# HG changeset patch # User Paul Aurich # Date 1242336878 0 # Node ID 415803efb8b78b6032254d977b396379cbe25030 # Parent 3c1022fd489309b2878bff2422990da46b984729# Parent a81f75025e141d27af64670d58eb51ca9164e926 merge of '65a7d608054498ee4f5752fe003c5e19dd47758d' and 'f79b498a9d29cfc60c9b2db90fb0976afec6b756' diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/jabber/si.c --- a/libpurple/protocols/jabber/si.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/jabber/si.c Thu May 14 21:34:38 2009 +0000 @@ -354,7 +354,7 @@ { PurpleXfer *xfer = data; JabberSIXfer *jsx = xfer->data; - char buffer[256]; + char buffer[42]; /* 40 for DST.ADDR + 2 bytes for port number*/ int len; char *dstaddr, *hash; const char *host; @@ -378,16 +378,19 @@ jsx->rxlen += len; return; } else if(jsx->rxqueue[0] != 0x05 || jsx->rxqueue[1] != 0x01 || - jsx->rxqueue[3] != 0x03) { - purple_debug_info("jabber", "invalid socks5 stuff\n"); + jsx->rxqueue[3] != 0x03 || jsx->rxqueue[4] != 40) { + purple_debug_info("jabber", "Invalid socks5 conn req. header[0x%x,0x%x,0x%x,0x%x,0x%x]\n", + jsx->rxqueue[0], jsx->rxqueue[1], jsx->rxqueue[2], + jsx->rxqueue[3], jsx->rxqueue[4]); purple_input_remove(xfer->watcher); xfer->watcher = 0; close(source); purple_xfer_cancel_remote(xfer); return; } else if(jsx->rxlen - 5 < jsx->rxqueue[4] + 2) { - purple_debug_info("jabber", "reading umpteen more bytes\n"); - len = read(source, buffer, jsx->rxqueue[4] + 5 + 2 - jsx->rxlen); + purple_debug_info("jabber", "reading %u bytes for DST.ADDR + port num (trying to read %u now)\n", + jsx->rxqueue[4] + 2, jsx->rxqueue[4] + 2 - (jsx->rxlen - 5)); + len = read(source, buffer, jsx->rxqueue[4] + 2 - (jsx->rxlen - 5)); if(len < 0 && errno == EAGAIN) return; else if(len <= 0) { @@ -402,6 +405,7 @@ jsx->rxlen += len; } + /* Have we not read all of DST.ADDR and the following 2-byte port number? */ if(jsx->rxlen - 5 < jsx->rxqueue[4] + 2) return; @@ -415,9 +419,16 @@ /* Per XEP-0065, the 'host' must be SHA1(SID + from JID + to JID) */ hash = jabber_calculate_data_sha1sum(dstaddr, strlen(dstaddr)); - if(jsx->rxqueue[4] != 40 || strncmp(hash, jsx->rxqueue+5, 40) || + if(strncmp(hash, jsx->rxqueue + 5, 40) || jsx->rxqueue[45] != 0x00 || jsx->rxqueue[46] != 0x00) { - purple_debug_error("jabber", "someone connected with the wrong info!\n"); + if (jsx->rxqueue[45] != 0x00 || jsx->rxqueue[46] != 0x00) + purple_debug_error("jabber", "Got SOCKS5 BS conn with the wrong DST.PORT" + " (must be 0 - got[0x%x,0x%x]).\n", + jsx->rxqueue[45], jsx->rxqueue[46]); + else + purple_debug_error("jabber", "Got SOCKS5 BS conn with the wrong DST.ADDR" + " (expected '%s' - got '%.40s').\n", + hash, jsx->rxqueue + 5); close(source); purple_xfer_cancel_remote(xfer); g_free(hash); @@ -478,11 +489,13 @@ purple_input_remove(xfer->watcher); xfer->watcher = 0; + /* If we sent a "Success", wait for a response, otherwise give up and cancel */ if (jsx->rxqueue[1] == 0x00) { xfer->watcher = purple_input_add(source, PURPLE_INPUT_READ, jabber_si_xfer_bytestreams_send_read_again_cb, xfer); g_free(jsx->rxqueue); jsx->rxqueue = NULL; + jsx->rxlen = 0; } else { close(source); purple_xfer_cancel_remote(xfer); @@ -503,6 +516,7 @@ xfer->fd = source; + /** Try to read the SOCKS5 header */ if(jsx->rxlen < 2) { purple_debug_info("jabber", "reading those first two bytes\n"); len = read(source, buffer, 2 - jsx->rxlen); @@ -520,8 +534,9 @@ jsx->rxlen += len; return; } else if(jsx->rxlen - 2 < jsx->rxqueue[1]) { - purple_debug_info("jabber", "reading the next umpteen bytes\n"); - len = read(source, buffer, jsx->rxqueue[1] + 2 - jsx->rxlen); + purple_debug_info("jabber", "reading %u bytes for auth methods (trying to read %u now)\n", + jsx->rxqueue[1], jsx->rxqueue[1] - (jsx->rxlen - 2)); + len = read(source, buffer, jsx->rxqueue[1] - (jsx->rxlen - 2)); if(len < 0 && errno == EAGAIN) return; else if(len <= 0) { @@ -536,6 +551,7 @@ jsx->rxlen += len; } + /* Have we not read all the auth. method bytes? */ if(jsx->rxlen -2 < jsx->rxqueue[1]) return; diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/msn/httpconn.c --- a/libpurple/protocols/msn/httpconn.