* Buffer overflow fixes and minor cleanup in IPC code

author Michael Hampton <io_error@uncensored.citadel.org>

Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)

committer Michael Hampton <io_error@uncensored.citadel.org>

Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)
author Michael Hampton <io_error@uncensored.citadel.org>
Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)
committer Michael Hampton <io_error@uncensored.citadel.org>
Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)
diff --git a/citadel/ChangeLog b/citadel/ChangeLog

index deb4e93aee9d75934c1912d5b21aa9379e43e09e..2d530718639f3673d4f8a9ee90156bcd16c19308 100644 (file)
--- a/citadel/ChangeLog
+++ b/citadel/ChangeLog
@@ -1,4 +1,7 @@
   $Log$
+ Revision 591.53  2002/06/24 20:11:00  error
+ * Buffer overflow fixes and minor cleanup in IPC code
+
   Revision 591.52  2002/06/24 16:07:42  error
   * Message reading and other functions which use the fmout() screen
     formatter now use the new IPC code.
@@ -3764,3 +3767,4 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
  
  Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
         * Initial CVS import
+
diff --git a/citadel/citadel_ipc.c b/citadel/citadel_ipc.c

index bbde34ecdc87da21d08f30bfb223f855f8d6081b..a25cc4fa7c063f7e9411068a2e958a3bc0c70960 100644 (file)
--- a/citadel/citadel_ipc.c
+++ b/citadel/citadel_ipc.c
@@ -11,6 +11,7 @@
  #  include <time.h>
  # endif
  #endif
+#include <signal.h>
  #include <stdio.h>
  #include <sys/types.h>
  #include <string.h>
@@ -384,7 +385,7 @@ int CtdlIPCGetSingleMessage(long msgnum, int headers, int as_mime,
                 struct ctdlipcmessage **mret, char *cret)
  {
         register int ret;
-       char aaa[27];
+       char aaa[SIZ];
         char *bbb = NULL;
         size_t bbbsize;
  
@@ -402,6 +403,7 @@ int CtdlIPCGetSingleMessage(long msgnum, int headers, int as_mime,
                                 int a;
  
                                 extract_token(aaa, bbb, 0, '\n');
+                               raise(SIGTRAP);
                                 a = strlen(aaa);
                                 safestrncpy(bbb, &bbb[a + 1], strlen(bbb) - a);
  
diff --git a/citadel/messages.c b/citadel/messages.c

index 6855d6afb4e83d864f00fd9505601c9f5ca27b41..f1b6e1e74862dc1cf57ac39c9aec13a5a2e7ab57 100644 (file)
--- a/citadel/messages.c
+++ b/citadel/messages.c
@@ -60,8 +60,6 @@ void newprompt(char *prompt, char *str, int len);
  int file_checksum(char *filename);
  void do_edit(char *desc, char *read_cmd, char *check_cmd, char *write_cmd);
  
-char reply_to[SIZ];
-char reply_subject[SIZ];
  long msg_arr[MAXMSGS];
  int num_msgs;
  char rc_alt_semantics;
@@ -357,13 +355,13 @@ int read_message(
         FILE *dest) /* Destination file, NULL for screen */
  {
         char buf[SIZ];
-       char m_subject[SIZ];
-       char from[SIZ], node[SIZ], rfca[SIZ];
         char now[SIZ];
         int format_type = 0;
         int fr = 0;
         int nhdr = 0;
         struct ctdlipcmessage *message = NULL;
+       char reply_to[SIZ];
+       char reply_subject[SIZ];
         int r;                          /* IPC response code */
  
         sigcaught = 0;
@@ -380,11 +378,7 @@ int read_message(
                 return (0);
         }
  
-       strcpy(m_subject, "");
         strcpy(reply_to, "nobody ... xxxxx");
-       strcpy(from, "");
-       strcpy(node, "");
-       strcpy(rfca, "");
  
         if (dest) {
                 fprintf(dest, "\n ");
@@ -480,7 +474,7 @@ int read_message(
                         if ((room_flags & QR_NETWORK)
                             || ((strcasecmp(message->node, serv_info.serv_nodename)
                              && (strcasecmp(message->node, serv_info.serv_fqdn))))) {
-                               if (strlen(rfca) == 0) {
+                               if (strlen(message->email) == 0) {
                                         if (dest) {
                                                 fprintf(dest, "@%s ", message->node);
                                         } else {
@@ -493,7 +487,7 @@ int read_message(
                         }
                 }
                 if (strcasecmp(message->hnod, serv_info.serv_humannode)
-                   && (strlen(message->hnod)) && (!strlen(rfca))) {
+                   && (strlen(message->hnod)) && (!strlen(message->email))) {
                         if (dest) {
                                 fprintf(dest, "(%s) ", message->hnod);
                         } else {
@@ -505,7 +499,7 @@ int read_message(
                                 scr_printf(") ");
                         }
                 }
-               if (strcasecmp(message->room, room_name) && (strlen(rfca) == 0)) {
+               if (strcasecmp(message->room, room_name) && (strlen(message->email) == 0)) {
                         if (dest) {
                                 fprintf(dest, "in %s> ", message->room);
                         } else {
@@ -533,10 +527,11 @@ int read_message(
                 scr_printf("\n");
         }
  
-       if (strlen(rfca) > 0) {
-               strcpy(reply_to, rfca);
+       if (strlen(message->email) > 0) {
+               strcpy(reply_to, message->email);
         } else {
-               snprintf(reply_to, sizeof(reply_to), "%s @ %s", from, node);
+               snprintf(reply_to, sizeof(reply_to), "%s @ %s",
+                        message->author, message->node);
         }
  
         if (pagin == 1 && !dest)
@@ -924,6 +919,8 @@ int entmsg(int is_reply,    /* nonzero if this was a <R>eply command */
         int mode;
         long highmsg;
         FILE *fp;
+       char reply_to[SIZ];
+       char reply_subject[SIZ];
         char subject[SIZ];
  
         if (c > 0)
author	Michael Hampton <io_error@uncensored.citadel.org>
	Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)
committer	Michael Hampton <io_error@uncensored.citadel.org>
	Mon, 24 Jun 2002 20:11:00 +0000 (20:11 +0000)
citadel/ChangeLog		patch \| blob \| history
citadel/citadel_ipc.c		patch \| blob \| history
citadel/messages.c		patch \| blob \| history