diff options
Diffstat (limited to 'src/core/special-vars.c')
-rw-r--r-- | src/core/special-vars.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/core/special-vars.c b/src/core/special-vars.c index aaf8da8f..33d9cd55 100644 --- a/src/core/special-vars.c +++ b/src/core/special-vars.c @@ -33,6 +33,8 @@ #define isarg(c) \ (i_isdigit(c) || (c) == '*' || (c) == '~' || (c) == '-') +#define ALIGN_MAX 222488 + static SPECIAL_HISTORY_FUNC history_func = NULL; static char *get_argument(char **cmd, char **arglist) @@ -300,6 +302,10 @@ static int get_alignment_args(char **data, int *align, int *flags, char *pad) if (!parse_uint(str, &endptr, 10, &align_)) { return FALSE; } + /* alignment larger than supported */ + if (align_ > ALIGN_MAX) { + return FALSE; + } str = endptr; *align = align_; @@ -337,11 +343,14 @@ char *get_alignment(const char *text, int align, int flags, char pad) /* add pad characters */ if (flags & ALIGN_PAD) { - while (string_width(str->str, policy) < align) { + int pad_len = align - string_width(str->str, policy); + if (pad_len > 0) { + char *pad_full = g_strnfill(pad_len, pad); if (flags & ALIGN_RIGHT) - g_string_prepend_c(str, pad); + g_string_prepend(str, pad_full); else - g_string_append_c(str, pad); + g_string_append(str, pad_full); + g_free(pad_full); } } @@ -384,6 +393,7 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item, } nest_free = FALSE; nest_value = NULL; +#if 0 /* this code is disabled due to security issues until it is fixed */ if (**cmd == '(' && (*cmd)[1] != '\0') { /* subvariable */ int toplevel = nested_orig_cmd == NULL; @@ -412,6 +422,9 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item, if (toplevel) nested_orig_cmd = NULL; } +#else + if (nested_orig_cmd) nested_orig_cmd = NULL; +#endif if (**cmd != '{') brackets = FALSE; |