-happy and print it. */ - stresc(display_notetext, notetext, 0, 0); + stresc(display_notetext, SIZ, notetext, 0, 0); if (!IsEmptyStr(eid)) { wprintf("%s
\n", eid, display_notetext); } @@ -121,7 +121,7 @@ void updatenote(void) } /** Make it HTML-happy and print it. */ - stresc(display_notetext, notetext, 0, 0); + stresc(display_notetext, SIZ, notetext, 0, 0); wprintf("%s\n", display_notetext); } } diff --git a/webcit/paging.c b/webcit/paging.c index e58160733..96247ae3f 100644 --- a/webcit/paging.c +++ b/webcit/paging.c @@ -80,7 +80,7 @@ void page_user(void) if (buf[0] == '4') { text_to_server(bstr("msgtext")); serv_puts("000"); - stresc(buf, recp, 0, 0); + stresc(buf, 256, recp, 0, 0); snprintf(WC->ImportantMessage, sizeof WC->ImportantMessage, "%s%s.", diff --git a/webcit/roomops.c b/webcit/roomops.c index c17520853..1327f55d6 100644 --- a/webcit/roomops.c +++ b/webcit/roomops.c @@ -472,7 +472,7 @@ void embed_room_banner(char *got, int navbar_style) { WC->new_mail = extract_int(&got[4], 9); WC->wc_view = extract_int(&got[4], 11); - stresc(sanitized_roomname, WC->wc_roomname, 1, 1); + stresc(sanitized_roomname, 256, WC->wc_roomname, 1, 1); svprintf("ROOMNAME", WCS_STRING, "%s", sanitized_roomname); svprintf("NUMMSGS", WCS_STRING, _("%d new of %d messages"), @@ -2745,7 +2745,7 @@ void do_rooms_view(struct folder *fold, int max_folders, int num_floors) { if (levels == 1) { /** Begin inner box */ - stresc(boxtitle, floor_name, 1, 0); + stresc(boxtitle, 256, floor_name, 1, 0); svprintf("BOXTITLE", WCS_STRING, boxtitle); do_template("beginbox"); } @@ -2838,7 +2838,7 @@ void do_iconbar_view(struct folder *fold, int max_folders, int num_floors) { if (levels == 1) { /** Begin floor */ - stresc(floordivtitle, floor_name, 0, 0); + stresc(floordivtitle, 256, floor_name, 0, 0); sprintf(floordiv_id, "floordiv%d", i); wprintf("" diff --git a/webcit/smtpqueue.c b/webcit/smtpqueue.c index 8083bf90b..664e5eff6 100644 --- a/webcit/smtpqueue.c +++ b/webcit/smtpqueue.c @@ -96,18 +96,38 @@ void display_queue_msg(long msgnum) } if (!strcasecmp(keyword, "remote")) { + int RcptLen; + int TRcptLen; + int TDsn; + int NLen; extract_token(thisrecp, buf, 1, '|', sizeof thisrecp); extract_token(thisdsn, buf, 3, '|', sizeof thisdsn); - - if (strlen(recipients) + strlen(thisrecp) + strlen(thisdsn) + 100 + RcptLen = strlen(recipients); + TRcptLen = strlen(thisrecp); + TDsn = strlen(thisdsn); + if ( RcptLen + TRcptLen + TDsn + 100 < sizeof recipients) { if (!IsEmptyStr(recipients)) { - strcat(recipients, "
"); + // copy the \0 to be sure.. + memcpy (&recipients[RcptLen], "
\0", 7); + RcptLen += 6; } - stresc(&recipients[strlen(recipients)], thisrecp, 1, 1); - strcat(recipients, "
  "); - stresc(&recipients[strlen(recipients)], thisdsn, 1, 1); - strcat(recipients, ""); + NLen = stresc(&recipients[RcptLen], + sizeof recipients - RcptLen, + thisrecp, 1, 1); + if (NLen != -1) + { + RcptLen += NLen; + NLen = sizeof "
  "; + memcpy(recipients, "
  ", + NLen); + RcptLen += NLen - 1; + NLen = stresc(&recipients[RcptLen], + sizeof recipients - RcptLen, + thisdsn, 1, 1); + if (NLen != -1) + memcpy (recipients, "\0", 5); + } /// else bail out? } } diff --git a/webcit/webcit.c b/webcit/webcit.c index 25efc69e1..54001abb3 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -204,15 +204,16 @@ void wDumpContent(int print_standard_html_footer) * \param nbsp If nonzero, spaces are converted to non-breaking spaces. * \param nolinebreaks if set, linebreaks are removed from the string. */ -void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks) +long stresc(char *target, long tSize, char *strbuf, int nbsp, int nolinebreaks) { - char *aptr, *bptr; + char *aptr, *bptr, *eptr; *target = '\0'; aptr = strbuf; bptr = target; + eptr = target + tSize - 6; // our biggest unit to put in... - while (!IsEmptyStr(aptr) ){ + while ((bptr < eptr) && !IsEmptyStr(aptr) ){ if (*aptr == '<') { memcpy(bptr, "<", 4); bptr += 4; @@ -250,10 +251,10 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks) bptr += 6; } else if ((*aptr == '\n') && (nolinebreaks)) { - strcat(bptr, ""); /* nothing */ + *bptr='\0'; /* nothing */ } else if ((*aptr == '\r') && (nolinebreaks)) { - strcat(bptr, ""); /* nothing */ + *bptr='\0'; /* nothing */ } else{ *bptr = *aptr; @@ -262,6 +263,9 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks) aptr ++; } *bptr = '\0'; + if ((bptr = eptr - 1 ) && !IsEmptyStr(aptr) ) + return -1; + return (bptr - target); } /** @@ -273,10 +277,12 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks) void escputs1(char *strbuf, int nbsp, int nolinebreaks) { char *buf; + long Siz; if (strbuf == NULL) return; - buf = malloc( (3 * strlen(strbuf)) + SIZ ); - stresc(buf, strbuf, nbsp, nolinebreaks); + Siz = (3 * strlen(strbuf)) + SIZ ; + buf = malloc(Siz); + stresc(buf, Siz, strbuf, nbsp, nolinebreaks); wprintf("%s", buf); free(buf); } @@ -412,7 +418,7 @@ void msgescputs1( char *strbuf) outbuf = malloc( buflen); outbuf2 = malloc( buflen); msgesc(outbuf, strbuf); - stresc(outbuf2, outbuf, 0, 0); + stresc(outbuf2, buflen, outbuf, 0, 0); wprintf("%s", outbuf2); free(outbuf); free(outbuf2); diff --git a/webcit/webcit.h b/webcit/webcit.h index 4636e4f31..ea572159a 100644 --- a/webcit/webcit.h +++ b/webcit/webcit.h @@ -486,7 +486,7 @@ void output_headers( int do_httpheaders, void wprintf(const char *format,...); void output_static(char *what); void print_menu_box(char* Title, char *Class, int nLines, ...); -void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks); +long stresc(char *target, long tSize, char *strbuf, int nbsp, int nolinebreaks); void escputs(char *strbuf); void url(char *buf); void escputs1(char *strbuf, int nbsp, int nolinebreaks); -- 2.30.2