Changeset f98c74e

Timestamp:

Apr 5, 2009, 7:36:53 PM (15 years ago)

Author:

James M. Kretchmar <kretch@mit.edu>

Branches:

owl

Children:

51b6c7c

Parents:

9948234

Message:

Fix some strcpy's that could be vulnerable
Remove an unused function

Files:

• ChangeLog (modified) (1 diff)
• functions.c (modified) (4 diffs)
• message.c (modified) (2 diffs)
• owl.h (modified) (1 diff)
• perlconfig.c (modified) (1 diff)
• stylefunc.c (modified) (9 diffs)
• text.c (modified) (1 diff)
• zephyr.c (modified) (3 diffs)
• zwrite.c (modified) (1 diff)

ChangeLog

@@ -1 +1 @@
 $Id$
+
+2.2.1
+        Fix some strcpy's that could be vulnerable
+        Remove an unused function
 
 2.2.0

functions.c

@@ -290 +290 @@
 {
   owl_editwin *e;
-  char buff[1024];
+  char *buff;
   owl_zwrite z;
   int ret;
@@ -320 +320 @@
   owl_editwin_clear(e);
   owl_editwin_set_dotsend(e);
-  strcpy(buff, "----> ");
-  strcat(buff, line);
-  strcat(buff, "\n");
+  buff=owl_sprintf("----> %s\n", line);
   owl_editwin_set_locktext(e, buff);
 
-  /* make it active */
   owl_global_set_typwin_active(&g);
 
   owl_global_set_buffercommand(&g, line);
+  owl_free(buff);
 }
 
@@ -334 +332 @@
 {
   owl_editwin *e;
-  char buff[1024];
+  char *buff;
 
   /* check the arguments */
@@ -350 +348 @@
   owl_editwin_clear(e);
   owl_editwin_set_dotsend(e);
-  strcpy(buff, "----> ");
-  strcat(buff, line);
-  strcat(buff, "\n");
+  buff=owl_sprintf("----> %s\n", line);
   owl_editwin_set_locktext(e, buff);
 
-  /* make it active */
   owl_global_set_typwin_active(&g);
 
   owl_global_set_buffercommand(&g, line);
+  owl_free(buff);
 }
 

message.c

@@ -590 +590 @@
 int owl_message_is_burningears(owl_message *m)
 {
-  /* we should add a global to cache the short zsender */
-  char sender[LINE], *ptr;
+  char *name;
+  int ret;
 
   /* if the message is from us or to us, it doesn't count */
@@ -597 +597 @@
 
   if (owl_message_is_type_zephyr(m)) {
-    strcpy(sender, owl_zephyr_get_sender());
-    ptr=strchr(sender, '@');
-    if (ptr) *ptr='\0';
+    name=short_zuser(owl_zephyr_get_sender());
   } else if (owl_message_is_type_aim(m)) {
-    strcpy(sender, owl_global_get_aim_screenname(&g));
+    name=owl_strdup(owl_global_get_aim_screenname(&g));
   } else {
     return(0);
   }
 
-  if (stristr(owl_message_get_body(m), sender)) {
-    return(1);
-  }
-  return(0);
+  if (stristr(owl_message_get_body(m), name)) {
+    ret=1;
+  } else {
+    ret=0;
+  }
+
+  owl_free(name);
+  return(ret);
 }
 

owl.h

@@ -46 +46 @@
 static const char owl_h_fileIdent[] = "$Id$";
 
-#define OWL_VERSION         2.2.0
-#define OWL_VERSION_STRING "2.2.0"
+#define OWL_VERSION         2.2.1
+#define OWL_VERSION_STRING "2.2.1-pre-1"
 
 /* Feature that is being tested to redirect stderr through a pipe. 

perlconfig.c

@@ -179 +179 @@
   int ret, fd;
   PerlInterpreter *p;
-  char filename[1024];
+  char filename[MAXPATHLEN];
   char *embedding[5];
   char *err;

stylefunc.c

@@ -34 +34 @@
 {
 #ifdef HAVE_LIBZEPHYR
-  char *body, *indent, *ptr, *zsigbuff, frombuff[LINE];
+  char *body, *indent, *ptr, *zsigbuff, *frombuff;
   ZNotice_t *n;
 #endif
@@ -56 +56 @@
     