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/msn/httpconn.c Thu May 14 21:34:38 2009 +0000 @@ -219,7 +219,13 @@ g_free(tmp); t = strchr(full_session_id, '.'); - session_id = g_strndup(full_session_id, t - full_session_id); + if (t != NULL) + session_id = g_strndup(full_session_id, t - full_session_id); + else { + purple_debug_error("msn", "Malformed full_session_id[%s]\n", + full_session_id ? full_session_id : NULL); + session_id = g_strdup(full_session_id); + } if (session_action == NULL || strcmp(session_action, "close") != 0) { diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/msn/oim.c --- a/libpurple/protocols/msn/oim.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/msn/oim.c Thu May 14 21:34:38 2009 +0000 @@ -668,9 +668,15 @@ if (tokens[1] != NULL) from = (const char *)tokens[1]; - start = strchr(from, '<') + 1; - end = strchr(from, '>'); - passport = g_strndup(start, end - start); + start = strchr(from, '<'); + if (start != NULL) { + start++; + end = strchr(from, '>'); + if (end != NULL) + passport = g_strndup(start, end - start); + } + if (passport == NULL) + passport = g_strdup(_("Unknown")); g_strfreev(tokens); } diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/msn/soap.c --- a/libpurple/protocols/msn/soap.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/msn/soap.c Thu May 14 21:34:38 2009 +0000 @@ -434,7 +434,7 @@ g_free(line); return; } else if (strcmp(key, "Content-Length") == 0) { - conn->body_len = atoi(value); + sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len)); } else if (strcmp(key, "Connection") == 0) { if (strcmp(value, "close") == 0) { conn->close_when_done = TRUE; diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/oscar/family_oservice.c --- a/libpurple/protocols/oscar/family_oservice.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/oscar/family_oservice.c Thu May 14 21:34:38 2009 +0000 @@ -151,7 +151,7 @@ memset(&csi, 0, sizeof(csi)); csi.exchange = exchange; - strncpy(csi.name, roomname, sizeof(csi.name)); + g_strlcpy(csi.name, roomname, sizeof(csi.name)); csi.instance = instance; /* diff -r 3c1022fd4893 -r 415803efb8b7 libpurple/protocols/qq/utils.c --- a/libpurple/protocols/qq/utils.c Thu May 14 21:33:19 2009 +0000 +++ b/libpurple/protocols/qq/utils.c Thu May 14 21:34:38 2009 +0000 @@ -222,7 +222,8 @@ * The return should be freed later. */ guint8 *hex_str_to_bytes(const gchar *const buffer, gint *out_len) { - gchar *hex_str, *hex_buffer, *cursor, tmp; + gchar *hex_str, *hex_buffer, *cursor; + gchar tmp[2]; guint8 *bytes, nibble1, nibble2; gint index; @@ -242,7 +243,9 @@ index = 0; for (cursor = hex_str; cursor < hex_str + sizeof(gchar) * (strlen(hex_str)) - 1; cursor++) { if (g_ascii_isdigit(*cursor)) { - tmp = *cursor; nibble1 = atoi(&tmp); + tmp[0] = *cursor; + tmp[1] = '\0'; + nibble1 = atoi(tmp); } else if (g_ascii_isalpha(*cursor) && (gint) *cursor - 87 < 16) { nibble1 = (gint) *cursor - 87; } else { @@ -254,7 +257,9 @@ nibble1 = nibble1 << 4; cursor++; if (g_ascii_isdigit(*cursor)) { - tmp = *cursor; nibble2 = atoi(&tmp); + tmp[0] = *cursor; + tmp[1] = '\0'; + nibble2 = atoi(tmp); } else if (g_ascii_isalpha(*cursor) && (gint) (*cursor - 87) < 16) { nibble2 = (gint) *cursor - 87; } else {