From 06a6428d833c3242e45e09e1bafb1f06f478fb2b Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Tue, 19 Dec 2000 17:48:42 +0000 Subject: security fixes from 0.7.97.2 git-svn-id: http://svn.irssi.org/repos/irssi/trunk@1017 dbcabf3a-b0e7-0310-adc4-f8d773084564 --- src/core/network.c | 14 +++++++------- src/core/network.h | 2 ++ src/fe-common/core/fe-core-commands.c | 8 ++++---- src/fe-common/irc/fe-events-numeric.c | 4 ++-- src/irc/dcc/dcc.c | 3 ++- src/perl/common/Window.xs | 8 ++++---- 6 files changed, 21 insertions(+), 18 deletions(-) (limited to 'src') diff --git a/src/core/network.c b/src/core/network.c index 3cd55000..d50f4b86 100644 --- a/src/core/network.c +++ b/src/core/network.c @@ -301,8 +301,8 @@ int net_transmit(GIOChannel *handle, const char *data, int len) g_return_val_if_fail(data != NULL, -1); err = g_io_channel_write(handle, (char *) data, len, &ret); - if (err == G_IO_ERROR_AGAIN || (err != 0 && errno == EINTR || - errno == EPIPE)) + if (err == G_IO_ERROR_AGAIN || + (err != 0 && (errno == EINTR || errno == EPIPE))) return 0; return err == 0 ? ret : -1; @@ -420,11 +420,11 @@ int net_ip2host(IPADDR *ip, char *host) unsigned long ip4; ip4 = ntohl(ip->addr.ip.s_addr); - sprintf(host, "%lu.%lu.%lu.%lu", - (ip4 & 0xff000000UL) >> 24, - (ip4 & 0x00ff0000) >> 16, - (ip4 & 0x0000ff00) >> 8, - (ip4 & 0x000000ff)); + g_snprintf(host, MAX_IP_LEN, "%lu.%lu.%lu.%lu", + (ip4 & 0xff000000UL) >> 24, + (ip4 & 0x00ff0000) >> 16, + (ip4 & 0x0000ff00) >> 8, + (ip4 & 0x000000ff)); #endif return 0; } diff --git a/src/core/network.h b/src/core/network.h index b1a0f6e2..38484665 100644 --- a/src/core/network.h +++ b/src/core/network.h @@ -67,7 +67,9 @@ int net_hosterror_notfound(int error); /* Get socket address/port */ int net_getsockname(GIOChannel *handle, IPADDR *addr, int *port); +/* IPADDR -> char* translation. `host' must be at least MAX_IP_LEN bytes */ int net_ip2host(IPADDR *ip, char *host); +/* char* -> IPADDR translation. */ int net_host2ip(const char *host, IPADDR *ip); /* Get socket error */ diff --git a/src/fe-common/core/fe-core-commands.c b/src/fe-common/core/fe-core-commands.c index f8d83922..a0fd03fb 100644 --- a/src/fe-common/core/fe-core-commands.c +++ b/src/fe-common/core/fe-core-commands.c @@ -96,14 +96,14 @@ static void help_category(GSList *cmdlist, gint items, gint max) if (col == cols || tmp->next == NULL) { - printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, str->str); + printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, "%s", str->str); g_string_truncate(str, 0); col = 0; line++; tmp = g_slist_nth(cmdlist, line-1); skip = 1; } } if (str->len != 0) - printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, str->str); + printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, "%s", str->str); g_string_free(str, TRUE); g_free(cmdbuf); } @@ -131,7 +131,7 @@ static int show_help_rec(COMMAND_REC *cmd) recvlen = read(f, tmpbuf, sizeof(tmpbuf)); ret = line_split(tmpbuf, recvlen, &str, &buffer); - if (ret > 0) printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, str); + if (ret > 0) printtext(NULL, NULL, MSGLEVEL_CLIENTCRAP, "%s", str); } while (ret > 0); line_split_free(buffer); @@ -457,7 +457,7 @@ static void event_cmderror(gpointer errorp, const char *arg) error = GPOINTER_TO_INT(errorp); if (error == CMDERR_ERRNO) { /* errno is special */ - printtext(NULL, NULL, MSGLEVEL_CLIENTERROR, g_strerror(errno)); + printtext(NULL, NULL, MSGLEVEL_CLIENTERROR, "%s", g_strerror(errno)); } else { /* others */ printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, ret_texts[error + -CMDERR_OPTION_UNKNOWN], arg); diff --git a/src/fe-common/irc/fe-events-numeric.c b/src/fe-common/irc/fe-events-numeric.c index c9ab96ec..f3f3aa4d 100644 --- a/src/fe-common/irc/fe-events-numeric.c +++ b/src/fe-common/irc/fe-events-numeric.c @@ -111,14 +111,14 @@ static void display_sorted_nicks(CHANNEL_REC *channel, GSList *nicklist, gint it if (col == cols || tmp->next == NULL) { - printtext(channel->server, channel->name, MSGLEVEL_CLIENTCRAP, str->str); + printtext(channel->server, channel->name, MSGLEVEL_CLIENTCRAP, "%s", str->str); g_string_truncate(str, 0); col = 0; line++; tmp = g_slist_nth(nicklist, line-1); skip = 1; } } if (str->len != 0) - printtext(channel->server, channel->name, MSGLEVEL_CLIENTCRAP, str->str); + printtext(channel->server, channel->name, MSGLEVEL_CLIENTCRAP, "%s", str->str); g_string_free(str, TRUE); g_free(linebuf); } diff --git a/src/irc/dcc/dcc.c b/src/irc/dcc/dcc.c index bc63a6d2..de8601d5 100644 --- a/src/irc/dcc/dcc.c +++ b/src/irc/dcc/dcc.c @@ -138,7 +138,8 @@ void dcc_make_address(IPADDR *ip, char *host) net_ip2host(ip, host); } else { memcpy(&addr, &ip->addr, 4); - sprintf(host, "%lu", (unsigned long) htonl(addr)); + g_snprintf(host, MAX_IP_LEN, "%lu", + (unsigned long) htonl(addr)); } } diff --git a/src/perl/common/Window.xs b/src/perl/common/Window.xs index 8d7b31b3..540378b0 100644 --- a/src/perl/common/Window.xs +++ b/src/perl/common/Window.xs @@ -31,14 +31,14 @@ print(str, level=MSGLEVEL_CLIENTNOTICE) char *str int level; CODE: - printtext(NULL, NULL, level, str); + printtext(NULL, NULL, level, "%s", str); void print_window(str, level=MSGLEVEL_CLIENTNOTICE) char *str int level; CODE: - printtext_window(active_win, level, str); + printtext_window(active_win, level, "%s", str); void command(cmd, server=active_win->active_server, item=active_win->active) @@ -108,7 +108,7 @@ print(server, channel, str, level) char *str int level CODE: - printtext(server, channel, level, str); + printtext(server, channel, level, "%s", str); Irssi::Windowitem window_item_find(server, name) @@ -277,4 +277,4 @@ print(item, str, level=MSGLEVEL_CLIENTNOTICE) int level char *str CODE: - printtext(item->server, item->name, level, str); + printtext(item->server, item->name, level, "%s", str); -- cgit v1.2.3