diff options
author | nectar <nectar@FreeBSD.org> | 2004-02-09 18:09:08 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2004-02-09 18:09:08 +0000 |
commit | 4fefb3b6f946e1835bad297991fe2c191331f145 (patch) | |
tree | d6f3f310839a9b0de6ab6054114417e02258b4c3 /net/gaim/files | |
parent | 07deb0643951a78976b29de79870dadc5f5d5e44 (diff) | |
download | FreeBSD-ports-4fefb3b6f946e1835bad297991fe2c191331f145.zip FreeBSD-ports-4fefb3b6f946e1835bad297991fe2c191331f145.tar.gz |
The last commit lost previously applied security fixes. Back it out,
and then re-fix the Yahoo! issue.
Approved by: marcus
Diffstat (limited to 'net/gaim/files')
-rw-r--r-- | net/gaim/files/patch-src::protocols::yahoo::yahoo.c | 394 |
1 files changed, 255 insertions, 139 deletions
diff --git a/net/gaim/files/patch-src::protocols::yahoo::yahoo.c b/net/gaim/files/patch-src::protocols::yahoo::yahoo.c index 62bc591..c90cbba 100644 --- a/net/gaim/files/patch-src::protocols::yahoo::yahoo.c +++ b/net/gaim/files/patch-src::protocols::yahoo::yahoo.c @@ -1,139 +1,255 @@ ---- src/protocols/yahoo/yahoo.c.orig Sat Jan 10 07:04:09 2004 -+++ src/protocols/yahoo/yahoo.c Fri Feb 6 11:43:13 2004 -@@ -131,8 +131,15 @@ - while (pos + 1 < len) { - if (data[pos] == 0xc0 && data[pos + 1] == 0x80) - break; -+ if (x >= sizeof(key)-1) { -+ x++; -+ continue; -+ } - key[x++] = data[pos++]; - } -+ if (x >= sizeof(key)-1) { -+ x = 0; -+ } - key[x] = 0; - pos += 2; - pair->key = strtol(key, NULL, 10); -@@ -873,13 +880,17 @@ - static char *yahoo_decode(const char *text) - { - char *converted; -- char *p, *n, *new; -- -+ char *n, *new; -+ const char *end, *p; -+ int i; -+ - n = new = g_malloc(strlen (text) + 1); -+ end = text + strlen(text); - -- for (p = (char *)text; *p; p++, n++) { -+ for (p = text; p < end; p++, n++) { - if (*p == '\\') { -- sscanf(p + 1, "%3o\n", (int *)n); -+ sscanf(p + 1, "%3o\n", &i); -+ *n = i; - p += 3; - } - else -@@ -887,7 +898,7 @@ - } - - *n = '\0'; -- -+ - converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL); - g_free(new); - -@@ -1906,29 +1917,29 @@ - GaimConnection *gc = data; - GaimAccount *account = gaim_connection_get_account(gc); - struct yahoo_data *yd = gc->proto_data; -- char buf[1024], buf2[256], *i = buf, *r = buf2; -- int len, o = 0; -+ char buf[1024], *i = buf; -+ int len; -+ GString *s; - -- len = read(source, buf, sizeof(buf)); -- if (len <= 0 || strncmp(buf, "HTTP/1.0 302", strlen("HTTP/1.0 302"))) { -+ len = read(source, buf, sizeof(buf)-1); -+ if (len <= 0 || (strncmp(buf, "HTTP/1.0 302", strlen("HTTP/1.0 302") && -+ strncmp(buf, "HTTP/1.1 302", strlen("HTTP/1.1 302"))))) { - gaim_connection_error(gc, _("Unable to read")); - return; - } -- -- while ((i = strstr(i, "Set-Cookie: ")) && 0 < 2) { -- i += strlen("Set-Cookie: "); -- for (;*i != ';'; r++, i++) { -- *r = *i; -- } -- *r=';'; -- r++; -- *r=' '; -- r++; -- o++; -- } -- /* Get rid of that "; " */ -- *(r-2) = '\0'; -- yd->auth = g_strdup(buf2); -+ -+ s = g_string_sized_new(len); -+ buf[sizeof(buf)-1] = '\0'; -+ -+ while ((i = strstr(i, "Set-Cookie: "))) { -+ i += strlen("Set-Cookie: "); -+ for (;*i != ';'; i++) -+ g_string_append_c(s, *i); -+ -+ g_string_append(s, "; "); -+ } -+ -+ yd->auth = g_string_free(s, FALSE); - gaim_input_remove(gc->inpa); - close(source); - /* Now we have our cookies to login with. I'll go get the milk. */ -@@ -1974,15 +1985,17 @@ - const char *c = buf; - char *d; - char name[64], value[64]; -+ int count = sizeof(name)-1; - while ((c < (buf + len)) && (c = strstr(c, "<input "))) { - c = strstr(c, "name=\"") + strlen("name=\""); -- for (d = name; *c!