Mercurial > pidgin
comparison src/util.c @ 8118:52089b055c12
[gaim-migrate @ 8822]
"Hi over there... just found another overflow while creating
patches for gaim-cvs and 0.75 for all vulnerabilities I have
found. The new overflow is in gaim_url_parse a sscanf without
sizechecks into stackbuffers.
I think you can apply the patches directly and all vulnerabilities
are gone..." -- Stefan Esser
" Using 0.75, looking at the logs for conversations I've
had since upgrading, I discovered that the formating
(font, color, size) of the text was not showing up.
Looking at the actual HTML in the log files I discovered
that the use of tags has replaced with
tags and inline CSS, this formatting shows up fine when
viewing the logs using a browser such as Mozilla, but
not in the Gaim log viewer.
Here, I fixed my own bug in 0.75 and then fixed it in 0.76cvs
so I could give you the diff.
Actually tested it in 0.76cvs, apparently all the font handling
stuff is a bit screwy, but you might as well add my work so
when it's back to normal the log viewer is consistent with the
log files." --Douglas (douglaswth) Thrift
(18:10:53) Me: look at that html patch
(18:11:02) seanegn: I did last night
(18:11:06) Me: and?
(18:12:35) Me: can it go in?
(18:17:33) ***Me senses he is being ignored
(18:18:50) seanegn: haha, no.
(18:18:59) seanegn: It looked like it should be good. Do you want to
commit it?
(18:19:04) Me: i can do that yes
(18:19:14) Me: i'm looking at if the overflow patch compiles currently
(18:19:24) seanegn: do that one too
(18:19:27) Me: :-)
(18:19:48) seanegn: Why do I have a feeling that this conversation
(including this line) is going to be part of a commit log message?
(18:19:53) seanegn: Hi, gaim-commits!
(18:19:56) Me: lol
(18:20:25) Me: *inocently* would i do that?
(18:20:31) Me: :-P
committer: Tailor Script <tailor@pidgin.im>
author | Luke Schierer <lschiere@pidgin.im> |
---|---|
date | Thu, 15 Jan 2004 23:26:07 +0000 |
parents | a86784e3b98c |
children | 0dc9fffb1e28 |
comparison
equal
deleted
inserted
replaced
8117:e280d73ed07f | 8118:52089b055c12 |
---|---|
248 * Quoted Printable Functions | 248 * Quoted Printable Functions |
249 **************************************************************************/ | 249 **************************************************************************/ |
250 void | 250 void |
251 gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len) | 251 gaim_quotedp_decode(const char *str, char **ret_str, int *ret_len) |
252 { | 252 { |
253 char *p, *n, *new; | 253 char *p, *n, *new, *end; |
254 int i; | 254 int i; |
255 | 255 |
256 n = new = g_malloc(strlen (str) + 1); | 256 n = new = g_malloc(strlen (str) + 1); |
257 | 257 end = str + strlen(str); |
258 for (p = (char *)str; *p; p++, n++) { | 258 |
259 for (p = (char *)str; p < end; p++, n++) { | |
259 if (*p == '=') { | 260 if (*p == '=') { |
260 sscanf(p + 1, "%2x\n", &i); | 261 sscanf(p + 1, "%2x\n", &i); |
261 *n = (char)i; | 262 *n = (char)i; |
262 p += 2; | 263 p += 2; |
263 } | 264 } |
1888 gboolean | 1889 gboolean |
1889 gaim_url_parse(const char *url, char **ret_host, int *ret_port, | 1890 gaim_url_parse(const char *url, char **ret_host, int *ret_port, |
1890 char **ret_path) | 1891 char **ret_path) |
1891 { | 1892 { |
1892 char scan_info[255]; | 1893 char scan_info[255]; |
1893 char port_str[5]; | 1894 char port_str[6]; |
1894 int f; | 1895 int f; |
1895 const char *turl; | 1896 const char *turl; |
1896 char host[256], path[256]; | 1897 char host[256], path[256]; |
1897 int port = 0; | 1898 int port = 0; |
1898 /* hyphen at end includes it in control set */ | 1899 /* hyphen at end includes it in control set */ |
1908 turl += 7; | 1909 turl += 7; |
1909 url = turl; | 1910 url = turl; |
1910 } | 1911 } |
1911 | 1912 |
1912 g_snprintf(scan_info, sizeof(scan_info), | 1913 g_snprintf(scan_info, sizeof(scan_info), |
1913 "%%[%s]:%%[%s]/%%[%s]", addr_ctrl, port_ctrl, page_ctrl); | 1914 "%%255[%s]:%%5[%s]/%%255[%s]", addr_ctrl, port_ctrl, page_ctrl); |
1914 | 1915 |
1915 f = sscanf(url, scan_info, host, port_str, path); | 1916 f = sscanf(url, scan_info, host, port_str, path); |
1916 | 1917 |
1917 if (f == 1) | 1918 if (f == 1) |
1918 { | 1919 { |
1919 g_snprintf(scan_info, sizeof(scan_info), | 1920 g_snprintf(scan_info, sizeof(scan_info), |
1920 "%%[%s]/%%[%s]", | 1921 "%%255[%s]/%%255[%s]", |
1921 addr_ctrl, page_ctrl); | 1922 addr_ctrl, page_ctrl); |
1922 f = sscanf(url, scan_info, host, path); | 1923 f = sscanf(url, scan_info, host, path); |
1923 g_snprintf(port_str, sizeof(port_str), "80"); | 1924 g_snprintf(port_str, sizeof(port_str), "80"); |
1924 } | 1925 } |
1925 | 1926 |