Skip to content
Permalink
Browse files

Secured code to prevent buffer overflows and memory leaks

  • Loading branch information...
flashcode committed Jan 24, 2004
1 parent dcb3b6f commit 8bcbc3dcae92eaff85bb07476561a3361c2109cd
@@ -159,7 +159,7 @@ gui_window_set_color (WINDOW *window, int num_color)
int
gui_window_has_nicklist (t_gui_window *window)
{
return (window->win_nick != NULL);
return ((window->win_nick != NULL) ? 1 : 0);
}


@@ -321,7 +321,7 @@ gui_draw_window_title (t_gui_window *window)
}
if (CHANNEL(window))
{
sprintf (format, "%%-%ds", window->win_width);
snprintf (format, 32, "%%-%ds", window->win_width);
if (CHANNEL(window)->topic)
mvwprintw (window->win_title, 0, 0, format,
CHANNEL(window)->topic);
@@ -390,7 +390,7 @@ gui_display_end_of_line (t_gui_window *window, t_gui_line *line, int count)
t_gui_message *ptr_message;
char saved_char, format_align[32];

sprintf (format_align, "%%-%ds", line->length_align);
snprintf (format_align, 32, "%%-%ds", line->length_align);
num_lines = gui_get_line_num_splits (window, line);
ptr_message = line->messages;
offset = 0;
@@ -470,7 +470,7 @@ gui_display_line (t_gui_window *window, t_gui_line *line, int stop_at_end)
t_gui_message *ptr_message;
char saved_char, format_align[32];

sprintf (format_align, "%%-%ds", line->length_align);
snprintf (format_align, 32, "%%-%ds", line->length_align);
ptr_message = line->messages;
offset = 0;
while (ptr_message)
@@ -665,7 +665,7 @@ gui_draw_window_nick (t_gui_window *window)
window->win_nick_x);
gui_draw_window_chat (window);
}
sprintf (format, "%%-%ds", max_length);
snprintf (format, 32, "%%-%ds", max_length);

if (has_colors ())
{
@@ -894,7 +894,7 @@ gui_draw_window_status (t_gui_window *window)
mvwprintw (window->win_status, 0, COLS - 7, _("-MORE-"));
else
{
sprintf (format_more, "%%-%ds", strlen (_("-MORE-")));
snprintf (format_more, 32, "%%-%ds", strlen (_("-MORE-")));
mvwprintw (window->win_status, 0, COLS - 7, format_more, " ");
}

@@ -939,12 +939,15 @@ gui_draw_window_infobar (t_gui_window *window)
wrefresh (window->win_infobar);
}
wmove (window->win_infobar, 0, 0);
gui_window_set_color (window->win_infobar, COLOR_WIN_INFOBAR);

