Attachment #22900 for bug #59194

View | Details | Raw Unified | Return to bug 59194
Collapse All | Expand All

Lines 32-38 Code_t ZInitialize() Link Here

(-)gaim-0.67/src/protocols/zephyr/ZInit.c (-1 / +2 lines)
32	{	32	{
33	struct servent *hmserv;	33	struct servent *hmserv;
34	struct hostent *hostent;	34	struct hostent *hostent;
35	char addr[4], hostname[MAXHOSTNAMELEN];	35	char addr[4], hostname[MAXHOSTNAMELEN+1];
36	struct in_addr servaddr;	36	struct in_addr servaddr;
37	struct sockaddr_in sin;	37	struct sockaddr_in sin;
38	int s, sinsize = sizeof(sin);	38	int s, sinsize = sizeof(sin);
Lines 134-139 Code_t ZInitialize() Link Here
134	* is a pretty broken thing to do, and unfortunately what we	134	* is a pretty broken thing to do, and unfortunately what we
135	* always do on server machines.) */	135	* always do on server machines.) */
136	if (gethostname(hostname, sizeof(hostname)) == 0) {	136	if (gethostname(hostname, sizeof(hostname)) == 0) {
		137	hostname[sizeof(hostname)-1] = '\0';
137	hostent = gethostbyname(hostname);	138	hostent = gethostbyname(hostname);
138	if (hostent && hostent->h_addrtype == AF_INET)	139	if (hostent && hostent->h_addrtype == AF_INET)
139	memcpy(&__My_addr, hostent->h_addr, sizeof(__My_addr));	140	memcpy(&__My_addr, hostent->h_addr, sizeof(__My_addr));





	g_return_val_if_fail(str != NULL, NULL);

	for (i = 0; i < strlen(str) && j < sizeof(buf)-2; i++) {
		char hex[3];

		if (str[i] != '%')

	g_return_val_if_fail(str != NULL, NULL);

	for (i = 0; i < strlen(str); i++) {
		if (isalnum(str[i])) {
			if(j+1 >= sizeof(buf)-1) break;
			buf[j++] = str[i];
		}
		else {
			if(j+3 >= sizeof(buf)-1) break;
			sprintf(buf + j, "%%%02x", (unsigned char)str[i]);
			j += 3;
		}




parse_content_len(const char *data, size_t data_len)
{
	size_t content_len = 0;
	const char *p = NULL;

	/* This is still technically wrong, since headers are case-insensitive
	 * [RFC 2616, section 4.2], though this ought to catch the normal case.
	 * Note: data is _not_ nul-terminated.
	 */
	if (data_len > 16) {
		p = strncmp(data, "Content-Length: ", 16) == 0? data: NULL;
		if (!p) {
			p = g_strstr_len(data, data_len, "\nContent-Length: ");
			if (p)
				p += 1;
		}
	}

	/* If we can find a Content-Length header at all, try to sscanf it.
	 * Response headers should end with at least \r\n, so sscanf is safe,
	 * if we make sure that there is indeed a \n in our header.
	 */
	if (p && g_strstr_len(p, data_len - (p - data), "\n")) {
		sscanf(p, "Content-Length: %u", (int *)&content_len);
	}

	return content_len;
}


					/* In with the new. */
					gunk->data_len = content_len;
					gunk->webdata = g_try_malloc(gunk->data_len);
					if (gunk->webdata == NULL) {
						gaim_debug(GAIM_DEBUG_ERROR, "gaim_url_fetch", "Failed to allocate %u bytes: %s\n", gunk->data_len, strerror(errno));
						gaim_input_remove(gunk->inpa);
						close(sock);
						gunk->callback(gunk->data, NULL, 0);
						g_free(gunk->webdata);
						g_free(gunk->website);
						g_free(gunk->url);
						g_free(gunk);
					}

				}
				else
					gunk->newline = TRUE;

