philippelh/bitchx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix bxconfigure crash on terminals wider than 200 columns.

Browse Source 
A few places created strings based on the terminal width, using fixed-sized
buffers and without checking for overflowing them.  Fix those, and also
replace all other sprintf() calls with snprintf().

Reported by cpet.
This commit is contained in:
Kevin Easton
2015-06-19 20:42:44 +10:00
parent d0b0a95330
commit 1b1734d7e1
3 changed files with 50 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Changelog
View File

@@ -1,5 +1,7 @@
[Changes 1.2.2] [Changes 1.2.2]
* Fix bxconfigure crashing on very wide terminals (reported by cpet). (caf)
* Remove obsolete Chatnet 310 numeric support (WANT_CHATNET). (caf) * Remove obsolete Chatnet 310 numeric support (WANT_CHATNET). (caf)
* Rework the lag check to make it simpler and more reliable. This adds * Rework the lag check to make it simpler and more reliable. This adds

4
bx-conf/ds_cell.c
View File

@@ -302,9 +302,9 @@ int ls_dispatch (CELL * c)
while (c -> termkey == 0/* && c->start*/) { while (c -> termkey == 0/* && c->start*/) {
hit = FALSE; hit = FALSE;
if (c->redraw && ((*c -> ListPaintProc) != NULL)) if (c->redraw && (c->ListPaintProc != NULL))
(*c -> ListPaintProc) (c); (*c -> ListPaintProc) (c);
if (*c -> UpdateStatusProc != NULL) if (c->UpdateStatusProc != NULL)
(*c -> UpdateStatusProc) (c); (*c -> UpdateStatusProc) (c);
if (c -> termkey == 0) { if (c -> termkey == 0) {
if ((*c -> OtherGetKeyProc) != NULL && c->other_getkey) if ((*c -> OtherGetKeyProc) != NULL && c->other_getkey)