time_seconds = time (NULL);
local_time = localtime (&time_seconds);
strftime (text, 1024, cfg_look_infobar_timestamp, local_time);
wprintw (window->win_infobar, "%s", text);
if (local_time)
{
strftime (text, 1024, cfg_look_infobar_timestamp, local_time);
gui_window_set_color (window->win_infobar, COLOR_WIN_INFOBAR);
wprintw (window->win_infobar, "%s", text);
}
if (gui_infobar)
{
gui_window_set_color (window->win_infobar, gui_infobar->color);
@@ -1039,7 +1042,7 @@ gui_draw_window_input (t_gui_window *window)
}
if (CHANNEL(window))
{
sprintf (format, "%%s %%s> %%-%ds", input_width);
snprintf (format, 32, "%%s %%s> %%-%ds", input_width);
mvwprintw (window->win_input, 0, 0, format,
CHANNEL(window)->name,
SERVER(window)->nick,
@@ -1053,7 +1056,7 @@ gui_draw_window_input (t_gui_window *window)
{
if (SERVER(window))
{
sprintf (format, "%%s> %%-%ds", input_width);
snprintf (format, 32, "%%s> %%-%ds", input_width);
if (SERVER(window) && (SERVER(window)->is_connected))
ptr_nickname = SERVER(window)->nick;
else
@@ -1067,7 +1070,7 @@ gui_draw_window_input (t_gui_window *window)
}
else
{
sprintf (format, "%%s> %%-%ds", input_width);
snprintf (format, 32, "%%s> %%-%ds", input_width);
if (SERVER(window) && (SERVER(window)->is_connected))
ptr_nickname = SERVER(window)->nick;
else
@@ -1643,13 +1646,13 @@ gui_printf_color_type (t_gui_window *window, int type, int color, char *message,
if ((!window->last_line) || (window->line_complete))
{
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_DARK, "[");
sprintf (timestamp, "%02d", date_tmp->tm_hour);
snprintf (timestamp, 16, "%02d", date_tmp->tm_hour);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_TIME, timestamp);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_TIME_SEP, ":");
sprintf (timestamp, "%02d", date_tmp->tm_min);
snprintf (timestamp, 16, "%02d", date_tmp->tm_min);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_TIME, timestamp);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_TIME_SEP, ":");
sprintf (timestamp, "%02d", date_tmp->tm_sec);
snprintf (timestamp, 16, "%02d", date_tmp->tm_sec);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_TIME, timestamp);
gui_add_message (window, MSG_TYPE_TIME, COLOR_WIN_CHAT_DARK, "] ");
}
@@ -291,7 +291,7 @@ gui_window_free (t_gui_window *window)

/* always at least one window */
if (!gui_windows && create_new)
gui_window_new (NULL, NULL, 1);
(void) gui_window_new (NULL, NULL, 1);
}

/*
@@ -353,18 +353,32 @@ server_sendf (t_irc_server * server, char *fmt, ...)
*/

void
server_msgq_add_msg (t_irc_server * server, char *msg)
server_msgq_add_msg (t_irc_server *server, char *msg)
{
t_irc_message *message;

message = (t_irc_message *) malloc (sizeof (t_irc_message));
if (!message)
{
gui_printf (server->window,
_("%s not enough memory for received IRC message"),
WEECHAT_ERROR);
return;
}
message->server = server;
if (unterminated_message)
{
message->data = (char *) malloc (strlen (unterminated_message) +
strlen (msg) + 1);
strcpy (message->data, unterminated_message);
strcat (message->data, msg);
if (!message->data)
gui_printf (server->window,
_("%s not enough memory for received IRC message"),
WEECHAT_ERROR);
else
{
strcpy (message->data, unterminated_message);
strcat (message->data, msg);
}
free (unterminated_message);
unterminated_message = NULL;
}
@@ -410,7 +424,12 @@ server_msgq_add_buffer (t_irc_server * server, char *buffer)
unterminated_message =
(char *) realloc (unterminated_message,
strlen (buffer) + 1);
strcpy (unterminated_message, buffer);
if (!unterminated_message)
gui_printf (server->window,
_("%s not enough memory for received IRC message"),
WEECHAT_ERROR);
else
strcpy (unterminated_message, buffer);
return;
}
gui_printf (server->window,
@@ -428,81 +447,83 @@ void
server_msgq_flush ()
{
t_irc_message *next;
/*char **argv;
int argc;*/
char *entire_line, *ptr_data, *pos, *pos2;
char *host, *command, *args;

/* TODO: optimize this function, parse only a few messages (for low CPU time!) */
while (recv_msgq)
{
#ifdef DEBUG
gui_printf (gui_current_window, "[DEBUG] %s\n", recv_msgq->data);
#endif

ptr_data = recv_msgq->data;
entire_line = strdup (ptr_data);

while (ptr_data[0] == ' ')
ptr_data++;

if (ptr_data)
if (recv_msgq->data)
{
#ifdef DEBUG
gui_printf (NULL, "[DEBUG] data received from server: %s\n", ptr_data);
gui_printf (gui_current_window, "[DEBUG] %s\n", recv_msgq->data);
#endif