='"'; c++, d++) -+ for (d = name; *c!='"' && count; c++, d++, count--) - *d = *c; - *d = '\0'; -+ count = sizeof(value)-1; - d = strstr(c, "value=\"") + strlen("value=\""); - if (strchr(c, '>') < d) - break; -- for (c = d, d = value; *c!='"'; c++, d++) -+ for (c = d, d = value; *c!='"' && count; c++, d++, count--) - *d = *c; - *d = '\0'; - g_hash_table_insert(hash, g_strdup(name), g_strdup(value)); -@@ -2705,15 +2718,12 @@ - return; - /* It seems to work better without this */ - -+ /* if (gc->account->perm_deny != 4) -+ return; */ -+ -+ if (!who || who[0] == '\0') -+ return; - -- /* -- * if (gc->account->perm_deny != 4) -- * return; -- * -- * if (!who || who[0] == '\0') -- * return; -- */ -- - pkt = yahoo_packet_new(YAHOO_SERVICE_IGNORECONTACT, YAHOO_STATUS_AVAILABLE, 0); - yahoo_packet_hash(pkt, 1, gaim_connection_get_display_name(gc)); - yahoo_packet_hash(pkt, 7, who); +*** src/protocols/yahoo/yahoo.c.orig Fri Jan 9 23:04:09 2004 +--- src/protocols/yahoo/yahoo.c Mon Feb 9 09:01:02 2004 +*************** +*** 20,25 **** +--- 20,26 ---- + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ ++ #include <limits.h> + #include "internal.h" + + #include "account.h" +*************** +*** 131,138 **** +--- 132,147 ---- + while (pos + 1 < len) { + if (data[pos] == 0xc0 && data[pos + 1] == 0x80) + break; ++ if (x >= sizeof(key)-1) { ++ x++; ++ pos++; ++ continue; ++ ++ } + key[x++] = data[pos++]; + } ++ if (x >= sizeof(key)-1) ++ x = 0; + key[x] = 0; + pos += 2; + pair->key = strtol(key, NULL, 10); +*************** +*** 868,899 **** + } + } + + #define OUT_CHARSET "utf-8" + + static char *yahoo_decode(const char *text) + { + char *converted; +! char *p, *n, *new; +! +! n = new = g_malloc(strlen (text) + 1); +! +! for (p = (char *)text; *p; p++, n++) { + if (*p == '\\') { +! sscanf(p + 1, "%3o\n", (int *)n); +! p += 3; +! } +! else +! *n = *p; + } +- + *n = '\0'; +- + converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL); + g_free(new); + + return converted; + } + + static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt) + { + GaimAccount *account = gaim_connection_get_account(gc); +--- 877,942 ---- + } + } + ++ ++ static void octal(const char **p, const char *end, unsigned char *n) ++ { ++ int i, c; ++ ++ for (i = 0, c = 0; i < 3 && *p < end; ++i, ++*p) { ++ c <<= 3; ++ switch (**p) { ++ case '0': break; ++ case '1': c += 1; break; ++ case '2': c += 2; break; ++ case '3': c += 3; break; ++ case '4': c += 4; break; ++ case '5': c += 5; break; ++ case '6': c += 6; break; ++ case '7': c += 7; break; ++ default: ++ if (i == 0) { ++ *n = **p; ++ ++*p; ++ return; ++ } ++ c >>= 3; ++ goto done; ++ } ++ } ++ done: ++ *n = (c > UCHAR_MAX) ? '?' : c; ++ return; ++ } ++ + #define OUT_CHARSET "utf-8" + + static char *yahoo_decode(const char *text) + { + char *converted; +! unsigned char *n, *new; +! size_t len; +! const char *p, *end; +! +! len = strlen (text); +! p = text; +! end = &text[len]; +! n = new = g_malloc(len + 1); +! while (p < end) { + if (*p == '\\') { +! ++p; +! octal(&p, end, n); +! } else +! *n = *p++; +! ++n; + } + *n = '\0'; + converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL); + g_free(new); + + return converted; + } + ++ + static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt) + { + GaimAccount *account = gaim_connection_get_account(gc); +*************** +*** 