Mercurial > pidgin
view libpurple/protocols/bonjour/parser.c @ 20852:6cc03752fe59
Fix CID 337, null pointer deref. Also plug a leak.
author | Daniel Atallah <daniel.atallah@gmail.com> |
---|---|
date | Tue, 09 Oct 2007 23:01:11 +0000 |
parents | 6668c0cd4687 |
children | 5b9da9db7e81 |
line wrap: on
line source
/* * purple - Bonjour Jabber XML parser stuff * * Purple is the legal property of its developers, whose names are too numerous * to list here. Please refer to the COPYRIGHT file distributed with this * source distribution. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA * */ #include "internal.h" #include <libxml/parser.h> #include "connection.h" #include "debug.h" #include "jabber.h" #include "parser.h" #include "util.h" #include "xmlnode.h" static void bonjour_parser_element_start_libxml(void *user_data, const xmlChar *element_name, const xmlChar *prefix, const xmlChar *namespace, int nb_namespaces, const xmlChar **namespaces, int nb_attributes, int nb_defaulted, const xmlChar **attributes) { PurpleBuddy *pb = user_data; BonjourBuddy *bb = pb->proto_data; BonjourJabberConversation *bconv = bb->conversation; xmlnode *node; int i; if(!element_name) { return; } else if(!xmlStrcmp(element_name, (xmlChar*) "stream")) { bconv->recv_stream_start = TRUE; bonjour_jabber_stream_started(pb); } else { if(bconv->current) node = xmlnode_new_child(bconv->current, (const char*) element_name); else node = xmlnode_new((const char*) element_name); xmlnode_set_namespace(node, (const char*) namespace); for(i=0; i < nb_attributes * 5; i+=5) { char *txt; int attrib_len = attributes[i+4] - attributes[i+3]; char *attrib = g_malloc(attrib_len + 1); char *attrib_ns = NULL; if (attributes[i+2]) { attrib_ns = g_strdup((char*)attributes[i+2]); } memcpy(attrib, attributes[i+3], attrib_len); attrib[attrib_len] = '\0'; txt = attrib; attrib = purple_unescape_html(txt); g_free(txt); xmlnode_set_attrib_with_namespace(node, (const char*) attributes[i], attrib_ns, attrib); g_free(attrib); g_free(attrib_ns); } bconv->current = node; } } static gboolean _async_bonjour_jabber_stream_ended_cb(gpointer data) { bonjour_jabber_stream_ended((PurpleBuddy *) data); return FALSE; } static void bonjour_parser_element_end_libxml(void *user_data, const xmlChar *element_name, const xmlChar *prefix, const xmlChar *namespace) { PurpleBuddy *pb = user_data; BonjourBuddy *bb = pb->proto_data; BonjourJabberConversation *bconv = bb->conversation; if(!bconv->current) { /* We don't keep a reference to the start stream xmlnode, * so we have to check for it here to close the conversation */ if(!xmlStrcmp(element_name, (xmlChar*) "stream")) { /* Asynchronously close the conversation to prevent bonjour_parser_setup() * being called from within this context */ purple_timeout_add(0, _async_bonjour_jabber_stream_ended_cb, pb); } return; } if(bconv->current->parent) { if(!xmlStrcmp((xmlChar*) bconv->current->name, element_name)) bconv->current = bconv->current->parent; } else { xmlnode *packet = bconv->current; bconv->current = NULL; bonjour_jabber_process_packet(pb, packet); xmlnode_free(packet); } } static void bonjour_parser_element_text_libxml(void *user_data, const xmlChar *text, int text_len) { PurpleBuddy *pb = user_data; BonjourBuddy *bb = pb->proto_data; BonjourJabberConversation *bconv = bb->conversation; if(!bconv->current) return; if(!text || !text_len) return; xmlnode_insert_data(bconv->current, (const char*) text, text_len); } static xmlSAXHandler bonjour_parser_libxml = { .internalSubset = NULL, .isStandalone = NULL, .hasInternalSubset = NULL, .hasExternalSubset = NULL, .resolveEntity = NULL, .getEntity = NULL, .entityDecl = NULL, .notationDecl = NULL, .attributeDecl = NULL, .elementDecl = NULL, .unparsedEntityDecl = NULL, .setDocumentLocator = NULL, .startDocument = NULL, .endDocument = NULL, .startElement = NULL, .endElement = NULL, .reference = NULL, .characters = bonjour_parser_element_text_libxml, .ignorableWhitespace = NULL, .processingInstruction = NULL, .comment = NULL, .warning = NULL, .error = NULL, .fatalError = NULL, .getParameterEntity = NULL, .cdataBlock = NULL, .externalSubset = NULL, .initialized = XML_SAX2_MAGIC, ._private = NULL, .startElementNs = bonjour_parser_element_start_libxml, .endElementNs = bonjour_parser_element_end_libxml, .serror = NULL }; void bonjour_parser_setup(BonjourJabberConversation *bconv) { /* This seems backwards, but it makes sense. The libxml code creates * the parser context when you try to use it (this way, it can figure * out the encoding at creation time. So, setting up the parser is * just a matter of destroying any current parser. */ if (bconv->context) { xmlParseChunk(bconv->context, NULL,0,1); xmlFreeParserCtxt(bconv->context); bconv->context = NULL; } } void bonjour_parser_process(PurpleBuddy *pb, const char *buf, int len) { BonjourBuddy *bb = pb->proto_data; if (bb->conversation->context == NULL) { /* libxml inconsistently starts parsing on creating the * parser, so do a ParseChunk right afterwards to force it. */ bb->conversation->context = xmlCreatePushParserCtxt(&bonjour_parser_libxml, pb, buf, len, NULL); xmlParseChunk(bb->conversation->context, "", 0, 0); } else if (xmlParseChunk(bb->conversation->context, buf, len, 0) < 0) { /* TODO: What should we do here - I assume we should display an error or something (maybe just print something to the conv?) */ purple_debug_error("bonjour", "Error parsing xml.\n"); } }