host = NULL;
command = NULL;
args = ptr_data;
ptr_data = recv_msgq->data;
entire_line = strdup (ptr_data);

if (ptr_data[0] == ':')
{
pos = strchr(ptr_data, ' ');
pos[0] = '\0';
host = ptr_data+1;
pos++;
}
else
pos = ptr_data;
while (ptr_data[0] == ' ')
ptr_data++;

if (pos != NULL)
if (ptr_data)
{
while (pos[0] == ' ')
#ifdef DEBUG
gui_printf (NULL, "[DEBUG] data received from server: %s\n", ptr_data);
#endif

host = NULL;
command = NULL;
args = ptr_data;

if (ptr_data[0] == ':')
{
pos = strchr(ptr_data, ' ');
pos[0] = '\0';
host = ptr_data+1;
pos++;
pos2 = strchr(pos, ' ');
if (pos2 != NULL)
}
else
pos = ptr_data;

if (pos != NULL)
{
pos2[0] = '\0';
command = strdup(pos);
pos2++;
while (pos2[0] == ' ')
while (pos[0] == ' ')
pos++;
pos2 = strchr(pos, ' ');
if (pos2 != NULL)
{
pos2[0] = '\0';
command = strdup(pos);
pos2++;
args = (pos2[0] == ':') ? pos2+1 : pos2;
while (pos2[0] == ' ')
pos2++;
args = (pos2[0] == ':') ? pos2+1 : pos2;
}
}

switch (irc_recv_command (recv_msgq->server, entire_line, host,
command, args))
{
case -1:
gui_printf (recv_msgq->server->window,
_("Command '%s' failed!\n"), command);
break;
case -2:
gui_printf (recv_msgq->server->window,
_("No command to execute!\n"));
break;
case -3:
gui_printf (recv_msgq->server->window,
_("Unknown command: cmd=%s, args=%s\n"),
command, args);
break;
}
}

switch (irc_recv_command (recv_msgq->server, entire_line, host,
command, args))
{
case -1:
gui_printf (recv_msgq->server->window,
_("Command '%s' failed!\n"), command);
break;
case -2:
gui_printf (recv_msgq->server->window,
_("No command to execute!\n"));
break;
case -3:
gui_printf (recv_msgq->server->window,
_("Unknown command: cmd=%s, args=%s\n"),
command, args);
break;
}
free (entire_line);
free (recv_msgq->data);
}

free (entire_line);
free (recv_msgq->data);

next = recv_msgq->next_message;
free (recv_msgq);
recv_msgq = next;
@@ -650,7 +671,7 @@ server_auto_connect (int command_line)
if ( ((command_line) && (ptr_server->command_line))
|| ((!command_line) && (ptr_server->autoconnect)) )
{
gui_window_new (ptr_server, NULL, 1);
(void) gui_window_new (ptr_server, NULL, 1);
if (server_connect (ptr_server))
irc_login (ptr_server);
}
@@ -56,15 +56,17 @@ t_plugin_handler *last_plugin_cmd_handler = NULL;
void
plugin_auto_load (int plugin_type, char *directory)
{
int dir_length;
char *dir_name, *current_dir;
DIR *dir;
struct dirent *entry;
struct stat statbuf;

/* build directory, adding WeeChat home */
dir_length = strlen (weechat_home) + strlen (directory) + 2;
dir_name =
(char *) malloc ((strlen (weechat_home) + strlen (directory) + 2) * sizeof (char));
sprintf (dir_name, "%s%s%s", weechat_home, DIR_SEPARATOR, directory);
(char *) malloc (dir_length * sizeof (char));
snprintf (dir_name, dir_length, "%s%s%s", weechat_home, DIR_SEPARATOR, directory);

/* save working directory */
current_dir = (char *) malloc (1024 * sizeof (char));
Oops, something went wrong.

0 comments on commit 8bcbc3d

Please sign in to comment.
You can’t perform that action at this time.