Attachment #22896 for bug #59194

View | Details | Raw Unified | Return to bug 59194
Collapse All | Expand All

Lines 523-529 Link Here

(-)gaim-0.81/src/gtkprefs.c (-2 / +4 lines)
523		523
524	void theme_install_theme(char path, char extn) {	524	void theme_install_theme(char path, char extn) {
525	#ifndef _WIN32	525	#ifndef _WIN32
526	gchar *command;	526	gchar command, escaped;
527	#endif	527	#endif
528	gchar *destdir;	528	gchar *destdir;
529	gchar *tail;	529	gchar *tail;
Lines 544-550 Link Here
544	* other platforms, if need be */	544	* other platforms, if need be */
545	if (!g_ascii_strcasecmp(tail, ".gz") \|\| !g_ascii_strcasecmp(tail, ".tgz")) {	545	if (!g_ascii_strcasecmp(tail, ".gz") \|\| !g_ascii_strcasecmp(tail, ".tgz")) {
546	#ifndef _WIN32	546	#ifndef _WIN32
547	command = g_strdup_printf("tar > /dev/null xzf \"%s\" -C %s", path, destdir);	547	escaped = g_shell_quote(path);
		548	command = g_strdup_printf("tar > /dev/null xzf %s -C %s", escaped, destdir);
		549	g_free(escaped);
548	#else	550	#else
549	if(!wgaim_gz_untar(path, destdir)) {	551	if(!wgaim_gz_untar(path, destdir)) {
550	g_free(destdir);	552	g_free(destdir);




	if ((tag = strstr(str, id "=\"")) != NULL) \
	{ \
		char buf[16]; \
		size_t offset; \
		tag += strlen(id "=\""); \
		c = strchr(tag, '"'); \
		if (c != NULL) \
		{ \
			memset(buf, 0, sizeof(buf)); \
			offset = c - tag; \
			if (offset >= sizeof(buf)) \
				offset = sizeof(buf) - 1; \
			strncpy(buf, tag, offset); \
			obj->field = atoi(buf); \
		} \
	}

static GList *local_objs;

Lines 645-652 Link Here

(-)gaim-0.81/src/protocols/msn/slp.c (-2 / +5 lines)
645	if ((c = strchr(status, '\r')) \|\| (c = strchr(status, '\n')) \|\|	645	if ((c = strchr(status, '\r')) \|\| (c = strchr(status, '\n')) \|\|
646	(c = strchr(status, '\0')))	646	(c = strchr(status, '\0')))
647	{	647	{
648	strncpy(temp, status, c - status);	648	size_t offset = c - status;
649	temp[c - status] = '\0';	649	if (offset >= sizeof(temp))
		650	offset = sizeof(temp) - 1;
		651	strncpy(temp, status, offset);
		652	temp[offset] = '\0';
650	}	653	}
651		654
652	gaim_debug_error("msn", "Received non-OK result: %s\n", temp);	655	gaim_debug_error("msn", "Received non-OK result: %s\n", temp);

