changeset 25611:415803efb8b7

merge of '65a7d608054498ee4f5752fe003c5e19dd47758d' and 'f79b498a9d29cfc60c9b2db90fb0976afec6b756'
author Paul Aurich <paul@darkrain42.org>
date Thu, 14 May 2009 21:34:38 +0000
parents 3c1022fd4893 (current diff) a81f75025e14 (diff)
children c269f065b8af
files
diffstat 6 files changed, 51 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/jabber/si.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/jabber/si.c	Thu May 14 21:34:38 2009 +0000
@@ -354,7 +354,7 @@
 {
 	PurpleXfer *xfer = data;
 	JabberSIXfer *jsx = xfer->data;
-	char buffer[256];
+	char buffer[42]; /* 40 for DST.ADDR + 2 bytes for port number*/
 	int len;
 	char *dstaddr, *hash;
 	const char *host;
@@ -378,16 +378,19 @@
 		jsx->rxlen += len;
 		return;
 	} else if(jsx->rxqueue[0] != 0x05 || jsx->rxqueue[1] != 0x01 ||
-			jsx->rxqueue[3] != 0x03) {
-		purple_debug_info("jabber", "invalid socks5 stuff\n");
+			jsx->rxqueue[3] != 0x03 || jsx->rxqueue[4] != 40) {
+		purple_debug_info("jabber", "Invalid socks5 conn req. header[0x%x,0x%x,0x%x,0x%x,0x%x]\n",
+				  jsx->rxqueue[0], jsx->rxqueue[1], jsx->rxqueue[2],
+				  jsx->rxqueue[3], jsx->rxqueue[4]);
 		purple_input_remove(xfer->watcher);
 		xfer->watcher = 0;
 		close(source);
 		purple_xfer_cancel_remote(xfer);
 		return;
 	} else if(jsx->rxlen - 5 <  jsx->rxqueue[4] + 2) {
-		purple_debug_info("jabber", "reading umpteen more bytes\n");
-		len = read(source, buffer, jsx->rxqueue[4] + 5 + 2 - jsx->rxlen);
+		purple_debug_info("jabber", "reading %u bytes for DST.ADDR + port num (trying to read %u now)\n",
+				  jsx->rxqueue[4] + 2, jsx->rxqueue[4] + 2 - (jsx->rxlen - 5));
+		len = read(source, buffer, jsx->rxqueue[4] + 2 - (jsx->rxlen - 5));
 		if(len < 0 && errno == EAGAIN)
 			return;
 		else if(len <= 0) {
@@ -402,6 +405,7 @@
 		jsx->rxlen += len;
 	}
 
+	/* Have we not read all of DST.ADDR and the following 2-byte port number? */
 	if(jsx->rxlen - 5 < jsx->rxqueue[4] + 2)
 		return;
 
@@ -415,9 +419,16 @@
 	/* Per XEP-0065, the 'host' must be SHA1(SID + from JID + to JID) */
 	hash = jabber_calculate_data_sha1sum(dstaddr, strlen(dstaddr));
 
-	if(jsx->rxqueue[4] != 40 || strncmp(hash, jsx->rxqueue+5, 40) ||
+	if(strncmp(hash, jsx->rxqueue + 5, 40) ||
 			jsx->rxqueue[45] != 0x00 || jsx->rxqueue[46] != 0x00) {
-		purple_debug_error("jabber", "someone connected with the wrong info!\n");
+		if (jsx->rxqueue[45] != 0x00 || jsx->rxqueue[46] != 0x00)
+			purple_debug_error("jabber", "Got SOCKS5 BS conn with the wrong DST.PORT"
+						     " (must be 0 - got[0x%x,0x%x]).\n",
+						     jsx->rxqueue[45], jsx->rxqueue[46]);
+		else
+			purple_debug_error("jabber", "Got SOCKS5 BS conn with the wrong DST.ADDR"
+						     " (expected '%s' - got '%.40s').\n",
+						     hash, jsx->rxqueue + 5);
 		close(source);
 		purple_xfer_cancel_remote(xfer);
 		g_free(hash);
@@ -478,11 +489,13 @@
 	purple_input_remove(xfer->watcher);
 	xfer->watcher = 0;
 
+	/* If we sent a "Success", wait for a response, otherwise give up and cancel */
 	if (jsx->rxqueue[1] == 0x00) {
 		xfer->watcher = purple_input_add(source, PURPLE_INPUT_READ,
 			jabber_si_xfer_bytestreams_send_read_again_cb, xfer);
 		g_free(jsx->rxqueue);
 		jsx->rxqueue = NULL;
+		jsx->rxlen = 0;
 	} else {
 		close(source);
 		purple_xfer_cancel_remote(xfer);
@@ -503,6 +516,7 @@
 
 	xfer->fd = source;
 