Lines 449-455 GtkTreePath *theme_refresh_theme_list() Link Here

(-)gaim-0.67/src/gtkprefs.c (-2 / +4 lines)
449		449
450	void theme_install_theme(char path, char extn) {	450	void theme_install_theme(char path, char extn) {
451	#ifndef _WIN32	451	#ifndef _WIN32
452	gchar *command;	452	gchar command, escaped;
453	#endif	453	#endif
454	gchar *destdir;	454	gchar *destdir;
455	gchar *tail;	455	gchar *tail;
Lines 469-475 void theme_install_theme(char *path, cha Link Here
469	* other platforms, if need be */	469	* other platforms, if need be */
470	if (!g_ascii_strcasecmp(tail, ".gz") \|\| !g_ascii_strcasecmp(tail, ".tgz")) {	470	if (!g_ascii_strcasecmp(tail, ".gz") \|\| !g_ascii_strcasecmp(tail, ".tgz")) {
471	#ifndef _WIN32	471	#ifndef _WIN32
472	command = g_strdup_printf("tar > /dev/null xzf \"%s\" -C %s", path, destdir);	472	escaped = g_shell_quote(path);
		473	command = g_strdup_printf("tar > /dev/null xzf %s -C %s", escaped, destdir);
		474	g_free(escaped);
473	#else	475	#else
474	if(!wgaim_gz_untar(path, destdir)) {	476	if(!wgaim_gz_untar(path, destdir)) {
475	g_free(destdir);	477	g_free(destdir);

Return to bug 59194

Lines 192-199 static size_t Link Here

(-)gaim-0.67/src/html.c (-2 / +33 lines)
192	parse_content_len(const char *data, size_t data_len)	192	parse_content_len(const char *data, size_t data_len)
193	{	193	{
194	size_t content_len = 0;	194	size_t content_len = 0;
		195	const char *p = NULL;
195		196
196	sscanf(data, "Content-Length: %d", &content_len);	197	/* This is still technically wrong, since headers are case-insensitive
		198	* [RFC 2616, section 4.2], though this ought to catch the normal case.
		199	* Note: data is _not_ nul-terminated.
		200	*/
		201	if (data_len > 16) {
		202	p = strncmp(data, "Content-Length: ", 16) == 0? data: NULL;
		203	if (!p) {
		204	p = g_strstr_len(data, data_len, "\nContent-Length: ");
		205	if (p)
		206	p += 1;
		207	}
		208	}
		209
		210	/* If we can find a Content-Length header at all, try to sscanf it.
		211	* Response headers should end with at least \r\n, so sscanf is safe,
		212	* if we make sure that there is indeed a \n in our header.
		213	*/
		214	if (p && g_strstr_len(p, data_len - (p - data), "\n")) {
		215	sscanf(p, "Content-Length: %u", (int *)&content_len);
		216	}
197		217
198	return content_len;	218	return content_len;
199	}	219	}
Lines 272-278 static void grab_url_callback(gpointer d Link Here
272		292
273	/* In with the new. */	293	/* In with the new. */
274	gunk->data_len = content_len;	294	gunk->data_len = content_len;
275	gunk->webdata = g_malloc(gunk->data_len);	295	gunk->webdata = g_try_malloc(gunk->data_len);
		296	if (gunk->webdata == NULL) {
		297	gaim_debug(GAIM_DEBUG_ERROR, "gaim_url_fetch", "Failed to allocate %u bytes: %s\n", gunk->data_len, strerror(errno));
		298	gaim_input_remove(gunk->inpa);
		299	close(sock);
		300	gunk->callback(gunk->data, NULL, 0);
		301	g_free(gunk->webdata);
		302	g_free(gunk->website);
		303	g_free(gunk->url);
		304	g_free(gunk);
		305	}
		306
276	}	307	}
277	else	308	else
278	gunk->newline = TRUE;	309	gunk->newline = TRUE;

Lines 30-36 msn_url_decode(const char *str) Link Here

(-)gaim-0.67/src/protocols/msn/utils.c (-2 / +5 lines)
30		30
31	g_return_val_if_fail(str != NULL, NULL);	31	g_return_val_if_fail(str != NULL, NULL);
32		32
33	for (i = 0; i < strlen(str); i++) {	33	for (i = 0; i < strlen(str) && j < sizeof(buf)-2; i++) {
34	char hex[3];	34	char hex[3];
35		35
36	if (str[i] != '%')	36	if (str[i] != '%')
Lines 67-75 msn_url_encode(const char *str) Link Here
67	g_return_val_if_fail(str != NULL, NULL);	67	g_return_val_if_fail(str != NULL, NULL);
68		68
69	for (i = 0; i < strlen(str); i++) {	69	for (i = 0; i < strlen(str); i++) {
70	if (isalnum(str[i]))	70	if (isalnum(str[i])) {
		71	if(j+1 >= sizeof(buf)-1) break;
71	buf[j++] = str[i];	72	buf[j++] = str[i];
		73	}
72	else {	74	else {
		75	if(j+3 >= sizeof(buf)-1) break;
73	sprintf(buf + j, "%%%02x", (unsigned char)str[i]);	76	sprintf(buf + j, "%%%02x", (unsigned char)str[i]);
74	j += 3;	77	j += 3;
75	}	78	}