Lines 27-32 Link Here

(-)gaim-0.81/src/protocols/novell/nmevent.c (-5 / +28 lines)
27	#include "nmuserrecord.h"	27	#include "nmuserrecord.h"
28	#include "nmrtf.h"	28	#include "nmrtf.h"
29		29
		30	#define MAX_UINT32 0xFFFFFFFF
		31
30	struct _NMEvent	32	struct _NMEvent
31	{	33	{
32		34
Lines 147-152 Link Here
147		149
148	/* Read the conference guid */	150	/* Read the conference guid */
149	rc = nm_read_uint32(conn, &size);	151	rc = nm_read_uint32(conn, &size);
		152	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		153
150	if (rc == NM_OK) {	154	if (rc == NM_OK) {
151	guid = g_new0(char, size + 1);	155	guid = g_new0(char, size + 1);
152	rc = nm_read_all(conn, guid, size);	156	rc = nm_read_all(conn, guid, size);
Lines 160-167 Link Here
160	/* Read the message text */	164	/* Read the message text */
161	if (rc == NM_OK) {	165	if (rc == NM_OK) {
162	rc = nm_read_uint32(conn, &size);	166	rc = nm_read_uint32(conn, &size);
163	if (rc == NM_OK) {	167	if (size == MAX_UINT32) return NMERR_PROTOCOL;
164		168
		169	if (rc == NM_OK) {
165	msg = g_new0(char, size + 1);	170	msg = g_new0(char, size + 1);
166	rc = nm_read_all(conn, msg, size);	171	rc = nm_read_all(conn, msg, size);
167		172
Lines 265-270 Link Here
265		270
266	/* Read the conference guid */	271	/* Read the conference guid */
267	rc = nm_read_uint32(conn, &size);	272	rc = nm_read_uint32(conn, &size);
		273	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		274
268	if (rc == NM_OK) {	275	if (rc == NM_OK) {
269	guid = g_new0(char, size + 1);	276	guid = g_new0(char, size + 1);
270	rc = nm_read_all(conn, guid, size);	277	rc = nm_read_all(conn, guid, size);
Lines 273-278 Link Here
273	/* Read the the message */	280	/* Read the the message */
274	if (rc == NM_OK) {	281	if (rc == NM_OK) {
275	rc = nm_read_uint32(conn, &size);	282	rc = nm_read_uint32(conn, &size);
		283	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		284
276	if (rc == NM_OK) {	285	if (rc == NM_OK) {
277	msg = g_new0(char, size + 1);	286	msg = g_new0(char, size + 1);
278	rc = nm_read_all(conn, msg, size);	287	rc = nm_read_all(conn, msg, size);
Lines 340-345 Link Here
340		349
341	/* Read the conference guid */	350	/* Read the conference guid */
342	rc = nm_read_uint32(conn, &size);	351	rc = nm_read_uint32(conn, &size);
		352	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		353
343	if (rc == NM_OK) {	354	if (rc == NM_OK) {
344	guid = g_new0(char, size + 1);	355	guid = g_new0(char, size + 1);
345	rc = nm_read_all(conn, guid, size);	356	rc = nm_read_all(conn, guid, size);
Lines 390-395 Link Here
390		401
391	/* Read the conference guid */	402	/* Read the conference guid */
392	rc = nm_read_uint32(conn, &size);	403	rc = nm_read_uint32(conn, &size);
		404	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		405
393	if (rc == NM_OK) {	406	if (rc == NM_OK) {
394	guid = g_new0(char, size + 1);	407	guid = g_new0(char, size + 1);
395	rc = nm_read_all(conn, guid, size);	408	rc = nm_read_all(conn, guid, size);
Lines 427-432 Link Here
427		440
428	/* Read the conference guid */	441	/* Read the conference guid */
429	rc = nm_read_uint32(conn, &size);	442	rc = nm_read_uint32(conn, &size);
		443	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		444
430	if (rc == NM_OK) {	445	if (rc == NM_OK) {
431	guid = g_new0(char, size + 1);	446	guid = g_new0(char, size + 1);
432	rc = nm_read_all(conn, guid, size);	447	rc = nm_read_all(conn, guid, size);
Lines 475-480 Link Here
475		490
476	/* Read the conference guid */	491	/* Read the conference guid */
477	rc = nm_read_uint32(conn, &size);	492	rc = nm_read_uint32(conn, &size);
		493	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		494
478	if (rc == NM_OK) {	495	if (rc == NM_OK) {
479	guid = g_new0(char, size + 1);	496	guid = g_new0(char, size + 1);
480	rc = nm_read_all(conn, guid, size);	497	rc = nm_read_all(conn, guid, size);
Lines 513-518 Link Here
513		530
514	/* Read the conference guid */	531	/* Read the conference guid */
515	rc = nm_read_uint32(conn, &size);	532	rc = nm_read_uint32(conn, &size);
		533	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		534
516	if (rc == NM_OK) {	535	if (rc == NM_OK) {
517	guid = g_new0(char, size + 1);	536	guid = g_new0(char, size + 1);
518	rc = nm_read_all(conn, guid, size);	537	rc = nm_read_all(conn, guid, size);
Lines 570-575 Link Here
570		589
571	/* Read the conference guid */	590	/* Read the conference guid */
572	rc = nm_read_uint32(conn, &size);	591	rc = nm_read_uint32(conn, &size);
		592	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		593
573	if (rc == NM_OK) {	594	if (rc == NM_OK) {
574	guid = g_new0(char, size + 1);	595	guid = g_new0(char, size + 1);
575	rc = nm_read_all(conn, guid, size);	596	rc = nm_read_all(conn, guid, size);
Lines 611-621 Link Here
611		632
612	/* Read the status text */	633	/* Read the status text */
613	rc = nm_read_uint32(conn, &size);	634	rc = nm_read_uint32(conn, &size);
		635	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		636
614	if (rc == NM_OK) {	637	if (rc == NM_OK) {
615	if (size > 0) {	638	text = g_new0(char, size + 1);
616	text = g_new0(char, size + 1);	639	rc = nm_read_all(conn, text, size);
617	rc = nm_read_all(conn, text, size);
618	}
619	}	640	}
620	}	641	}
621		642
Lines 649-654 Link Here
649		670
650	/* Read the conference guid */	671	/* Read the conference guid */
651	rc = nm_read_uint32(conn, &size);	672	rc = nm_read_uint32(conn, &size);
		673	if (size == MAX_UINT32) return NMERR_PROTOCOL;
		674
652	if (rc == NM_OK) {	675	if (rc == NM_OK) {
653	guid = g_new0(char, size + 1);	676	guid = g_new0(char, size + 1);
654	rc = nm_read_all(conn, guid, size);	677	rc = nm_read_all(conn, guid, size);




