From: <ac...@us...> - 2002-12-16 14:38:00
|
Update of /cvsroot/freeassociation/libical/src/libical In directory sc8-pr-cvs1:/tmp/cvs-serv8385/src/libical Modified Files: icalmime.c icalparameter.c sspm.c Log Message: Fix possible buffer overflows. This comes from a code review of KDE. Obtained from: Waldo Bastian <ba...@kd...> Index: icalmime.c =================================================================== RCS file: /cvsroot/freeassociation/libical/src/libical/icalmime.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- icalmime.c 22 Dec 2001 17:04:33 -0000 1.5 +++ icalmime.c 16 Dec 2002 14:37:20 -0000 1.6 @@ -209,8 +209,8 @@ } if(parts[i].header.error!=SSPM_NO_ERROR){ - char *str; - char* temp[256]; + char *str = "Unknown error"; + char temp[256]; if(parts[i].header.error==SSPM_UNEXPECTED_BOUNDARY_ERROR){ str = "Got an unexpected boundary, possibly due to a MIME header for a MULTIPART part that is missing the Content-Type line"; @@ -231,16 +231,16 @@ } if(parts[i].header.error_text != 0){ - snprintf((char*)temp,256, + snprintf(temp,sizeof(temp), "%s: %s",str,parts[i].header.error_text); } else { - strcpy((char*)temp,str); + strcpy(temp,str); } icalcomponent_add_property (comp, icalproperty_vanew_xlicerror( - (char*)temp, + temp, icalparameter_new_xlicerrortype( ICAL_XLICERRORTYPE_MIMEPARSEERROR), 0)); Index: icalparameter.c =================================================================== RCS file: /cvsroot/freeassociation/libical/src/libical/icalparameter.c,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- icalparameter.c 28 Jun 2002 10:26:01 -0000 1.10 +++ icalparameter.c 16 Dec 2002 14:37:21 -0000 1.11 @@ -271,9 +271,7 @@ /* Now, copy the buffer to a tmp_buffer, which is safe to give to the caller without worring about de-allocating it. */ - out_buf = icalmemory_tmp_buffer(strlen(buf)); - strcpy(out_buf, buf); - + out_buf = icalmemory_tmp_copy(buf); icalmemory_free_buffer(buf); return out_buf; Index: sspm.c =================================================================== RCS file: /cvsroot/freeassociation/libical/src/libical/sspm.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- sspm.c 22 Nov 2002 20:15:18 -0000 1.6 +++ sspm.c 16 Dec 2002 14:37:22 -0000 1.7 @@ -953,7 +953,8 @@ assert(strlen(buf) < BUF_SIZE); - strcpy(header_lines[current_line],buf); + strncpy(header_lines[current_line],buf,BUF_SIZE-1); + header_lines[current_line][BUF_SIZE-1] = '\0'; break; } @@ -988,7 +989,7 @@ assert( strlen(buf_start) + strlen(last_line) < BUF_SIZE); - strcat(last_line,buf_start); + strncat(last_line,buf_start,BUF_SIZE-strlen(last_line)-1); break; } |