75
bx-conf/file_cpy.c
View File

@@ -547,10 +547,9 @@ int clear_dlist (CELL *c)
while (c->start != NULL ) { while (c->start != NULL ) {
ptr = c->start; ptr = c->start;
c->start = c->start->nextlistptr; c->start = c->start->nextlistptr;
if (ptr->datainfo.option)
free(ptr->datainfo.option); free(ptr->datainfo.option);
if (ptr->datainfo.help)
free(ptr->datainfo.help); free(ptr->datainfo.help);
free(ptr->datainfo.save);
free(ptr); free(ptr);
} }
c->end = NULL; c->end = NULL;
@@ -568,25 +567,22 @@ int List_Exit(CELL *c) {
* etc. * etc.
*/ */
int status_update(CELL *c) { int status_update(CELL *c) {
char tmp[(200 + 1) * 2]; char tmp[(200 + 1) * 2];
int center; int center;
center = ((c->ecol - 2) / 2) - (strlen(c->filename) / 2); center = ((c->ecol - 2) / 2) - (strlen(c->filename) / 2);
memset(tmp, 0, sizeof(tmp)); memset(tmp, ' ', sizeof tmp - 1);
#if 0 if (c->ecol - 2 < sizeof tmp)
memset(tmp, ' ', center); tmp[c->ecol - 2] = 0;
strcat(tmp, c->filename); else
mvwaddstr(c->window, c->srow - 2, c->scol , tmp); tmp[sizeof tmp - 1] = 0;
#else
memset(tmp, ' ', c->ecol - 2);
mvwaddstr (c->window, c->srow - 2 , c->scol, tmp); mvwaddstr (c->window, c->srow - 2 , c->scol, tmp);
wattron(c->window,A_REVERSE); wattron(c->window,A_REVERSE);
mvwaddstr (c->window, c->srow - 2 , center, c->filename); mvwaddstr (c->window, c->srow - 2 , center, c->filename);
wattroff(c->window,A_REVERSE); wattroff(c->window,A_REVERSE);
#endif
if (c->current->datainfo.help) if (c->current->datainfo.help)
{ {
sprintf(tmp, " %-75s ", c->current->datainfo.help); snprintf(tmp, sizeof tmp, " %-75s ", c->current->datainfo.help);
mvwaddstr(c->window, c->max_rows - 3, c->scol, tmp); mvwaddstr(c->window, c->max_rows - 3, c->scol, tmp);
} }
else else
@@ -656,7 +652,7 @@ int File_Entry(CELL *c) {
char *fDisplay (dlistptr *ptr) char *fDisplay (dlistptr *ptr)
{ {
static char p[100]; static char p[100];
sprintf(p, " %-36s ", (*ptr)->datainfo.option); snprintf(p, sizeof p, " %-36s ", (*ptr)->datainfo.option);
return p; return p;
} }
@@ -669,8 +665,8 @@ int fredraw (CELL * c)
dlistptr p = c->list_start; dlistptr p = c->list_start;
int i = 0; int i = 0;
char buff[200]; char buff[200];
if (c->ecol - c->scol) if (c->ecol >= c->scol)
sprintf(buff, "%*s",c->ecol - c->scol + 1, " "); snprintf(buff, sizeof buff, "%*s", c->ecol - c->scol + 1, " ");
while (i <= c->erow - c->srow && p != NULL) while (i <= c->erow - c->srow && p != NULL)
{ {
if (p == c->current) wattron(c->window,A_REVERSE); if (p == c->current) wattron(c->window,A_REVERSE);
@@ -692,9 +688,11 @@ char *cDisplay (dlistptr *ptr)
{ {
static char p[100]; static char p[100];
if ((*ptr)->datainfo.type == BOOL_TYPE) if ((*ptr)->datainfo.type == BOOL_TYPE)
sprintf(p, " %-28s %8s", (*ptr)->datainfo.option, (*ptr)->datainfo.integer? "On":"Off"); snprintf(p, sizeof p, " %-28s %8s",
(*ptr)->datainfo.option, (*ptr)->datainfo.integer? "On":"Off");
else if ((*ptr)->datainfo.type == INT_TYPE) else if ((*ptr)->datainfo.type == INT_TYPE)
sprintf(p, " %-28s %8d", (*ptr)->datainfo.option, (*ptr)->datainfo.integer); snprintf(p, sizeof p, " %-28s %8d",
(*ptr)->datainfo.option, (*ptr)->datainfo.integer);
return p; return p;
} }
@@ -707,8 +705,8 @@ register int row = c->srow;
dlistptr p = c->list_start; dlistptr p = c->list_start;
int i = 0; int i = 0;
char buff[200]; char buff[200];
if (c->ecol - c->scol) if (c->ecol >= c->scol)
sprintf(buff, "%*s",c->ecol - c->scol + 1, " "); snprintf(buff, sizeof buff, "%*s",c->ecol - c->scol + 1, " ");
while (i <= c->erow - c->srow && p != NULL) while (i <= c->erow - c->srow && p != NULL)
{ {
@@ -1086,8 +1084,8 @@ char *eDisplay (dlistptr *ptr)
{ {
static char p[100]; static char p[100];
char str[40]; char str[40];
sprintf(str, "%d", (*ptr)->datainfo.integer); snprintf(str, sizeof str, "%d", (*ptr)->datainfo.integer);
sprintf(p, "%14s", str); snprintf(p, sizeof p, "%14s", str);
return p; return p;
} }
@@ -1101,8 +1099,8 @@ dlistptr p = c->list_start;
int i = 0; int i = 0;
char buff[200]; char buff[200];
if (c->ecol - c->scol) if (c->ecol >= c->scol)
sprintf(buff, "%*s",c->ecol - c->scol + 1, " "); snprintf(buff, sizeof buff, "%*s",c->ecol - c->scol + 1, " ");
while (i <= c->erow - c->srow && p != NULL) while (i <= c->erow - c->srow && p != NULL)
{ {
@@ -1121,9 +1119,14 @@ char buff[200];
} }
int Edit_Entry(CELL *c) { int Edit_Entry(CELL *c) {
char tmp[180]; char tmp[200];
int n_spaces = c->ecol - 2 - c->scol - 4;
memset(tmp, ' ', sizeof(tmp)-1); memset(tmp, ' ', sizeof(tmp)-1);
tmp[c->ecol - 2 - c->scol - 4] = 0; if (n_spaces < sizeof tmp)
tmp[n_spaces] = 0;
else
tmp[sizeof tmp - 1] = 0;
mvwaddstr (c->window, c->srow - 1 , c->scol, tmp); mvwaddstr (c->window, c->srow - 1 , c->scol, tmp);
mvwaddstr (c->window, c->srow - 1, c->scol + 4, c->start->datainfo.option); mvwaddstr (c->window, c->srow - 1, c->scol + 4, c->start->datainfo.option);
wrefresh(c->window); wrefresh(c->window);
@@ -1133,9 +1136,14 @@ char tmp[180];
int edit_enter (CELL *c) int edit_enter (CELL *c)
{ {
char tmp[180]; char tmp[200];
int n_spaces = c->ecol - 2 - c->scol - 4;
memset(tmp, ' ', sizeof(tmp)-1); memset(tmp, ' ', sizeof(tmp)-1);
tmp[c->ecol - 2 - c->scol - 4] = 0; if (n_spaces < sizeof tmp)
tmp[n_spaces] = 0;
else
tmp[sizeof tmp - 1] = 0;
if (c->current->datainfo.type == INT_TYPE) if (c->current->datainfo.type == INT_TYPE)
{ {
c->redraw = TRUE; c->redraw = TRUE;
@@ -1191,9 +1199,14 @@ int end = 0;
int edit_exit(CELL *c) int edit_exit(CELL *c)
{ {
char tmp[180]; char tmp[200];
int n_spaces = c->ecol - 2 - c->scol - 4;
memset(tmp, ' ', sizeof(tmp)-1); memset(tmp, ' ', sizeof(tmp)-1);
tmp[c->ecol - 2 - c->scol - 4] = 0; if (n_spaces < sizeof tmp)
tmp[n_spaces] = 0;
else
tmp[sizeof tmp - 1] = 0;
mvwaddstr (c->window, c->srow - 1 , c->scol, tmp); mvwaddstr (c->window, c->srow - 1 , c->scol, tmp);
mvwaddstr (c->window, c->srow , c->scol, tmp); mvwaddstr (c->window, c->srow , c->scol, tmp);
return TRUE; return TRUE;