    gboolean param_set = FALSE;
    gboolean is_neg = FALSE;
    int param = 0;
    char *pch;
    char keyword[30];
    char parameter[20];
	int i;

    keyword[0] = '\0';
    parameter[0] = '\0';

    }

	/* parse keyword */
	for (i = 0; isalpha(ch) && (i < sizeof(keyword) - 1); rtf_get_char(ctx, &ch)) {
		keyword[i] = (char) ch;
		i++;
	}
	keyword[i] = '\0';

	/* check for '-' indicated a negative parameter value  */
    if (ch == '-') {

    if (isdigit(ch)) {

        param_set = TRUE;
		for (i = 0; isdigit(ch) && (i < sizeof(parameter) - 1); rtf_get_char(ctx, &ch)) {
			parameter[i] = (char) ch;
			i++;
		}
		parameter[i] = '\0';

        ctx->param = param = atoi(parameter);
        if (is_neg)




        GSList *subscrips;
        int last_id;
        unsigned short port;
        char ourhost[HOST_NAME_MAX + 1];
        char ourhostcanon[HOST_NAME_MAX + 1];
};

/* struct I need for zephyr_to_html */

	/* XXX This code may not be Win32 clean */
	struct hostent *hent;
	
	if (gethostname(zephyr->ourhost, sizeof(zephyr->ourhost)) == -1) {
		gaim_debug(GAIM_DEBUG_ERROR, "zephyr", "unable to retrieve hostname, %%host%% and %%canon%% will be wrong in subscriptions and have been set to unknown\n");
		g_strlcpy(zephyr->ourhost, "unknown", sizeof(zephyr->ourhost));
		g_strlcpy(zephyr->ourhostcanon, "unknown", sizeof(zephyr->ourhostcanon));
		return;
	}
	
	if (!(hent = gethostbyname(zephyr->ourhost))) {
		gaim_debug(GAIM_DEBUG_ERROR,"zephyr", "unable to resolve hostname, %%canon%% will be wrong in subscriptions.and has been set to the value of %%host%%, %s\n",zephyr->ourhost);
		g_strlcpy(zephyr->ourhostcanon, zephyr->ourhost, sizeof(zephyr->ourhostcanon));
		return;
	}

	g_strlcpy(zephyr->ourhostcanon, hent->h_name, sizeof(zephyr->ourhostcanon));