     /* edit the from addr for printing */
-    strcpy(frombuff, owl_message_get_sender(m));
-    ptr=strchr(frombuff, '@');
-    if (ptr && !strncmp(ptr+1, owl_zephyr_get_realm(), strlen(owl_zephyr_get_realm()))) {
-      *ptr='\0';
-    }
+    frombuff=short_zuser(owl_message_get_sender(m));
     
     /* set the message for printing */
@@ -131 +127 @@
     owl_free(body);
     owl_free(indent);
+    owl_free(frombuff);
 #endif
   } else if (owl_message_is_type_zephyr(m) && owl_message_is_direction_out(m)) {
@@ -243 +240 @@
   char *shorttimestr;
 #ifdef HAVE_LIBZEPHYR
-  char *body, *indent, *ptr, *zsigbuff, frombuff[LINE];
+  char *body, *indent, *ptr, *zsigbuff, *frombuff;
   ZNotice_t *n;
 #endif
@@ -267 +264 @@
     
     /* edit the from addr for printing */
-    strcpy(frombuff, owl_message_get_sender(m));
-    ptr=strchr(frombuff, '@');
-    if (ptr && !strncmp(ptr+1, owl_zephyr_get_realm(), strlen(owl_zephyr_get_realm()))) {
-      *ptr='\0';
-    }
+    frombuff=short_zuser(owl_message_get_sender(m));
     
     /* set the message for printing */
@@ -348 +341 @@
     owl_free(body);
     owl_free(indent);
+    owl_free(frombuff);
 #endif
   } else if (owl_message_is_type_zephyr(m) && owl_message_is_direction_out(m)) {
@@ -604 +598 @@
 {
 #ifdef HAVE_LIBZEPHYR
-  char *body, *indent, *ptr, frombuff[LINE];
+  char *body, *indent, *ptr, *frombuff;
   owl_fmtext fm_first, fm_other, fm_tmp;
   ZNotice_t *n;
@@ -640 +634 @@
     
     /* edit the from addr for printing */
-    strcpy(frombuff, owl_message_get_sender(m));
-    ptr=strchr(frombuff, '@');
-    if (ptr && !strncmp(ptr+1, owl_zephyr_get_realm(), strlen(owl_zephyr_get_realm()))) {
-      *ptr='\0';
-    }
+    frombuff=short_zuser(owl_message_get_sender(m));
     sender=owl_sprintf("%-9.9s", frombuff);
 
@@ -707 +697 @@
 
     owl_free(sender);
+    owl_free(frombuff);
     owl_free(hostname);
     owl_free(timestr);

text.c

@@ -351 +351 @@
   tolen  = strlen(to);
   fromlen  = strlen(from);
-  out = malloc(outlen);
+  out = owl_malloc(outlen);
 
   while (in[inpos]) {

zephyr.c

@@ -100 +100 @@
   FILE *file;
   char *tmp, *start;
-  char buffer[1024], subsfile[1024];
+  char buffer[1024], subsfile[MAXPATHLEN];
   ZSubscription_t subs[3001];
   int count, ret;
@@ -188 +188 @@
   FILE *file;
   ZSubscription_t subs[3001];
-  char subsfile[1024], buffer[1024];
+  char subsfile[MAXPATHLEN], buffer[1024];
   int count, ret, i;
   struct stat statbuff;
@@ -674 +674 @@
 {
 #ifdef HAVE_LIBZEPHYR
-  char *line, subsfile[LINE], buff[LINE];
+  char *line, subsfile[MAXPATHLEN], buff[LINE];
   FILE *file;
 

zwrite.c

@@ -352 +352 @@
 }
 
-void owl_zwrite_get_recipstr(owl_zwrite *z, char *buff)
-{
-  int i, j;
-
-  strcpy(buff, "");
-  j=owl_list_get_size(&(z->recips));
-  for (i=0; i<j; i++) {
-    strcat(buff, owl_list_get_element(&(z->recips), i));
-    strcat(buff, " ");
-  }
-  buff[strlen(buff)-1]='\0';
-}
-
 int owl_zwrite_get_numrecips(owl_zwrite *z)
 {