+	/** Try to read the SOCKS5 header */
 	if(jsx->rxlen < 2) {
 		purple_debug_info("jabber", "reading those first two bytes\n");
 		len = read(source, buffer, 2 - jsx->rxlen);
@@ -520,8 +534,9 @@
 		jsx->rxlen += len;
 		return;
 	} else if(jsx->rxlen - 2 <  jsx->rxqueue[1]) {
-		purple_debug_info("jabber", "reading the next umpteen bytes\n");
-		len = read(source, buffer, jsx->rxqueue[1] + 2 - jsx->rxlen);
+		purple_debug_info("jabber", "reading %u bytes for auth methods (trying to read %u now)\n",
+				  jsx->rxqueue[1], jsx->rxqueue[1] - (jsx->rxlen - 2));
+		len = read(source, buffer, jsx->rxqueue[1] - (jsx->rxlen - 2));
 		if(len < 0 && errno == EAGAIN)
 			return;
 		else if(len <= 0) {
@@ -536,6 +551,7 @@
 		jsx->rxlen += len;
 	}
 
+	/* Have we not read all the auth. method bytes? */
 	if(jsx->rxlen -2 < jsx->rxqueue[1])
 		return;
 
--- a/libpurple/protocols/msn/httpconn.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/msn/httpconn.c	Thu May 14 21:34:38 2009 +0000
@@ -219,7 +219,13 @@
 		g_free(tmp);
 
 		t = strchr(full_session_id, '.');
-		session_id = g_strndup(full_session_id, t - full_session_id);
+		if (t != NULL)
+			session_id = g_strndup(full_session_id, t - full_session_id);
+		else {
+			purple_debug_error("msn", "Malformed full_session_id[%s]\n",
+					   full_session_id ? full_session_id : NULL);
+			session_id = g_strdup(full_session_id);
+		}
 
 		if (session_action == NULL || strcmp(session_action, "close") != 0)
 		{
--- a/libpurple/protocols/msn/oim.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/msn/oim.c	Thu May 14 21:34:38 2009 +0000
@@ -668,9 +668,15 @@
 		if (tokens[1] != NULL)
 			from = (const char *)tokens[1];
 
-		start = strchr(from, '<') + 1;
-		end = strchr(from, '>');
-		passport = g_strndup(start, end - start);
+		start = strchr(from, '<');
+		if (start != NULL) {
+			start++;
+			end = strchr(from, '>');
+			if (end != NULL)
+				passport = g_strndup(start, end - start);
+		}
+		if (passport == NULL)
+			passport = g_strdup(_("Unknown"));
 
 		g_strfreev(tokens);
 	}
--- a/libpurple/protocols/msn/soap.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/msn/soap.c	Thu May 14 21:34:38 2009 +0000
@@ -434,7 +434,7 @@
 					g_free(line);
 					return;
 				} else if (strcmp(key, "Content-Length") == 0) {
-					conn->body_len = atoi(value);
+					sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len));
 				} else if (strcmp(key, "Connection") == 0) {
 					if (strcmp(value, "close") == 0) {
 						conn->close_when_done = TRUE;
--- a/libpurple/protocols/oscar/family_oservice.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/oscar/family_oservice.c	Thu May 14 21:34:38 2009 +0000
@@ -151,7 +151,7 @@
 
 	memset(&csi, 0, sizeof(csi));
 	csi.exchange = exchange;
-	strncpy(csi.name, roomname, sizeof(csi.name));
+	g_strlcpy(csi.name, roomname, sizeof(csi.name));
 	csi.instance = instance;
 
 	/*
--- a/libpurple/protocols/qq/utils.c	Thu May 14 21:33:19 2009 +0000
+++ b/libpurple/protocols/qq/utils.c	Thu May 14 21:34:38 2009 +0000
@@ -222,7 +222,8 @@
  * The return should be freed later. */
 guint8 *hex_str_to_bytes(const gchar *const buffer, gint *out_len)
 {
-	gchar *hex_str, *hex_buffer, *cursor, tmp;
+	gchar *hex_str, *hex_buffer, *cursor;
+	gchar tmp[2];
 	guint8 *bytes, nibble1, nibble2;
 	gint index;
 
@@ -242,7 +243,9 @@
 	index = 0;
 	for (cursor = hex_str; cursor < hex_str + sizeof(gchar) * (strlen(hex_str)) - 1; cursor++) {
 		if (g_ascii_isdigit(*cursor)) {
-			tmp = *cursor; nibble1 = atoi(&tmp);
+			tmp[0] = *cursor;
+			tmp[1] = '\0';
+			nibble1 = atoi(tmp);
 		} else if (g_ascii_isalpha(*cursor) && (gint) *cursor - 87 < 16) {
 			nibble1 = (gint) *cursor - 87;
 		} else {
@@ -254,7 +257,9 @@
 		nibble1 = nibble1 << 4;
 		cursor++;
 		if (g_ascii_isdigit(*cursor)) {
-			tmp = *cursor; nibble2 = atoi(&tmp);
+			tmp[0] = *cursor;
+			tmp[1] = '\0';
+			nibble2 = atoi(tmp);
 		} else if (g_ascii_isalpha(*cursor) && (gint) (*cursor - 87) < 16) {
 			nibble2 = (gint) *cursor - 87;
 		} else {