	return;
}


Lines 2627-2634 Link Here

(-)gaim-0.81/src/util.c (-4 / +18 lines)
2627	* if we make sure that there is indeed a \n in our header.	2627	* if we make sure that there is indeed a \n in our header.
2628	*/	2628	*/
2629	if (p && g_strstr_len(p, data_len - (p - data), "\n")) {	2629	if (p && g_strstr_len(p, data_len - (p - data), "\n")) {
2630	sscanf(p, "Content-Length: %d", (int *)&content_len);	2630	sscanf(p, "Content-Length: %u", (int *)&content_len);
2631	gaim_debug_misc("parse_content_len", "parsed %d\n", content_len);	2631	gaim_debug_misc("parse_content_len", "parsed %u\n", content_len);
2632	}	2632	}
2633		2633
2634	return content_len;	2634	return content_len;
Lines 2752-2758 Link Here
2752		2752
2753	/* In with the new. */	2753	/* In with the new. */
2754	gfud->data_len = content_len;	2754	gfud->data_len = content_len;
2755	gfud->webdata = g_malloc(gfud->data_len);	2755	gfud->webdata = g_try_malloc(gfud->data_len);
		2756	if (gfud->webdata == NULL) {
		2757	gaim_debug_error("gaim_url_fetch", "Failed to allocate %u bytes: %s\n", gfud->data_len, strerror(errno));
		2758	gaim_input_remove(gfud->inpa);
		2759	close(sock);
		2760	gfud->callback(gfud->user_data, NULL, 0);
		2761	destroy_fetch_url_data(gfud);
		2762	}
2756	}	2763	}
2757	else	2764	else
2758	gfud->newline = TRUE;	2765	gfud->newline = TRUE;
Lines 2839-2849 Link Here
2839	static char buf[BUF_LEN];	2846	static char buf[BUF_LEN];
2840	guint i, j = 0;	2847	guint i, j = 0;
2841	char *bum;	2848	char *bum;
		2849	char hex[3];
2842		2850
2843	g_return_val_if_fail(str != NULL, NULL);	2851	g_return_val_if_fail(str != NULL, NULL);
2844		2852
		2853	/*
		2854	* XXX - This check could be removed and buf could be made
		2855	* dynamically allocated, but this is easier.
		2856	*/
		2857	if (strlen(str) >= BUF_LEN)
		2858	return NULL;
		2859
2845	for (i = 0; i < strlen(str); i++) {	2860	for (i = 0; i < strlen(str); i++) {
2846	char hex[3];
2847		2861
2848	if (str[i] != '%')	2862	if (str[i] != '%')
2849	buf[j++] = str[i];	2863	buf[j++] = str[i];

Return to bug 59194

Lines 35-45 Link Here

(-)gaim-0.81/src/protocols/msn/object.c (-3 / +10 lines)
35	if ((tag = strstr(str, id "=\"")) != NULL) \	35	if ((tag = strstr(str, id "=\"")) != NULL) \
36	{ \	36	{ \
37	char buf[16]; \	37	char buf[16]; \
		38	size_t offset; \
38	tag += strlen(id "=\""); \	39	tag += strlen(id "=\""); \
39	c = strchr(tag, '"'); \	40	c = strchr(tag, '"'); \
40	strncpy(buf, tag, c - tag); \	41	if (c != NULL) \
41	buf[c - tag] = '\0'; \	42	{ \
42	obj->field = atoi(buf); \	43	memset(buf, 0, sizeof(buf)); \
		44	offset = c - tag; \
		45	if (offset >= sizeof(buf)) \
		46	offset = sizeof(buf) - 1; \
		47	strncpy(buf, tag, offset); \
		48	obj->field = atoi(buf); \
		49	} \
43	}	50	}
44		51
45	static GList *local_objs;	52	static GList *local_objs;