1903,1934 **** + + static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond) + { + GaimConnection *gc = data; + GaimAccount *account = gaim_connection_get_account(gc); + struct yahoo_data *yd = gc->proto_data; +! char buf[1024], buf2[256], *i = buf, *r = buf2; +! int len, o = 0; + + len = read(source, buf, sizeof(buf)); +! if (len <= 0 || strncmp(buf, "HTTP/1.0 302", strlen("HTTP/1.0 302"))) { + gaim_connection_error(gc, _("Unable to read")); + return; + } +! +! while ((i = strstr(i, "Set-Cookie: ")) && 0 < 2) { +! i += strlen("Set-Cookie: "); +! for (;*i != ';'; r++, i++) { +! *r = *i; +! } +! *r=';'; +! r++; +! *r=' '; +! r++; +! o++; +! } +! /* Get rid of that "; " */ +! *(r-2) = '\0'; +! yd->auth = g_strdup(buf2); + gaim_input_remove(gc->inpa); + close(source); + /* Now we have our cookies to login with. I'll go get the milk. */ +--- 1946,1981 ---- + + static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond) + { ++ static const char setcookie[] = "Set-Cookie: "; ++ char http302[] = "HTTP/1.0 302"; + GaimConnection *gc = data; + GaimAccount *account = gaim_connection_get_account(gc); + struct yahoo_data *yd = gc->proto_data; +! char buf[1024], *i = buf; +! int len; +! GString *s; + + len = read(source, buf, sizeof(buf)); +! if (len <= 0) { + gaim_connection_error(gc, _("Unable to read")); + return; + } +! if (len >= sizeof(http302)-1 && +! (memcmp(http302, buf, sizeof(http302)-1) != 0) && +! (http302[7] = '1') && +! (memcmp(http302, buf, sizeof(http302)-1) != 0)) { +! gaim_connection_error(gc, _("Unable to read")); +! return; +! } +! s = g_string_sized_new(len); +! buf[len] = '\0'; +! while ((i = strstr(i, setcookie)) != NULL) { +! i += sizeof(setcookie)-1; +! for (;*i != ';'; i++) +! g_string_append_c(s, *i); +! g_string_append(s, "; "); +! } +! yd->auth = g_string_free(s, FALSE); + gaim_input_remove(gc->inpa); + close(source); + /* Now we have our cookies to login with. I'll go get the milk. */ +*************** +*** 1937,1943 **** + yahoo_got_web_connected, gc) != 0) { + gaim_connection_error(gc, _("Connection problem")); + return; +! } + } + + static void yahoo_got_cookies(gpointer data, gint source, GaimInputCondition cond) +--- 1984,1990 ---- + yahoo_got_web_connected, gc) != 0) { + gaim_connection_error(gc, _("Connection problem")); + return; +! } + } + + static void yahoo_got_cookies(gpointer data, gint source, GaimInputCondition cond) +*************** +*** 1974,1988 **** + const char *c = buf; + char *d; + char name[64], value[64]; + while ((c < (buf + len)) && (c = strstr(c, "<input "))) { + c = strstr(c, "name=\"") + strlen("name=\""); +! for (d = name; *c!='"'; c++, d++) + *d = *c; + *d = '\0'; + d = strstr(c, "value=\"") + strlen("value=\""); + if (strchr(c, '>') < d) + break; +! for (c = d, d = value; *c!='"'; c++, d++) + *d = *c; + *d = '\0'; + g_hash_table_insert(hash, g_strdup(name), g_strdup(value)); +--- 2021,2037 ---- + const char *c = buf; + char *d; + char name[64], value[64]; ++ int count = sizeof(name)-1; + while ((c < (buf + len)) && (c = strstr(c, "<input "))) { + c = strstr(c, "name=\"") + strlen("name=\""); +! for (d = name; *c!='"' && count; c++, d++, count--) + *d = *c; + *d = '\0'; ++ count = sizeof(value)-1; + d = strstr(c, "value=\"") + strlen("value=\""); + if (strchr(c, '>') < d) + break; +! for (c = d, d = value; *c!='"' && count; c++, d++, count--) + *d = *c; + *d = '\0'; + g_hash_table_insert(hash, g_strdup(name), g_strdup(value)); |