summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2019-03-29 09:49:05 -0600
committerEduardo Chappa <chappa@washington.edu>2019-03-29 09:49:05 -0600
commit3443fe5fcfcb33d3a2510111855e619632de57df (patch)
treec7fafde85d5d23e3e51a04f5cbc41a38297c2f6a
parent0707eb6d0053079b4f91849bba2f8b6fc97391e8 (diff)
downloadalpine-3443fe5fcfcb33d3a2510111855e619632de57df.tar.xz
* Patches from Michał Dardas and Mateusz Kocielski from LogicalTrust
that fix the following startup crashes: * Crash when Alpine started with empty url fragment; * Crash when Alpine started with option last-time-prune-questioned in wrong format; * Crash when Alpine started with printf formatting characters from command line; and * Crash when Alpine started with an extremely long command line option. * Crash when Alpine is started with the wrong piped input when opening a folder from the command line. Reported by Mateusz Kocielski from LogicalTrust.
-rw-r--r--alpine/alpine.c18
-rw-r--r--alpine/mailview.c19
-rw-r--r--pith/charconv/utf8.c18
-rw-r--r--pith/conf.c8
-rw-r--r--pith/pine.hlp2
5 files changed, 35 insertions, 30 deletions
diff --git a/alpine/alpine.c b/alpine/alpine.c
index 11f3354e..e0a914ae 100644
--- a/alpine/alpine.c
+++ b/alpine/alpine.c
@@ -278,12 +278,18 @@ main(int argc, char **argv)
dup2(STDIN_FD, PIPED_FD); /* redirected stdin to new desc */
dup2(STDERR_FD, STDIN_FD); /* rebind stdin to the tty */
stdin_getc = read_stdin_char;
- if(stdin_getc && args.action == aaURL){
- display_args_err(
+ if(stdin_getc){
+ if(args.action == aaURL){
+ display_args_err(
"Cannot read stdin when using -url\nFor mailto URLs, use \'body=\' instead",
- NULL, 1);
- args_help();
- exit(-1);
+ NULL, 1);
+ args_help();
+ exit(-1);
+ } else if (args.action == aaFolder){
+ display_args_err("Cannot take input from pipe when opening a folder", NULL, 1);
+ args_help();
+ exit(-1);
+ }
}
}
@@ -445,7 +451,7 @@ main(int argc, char **argv)
mail_parameters(NULL, SET_SSLFAILURE, (void *) pine_sslfailure);
if(init_pinerc_debugging){
- dprint((2, init_pinerc_debugging));
+ dprint((2, "%s", init_pinerc_debugging));
fs_give((void **)&init_pinerc_debugging);
}
diff --git a/alpine/mailview.c b/alpine/mailview.c
index b9e9650d..0738c376 100644
--- a/alpine/mailview.c
+++ b/alpine/mailview.c
@@ -2140,22 +2140,23 @@ int
url_local_fragment(char *fragment)
{
SCRLCTRL_S *st = scroll_state(SS_CUR);
- HANDLE_S *hp;
+ HANDLE_S *hp = NULL;
/*
* find a handle with the fragment's name
*/
- for(hp = st->parms->text.handles; hp; hp = hp->next)
- if(hp->type == URL && hp->h.url.name
- && !strcmp(hp->h.url.name, fragment + 1))
- break;
-
- if(!hp)
- for(hp = st->parms->text.handles->prev; hp; hp = hp->prev)
- if(hp->type == URL && hp->h.url.name
+ if(st){
+ for(hp = st->parms->text.handles; hp; hp = hp->next)
+ if(hp->type == URL && hp->h.url.name
&& !strcmp(hp->h.url.name, fragment + 1))
break;
+ if(!hp)
+ for(hp = st->parms->text.handles->prev; hp; hp = hp->prev)
+ if(hp->type == URL && hp->h.url.name
+ && !strcmp(hp->h.url.name, fragment + 1))
+ break;
+ }
/*
* set the top line of the display to contain this line
*/
diff --git a/pith/charconv/utf8.c b/pith/charconv/utf8.c
index 6613f4db..ef20e428 100644
--- a/pith/charconv/utf8.c
+++ b/pith/charconv/utf8.c
@@ -310,9 +310,10 @@ char *
convert_to_locale(char *utf8str)
{
#define CHNK 500
- char *inp, *retp, *ret = NULL;
+ char *inp, *ret = NULL;
CBUF_S cb;
- int r, alloced;
+ int alloced;
+ size_t i = 0;
if(native_utf8 || !utf8str || !utf8str[0])
return(NULL);
@@ -323,7 +324,6 @@ convert_to_locale(char *utf8str)
alloced = CHNK;
ret = (char *) fs_get(alloced * sizeof(char));
- retp = ret;
/*
* There's gotta be a better way to do this but utf8_to_locale was
@@ -337,20 +337,18 @@ convert_to_locale(char *utf8str)
* enough room for the next wide characters worth of output chars
* and allocate more space if not.
*/
- if((alloced - (retp-ret)) < MAX(MB_LEN_MAX,32)){
+ if((alloced - i) < MAX(MB_LEN_MAX,32)){
alloced += CHNK;
fs_resize((void **) &ret, alloced * sizeof(char));
}
- r = utf8_to_locale((int) *inp++, &cb,
- (unsigned char *) retp, alloced-(retp-ret));
-
- retp += r;
+ i += utf8_to_locale((int) *inp++, &cb,
+ (unsigned char *) &ret[i], alloced - i);
}
- *retp = '\0';
+ fs_resize((void **) &ret, i + 1);
- fs_resize((void **) &ret, strlen(ret)+1);
+ ret[i] = '\0';
return(ret);
}
diff --git a/pith/conf.c b/pith/conf.c
index c7c24dbe..3742e9ab 100644
--- a/pith/conf.c
+++ b/pith/conf.c
@@ -1587,7 +1587,7 @@ based on the contents.
void
init_vars(struct pine *ps, void (*cmds_f) (struct pine *, char **))
{
- char buf[MAXPATH+1], *p, *q, **s;
+ char buf[MAXPATH+1], *p, *q, **s, *comma_index;
register struct variable *vars = ps->vars;
int obs_header_in_reply = 0, /* the obs_ variables are to */
obs_old_style_reply = 0, /* support backwards compatibility */
@@ -1992,13 +1992,13 @@ init_vars(struct pine *ps, void (*cmds_f) (struct pine *, char **))
printer_value_check_and_adjust();
set_current_val(&vars[V_LAST_TIME_PRUNE_QUESTION], TRUE, TRUE);
- if(VAR_LAST_TIME_PRUNE_QUESTION != NULL){
+ if(VAR_LAST_TIME_PRUNE_QUESTION != NULL &&
+ (comma_index = strindex(VAR_LAST_TIME_PRUNE_QUESTION, '.')) != NULL){
/* The month value in the file runs from 1-12, the variable here
runs from 0-11; the value in the file used to be 0-11, but we're
fixing it in January */
ps->last_expire_year = atoi(VAR_LAST_TIME_PRUNE_QUESTION);
- ps->last_expire_month =
- atoi(strindex(VAR_LAST_TIME_PRUNE_QUESTION, '.') + 1);
+ ps->last_expire_month = atoi(comma_index + 1);
if(ps->last_expire_month == 0){
/* Fix for 0 because of old bug */
snprintf(buf, sizeof(buf), "%d.%d", ps_global->last_expire_year,
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 99670197..fc0989e2 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 324 2019-01-20 18:11:06
+Alpine Commit 334 2019-03-29 09:48:59
============= h_news =================
<HTML>
<HEAD>