Lines 506-514 Link Here

(-)gaim-0.81/src/protocols/novell/nmrtf.c (-9 / +9 lines)
506	gboolean param_set = FALSE;	506	gboolean param_set = FALSE;
507	gboolean is_neg = FALSE;	507	gboolean is_neg = FALSE;
508	int param = 0;	508	int param = 0;
509	char *pch;
510	char keyword[30];	509	char keyword[30];
511	char parameter[20];	510	char parameter[20];
		511	int i;
512		512
513	keyword[0] = '\0';	513	keyword[0] = '\0';
514	parameter[0] = '\0';	514	parameter[0] = '\0';
Lines 523-533 Link Here
523	}	523	}
524		524
525	/* parse keyword */	525	/* parse keyword */
526	for (pch = keyword; isalpha(ch); rtf_get_char(ctx, &ch)) {	526	for (i = 0; isalpha(ch) && (i < sizeof(keyword) - 1); rtf_get_char(ctx, &ch)) {
527	*pch = (char) ch;	527	keyword[i] = (char) ch;
528	pch++;	528	i++;
529	}	529	}
530	*pch = '\0';	530	keyword[i] = '\0';
531		531
532	/* check for '-' indicated a negative parameter value */	532	/* check for '-' indicated a negative parameter value */
533	if (ch == '-') {	533	if (ch == '-') {
Lines 540-550 Link Here
540	if (isdigit(ch)) {	540	if (isdigit(ch)) {
541		541
542	param_set = TRUE;	542	param_set = TRUE;
543	for (pch = parameter; isdigit(ch); rtf_get_char(ctx, &ch)) {	543	for (i = 0; isdigit(ch) && (i < sizeof(parameter) - 1); rtf_get_char(ctx, &ch)) {
544	*pch = (char) ch;	544	parameter[i] = (char) ch;
545	pch++;	545	i++;
546	}	546	}
547	*pch = '\0';	547	parameter[i] = '\0';
548		548
549	ctx->param = param = atoi(parameter);	549	ctx->param = param = atoi(parameter);
550	if (is_neg)	550	if (is_neg)

Lines 67-74 Link Here

(-)gaim-0.81/src/protocols/zephyr/zephyr.c (-7 / +9 lines)
67	GSList *subscrips;	67	GSList *subscrips;
68	int last_id;	68	int last_id;
69	unsigned short port;	69	unsigned short port;
70	char ourhost[MAXHOSTNAMELEN];	70	char ourhost[HOST_NAME_MAX + 1];
71	char ourhostcanon[MAXHOSTNAMELEN];	71	char ourhostcanon[HOST_NAME_MAX + 1];
72	};	72	};
73		73
74	/* struct I need for zephyr_to_html */	74	/* struct I need for zephyr_to_html */
Lines 860-878 Link Here
860	/* XXX This code may not be Win32 clean */	860	/* XXX This code may not be Win32 clean */
861	struct hostent *hent;	861	struct hostent *hent;
862		862
863	if (gethostname(zephyr->ourhost, sizeof(zephyr->ourhost)-1) == -1) {	863	if (gethostname(zephyr->ourhost, sizeof(zephyr->ourhost)) == -1) {
864	gaim_debug(GAIM_DEBUG_ERROR, "zephyr", "unable to retrieve hostname, %%host%% and %%canon%% will be wrong in subscriptions and have been set to unknown\n");	864	gaim_debug(GAIM_DEBUG_ERROR, "zephyr", "unable to retrieve hostname, %%host%% and %%canon%% will be wrong in subscriptions and have been set to unknown\n");
865	g_stpcpy(zephyr->ourhost,"unknown");	865	g_strlcpy(zephyr->ourhost, "unknown", sizeof(zephyr->ourhost));
866	g_stpcpy(zephyr->ourhostcanon,"unknown");	866	g_strlcpy(zephyr->ourhostcanon, "unknown", sizeof(zephyr->ourhostcanon));
867	return;	867	return;
868	}	868	}
869		869
870	if (!(hent = gethostbyname(zephyr->ourhost))) {	870	if (!(hent = gethostbyname(zephyr->ourhost))) {
871	gaim_debug(GAIM_DEBUG_ERROR,"zephyr", "unable to resolve hostname, %%canon%% will be wrong in subscriptions.and has been set to the value of %%host%%, %s\n",zephyr->ourhost);	871	gaim_debug(GAIM_DEBUG_ERROR,"zephyr", "unable to resolve hostname, %%canon%% will be wrong in subscriptions.and has been set to the value of %%host%%, %s\n",zephyr->ourhost);
872	g_stpcpy(zephyr->ourhostcanon,zephyr->ourhost);	872	g_strlcpy(zephyr->ourhostcanon, zephyr->ourhost, sizeof(zephyr->ourhostcanon));
873	return;	873	return;
874	}	874	}
875	g_stpcpy(zephyr->ourhostcanon,hent->h_name);	875
		876	g_strlcpy(zephyr->ourhostcanon, hent->h_name, sizeof(zephyr->ourhostcanon));
		877
876	return;	878	return;
877	}	879	}
878		880