diff options
author | Eduardo Chappa <chappa@washington.edu> | 2019-03-29 09:49:05 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2019-03-29 09:49:05 -0600 |
commit | 3443fe5fcfcb33d3a2510111855e619632de57df (patch) | |
tree | c7fafde85d5d23e3e51a04f5cbc41a38297c2f6a /pith | |
parent | 0707eb6d0053079b4f91849bba2f8b6fc97391e8 (diff) | |
download | alpine-3443fe5fcfcb33d3a2510111855e619632de57df.tar.xz |
* Patches from Michał Dardas and Mateusz Kocielski from LogicalTrust
that fix the following startup crashes:
* Crash when Alpine started with empty url fragment;
* Crash when Alpine started with option last-time-prune-questioned
in wrong format;
* Crash when Alpine started with printf formatting characters from
command line; and
* Crash when Alpine started with an extremely long command line
option.
* Crash when Alpine is started with the wrong piped input when
opening a folder from the command line. Reported by Mateusz
Kocielski from LogicalTrust.
Diffstat (limited to 'pith')
-rw-r--r-- | pith/charconv/utf8.c | 18 | ||||
-rw-r--r-- | pith/conf.c | 8 | ||||
-rw-r--r-- | pith/pine.hlp | 2 |
3 files changed, 13 insertions, 15 deletions
diff --git a/pith/charconv/utf8.c b/pith/charconv/utf8.c index 6613f4db..ef20e428 100644 --- a/pith/charconv/utf8.c +++ b/pith/charconv/utf8.c @@ -310,9 +310,10 @@ char * convert_to_locale(char *utf8str) { #define CHNK 500 - char *inp, *retp, *ret = NULL; + char *inp, *ret = NULL; CBUF_S cb; - int r, alloced; + int alloced; + size_t i = 0; if(native_utf8 || !utf8str || !utf8str[0]) return(NULL); @@ -323,7 +324,6 @@ convert_to_locale(char *utf8str) alloced = CHNK; ret = (char *) fs_get(alloced * sizeof(char)); - retp = ret; /* * There's gotta be a better way to do this but utf8_to_locale was @@ -337,20 +337,18 @@ convert_to_locale(char *utf8str) * enough room for the next wide characters worth of output chars * and allocate more space if not. */ - if((alloced - (retp-ret)) < MAX(MB_LEN_MAX,32)){ + if((alloced - i) < MAX(MB_LEN_MAX,32)){ alloced += CHNK; fs_resize((void **) &ret, alloced * sizeof(char)); } - r = utf8_to_locale((int) *inp++, &cb, - (unsigned char *) retp, alloced-(retp-ret)); - - retp += r; + i += utf8_to_locale((int) *inp++, &cb, + (unsigned char *) &ret[i], alloced - i); } - *retp = '\0'; + fs_resize((void **) &ret, i + 1); - fs_resize((void **) &ret, strlen(ret)+1); + ret[i] = '\0'; return(ret); } diff --git a/pith/conf.c b/pith/conf.c index c7c24dbe..3742e9ab 100644 --- a/pith/conf.c +++ b/pith/conf.c @@ -1587,7 +1587,7 @@ based on the contents. void init_vars(struct pine *ps, void (*cmds_f) (struct pine *, char **)) { - char buf[MAXPATH+1], *p, *q, **s; + char buf[MAXPATH+1], *p, *q, **s, *comma_index; register struct variable *vars = ps->vars; int obs_header_in_reply = 0, /* the obs_ variables are to */ obs_old_style_reply = 0, /* support backwards compatibility */ @@ -1992,13 +1992,13 @@ init_vars(struct pine *ps, void (*cmds_f) (struct pine *, char **)) printer_value_check_and_adjust(); set_current_val(&vars[V_LAST_TIME_PRUNE_QUESTION], TRUE, TRUE); - if(VAR_LAST_TIME_PRUNE_QUESTION != NULL){ + if(VAR_LAST_TIME_PRUNE_QUESTION != NULL && + (comma_index = strindex(VAR_LAST_TIME_PRUNE_QUESTION, '.')) != NULL){ /* The month value in the file runs from 1-12, the variable here runs from 0-11; the value in the file used to be 0-11, but we're fixing it in January */ ps->last_expire_year = atoi(VAR_LAST_TIME_PRUNE_QUESTION); - ps->last_expire_month = - atoi(strindex(VAR_LAST_TIME_PRUNE_QUESTION, '.') + 1); + ps->last_expire_month = atoi(comma_index + 1); if(ps->last_expire_month == 0){ /* Fix for 0 because of old bug */ snprintf(buf, sizeof(buf), "%d.%d", ps_global->last_expire_year, diff --git a/pith/pine.hlp b/pith/pine.hlp index 99670197..fc0989e2 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 324 2019-01-20 18:11:06 +Alpine Commit 334 2019-03-29 09:48:59 ============= h_news ================= <HTML> <HEAD> |