From 30be4fc9e201474af8ad7c1474ef1db25884df30 Mon Sep 17 00:00:00 2001 From: Paul Mangan Date: Thu, 24 Mar 2005 10:14:19 +0000 Subject: [PATCH] 2005-03-24 [paul] 1.0.3cvs8 * ChangeLog * ChangeLog.jp * src/codeconv.c * src/textview.c * src/unmime.c * src/unmime.h * src/common/smtp.c sync with main 1.0.4 see ChangeLog 2005-03-18 and 2005-03-24 fixes buffer overflow --- ChangeLog | 29 +++++++++++++++++++++++++++++ ChangeLog.claws | 13 +++++++++++++ ChangeLog.jp | 29 +++++++++++++++++++++++++++++ PATCHSETS | 1 + configure.ac | 2 +- src/codeconv.c | 4 ++-- src/common/smtp.c | 2 +- src/textview.c | 1 + src/unmime.c | 40 ++++++++++++++++++++++++++++++++++------ src/unmime.h | 3 ++- 10 files changed, 113 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 550b06e46..4c7f8e892 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,32 @@ +2005-03-24 + + * version 1.0.4 + +2005-03-24 + + * src/procmime.c: + procmime_scan_content_type() + procmime_scan_content_disposition(): fixed possible stack buffer + overflow. + * src/codeconv.c: conv_unmime_header() + src/unmime.[ch]: unmime_header(): added an argument for buffer size + and restricted the size of decoded string to remove the possibility + of buffer overflow. + +2005-03-18 + + * src/smtp.c: smtp_ehlo_recv(): strict check for AUTH string. + +2005-03-18 + + * src/textview.c: textview_show_html(): force output of newline. + +2005-03-18 + + * src/account.c: account_find_from_message_file(): added missing + NULL terminator of the HeaderEntry array which had introduced + crash on re-edit (thanks to Michael Schwendt). + 2005-03-04 * version 1.0.3 diff --git a/ChangeLog.claws b/ChangeLog.claws index bdf08d594..e5f190e54 100644 --- a/ChangeLog.claws +++ b/ChangeLog.claws @@ -1,3 +1,16 @@ +2005-03-24 [paul] 1.0.3cvs8 + + * ChangeLog + * ChangeLog.jp + * src/codeconv.c + * src/textview.c + * src/unmime.c + * src/unmime.h + * src/common/smtp.c + sync with main 1.0.4 + see ChangeLog 2005-03-18 and 2005-03-24 + fixes buffer overflow + 2005-03-25 [paul] * tools/Makefile.am diff --git a/ChangeLog.jp b/ChangeLog.jp index d7acb647f..fefbeb2b7 100644 --- a/ChangeLog.jp +++ b/ChangeLog.jp @@ -1,3 +1,32 @@ +2005-03-24 + + * version 1.0.4 + +2005-03-24 + + * src/procmime.c: + procmime_scan_content_type() + procmime_scan_content_disposition(): ¥¹¥¿¥Ã¥¯¥Ð¥Ã¥Õ¥¡¥ª¡¼¥Ð¡¼ + ¥Õ¥í¡¼¤òµ¯¤³¤¹²ÄǽÀ­¤¬¤¢¤Ã¤¿¤Î¤ò½¤Àµ¡£ + * src/codeconv.c: conv_unmime_header() + src/unmime.[ch]: unmime_header(): ¥Ð¥Ã¥Õ¥¡¥µ¥¤¥º¤Î°ú¿ô¤òÄɲä·¡¢ + ¥Ç¥³¡¼¥É¤·¤¿Ê¸»úÎó¤Î¥µ¥¤¥º¤òÀ©¸Â¤·¡¢¥Ð¥Ã¥Õ¥¡¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤Î + ²ÄǽÀ­¤ò̵¤¯¤·¤¿¡£ + +2005-03-18 + + * src/smtp.c: smtp_ehlo_recv(): AUTH ʸ»úÎó¤ò¸·Ì©¤Ë¥Á¥§¥Ã¥¯¡£ + +2005-03-18 + + * src/textview.c: textview_show_html(): ¶¯À©Åª¤Ë²þ¹Ô¤ò½ÐÎÏ¡£ + +2005-03-18 + + * src/account.c: account_find_from_message_file(): HeaderEntry ÇÛÎó + ¤Î NULL ½ªÃ¼¤¬È´¤±¤Æ¤¤¤¿¤Î¤òÄɲÃ(ºÆÊÔ½¸»þ¤Ë¥¯¥é¥Ã¥·¥å¤òµ¯¤³¤·¤Æ + ¤¤¤¿) (Michael Schwendt ¤µ¤ó thanks)¡£ + 2005-03-04 * version 1.0.3 diff --git a/PATCHSETS b/PATCHSETS index c0fa9e75a..6f7d56df6 100644 --- a/PATCHSETS +++ b/PATCHSETS @@ -267,3 +267,4 @@ ( cvs diff -u -r 1.480 -r 1.481 src/compose.c; ) > 1.0.3cvs5.patchset ( cvs diff -u -r 1.15 -r 1.16 src/common/plugin.c; cvs diff -u -r 1.62 -r 1.63 src/procheader.c; ) > 1.0.3cvs6.patchset ( cvs diff -u -r 1.24 -r 1.25 src/plugins/spamassassin/spamassassin.c; ) > 1.0.3cvs7.patchset +( cvs diff -u -r 1.459 -r 1.460 ChangeLog; cvs diff -u -r 1.454 -r 1.455 ChangeLog.jp; cvs diff -u -r 1.75 -r 1.76 src/codeconv.c; cvs diff -u -r 1.130 -r 1.131 src/textview.c; cvs diff -u -r 1.9 -r 1.10 src/unmime.c; cvs diff -u -r 1.2 -r 1.3 src/unmime.h; cvs diff -u -r 1.21 -r 1.22 src/common/smtp.c; ) > 1.0.3cvs8.patchset diff --git a/configure.ac b/configure.ac index f0053138f..1e566635e 100644 --- a/configure.ac +++ b/configure.ac @@ -11,7 +11,7 @@ MINOR_VERSION=0 MICRO_VERSION=3 INTERFACE_AGE=0 BINARY_AGE=0 -EXTRA_VERSION=7 +EXTRA_VERSION=8 EXTRA_RELEASE= if test \( $EXTRA_VERSION -eq 0 \) -o \( "x$EXTRA_RELEASE" != "x" \); then diff --git a/src/codeconv.c b/src/codeconv.c index d177f743c..53e2fcdc9 100644 --- a/src/codeconv.c +++ b/src/codeconv.c @@ -1467,9 +1467,9 @@ void conv_unmime_header(gchar *outbuf, gint outlen, const gchar *str, buflen = strlen(str) * 2 + 1; Xalloca(buf, buflen, return); conv_anytodisp(buf, buflen, str); - unmime_header(outbuf, buf); + unmime_header(outbuf, outlen, buf); } else - unmime_header(outbuf, str); + unmime_header(outbuf, outlen, str); } #define MAX_LINELEN 76 diff --git a/src/common/smtp.c b/src/common/smtp.c index 43a1f7447..d9a357af2 100644 --- a/src/common/smtp.c +++ b/src/common/smtp.c @@ -286,7 +286,7 @@ static gint smtp_ehlo_recv(SMTPSession *session, const gchar *msg) const gchar *p = msg; p += 3; if (*p == '-' || *p == ' ') p++; - if (g_strncasecmp(p, "AUTH", 4) == 0) { + if (g_strncasecmp(p, "AUTH", 4) == 0 && p[4] != '\0') { p += 5; if (strcasestr(p, "PLAIN")) session->avail_auth_type |= SMTPAUTH_PLAIN; diff --git a/src/textview.c b/src/textview.c index ff6fb6020..0b45c5f25 100644 --- a/src/textview.c +++ b/src/textview.c @@ -636,6 +636,7 @@ static void textview_show_html(TextView *textview, FILE *fp, } else textview_write_line(textview, str, NULL); } + textview_write_line(textview, "\n", NULL); html_parser_destroy(parser); } diff --git a/src/unmime.c b/src/unmime.c index e7dce0985..635be18e9 100644 --- a/src/unmime.c +++ b/src/unmime.c @@ -1,6 +1,6 @@ /* * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client - * Copyright (C) 1999-2003 Hiroyuki Yamamoto + * Copyright (C) 1999-2005 Hiroyuki Yamamoto * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,13 +28,14 @@ #include "codeconv.h" #include "base64.h" #include "quoted-printable.h" +#include "utils.h" #define ENCODED_WORD_BEGIN "=?" #define ENCODED_WORD_END "?=" /* Decodes headers based on RFC2045 and RFC2047. */ -void unmime_header(gchar *out, const gchar *str) +void unmime_header(gchar *out, gint outlen, const gchar *str) { const gchar *p = str; gchar *outp = out; @@ -50,28 +51,33 @@ void unmime_header(gchar *out, const gchar *str) eword_begin_p = strstr(p, ENCODED_WORD_BEGIN); if (!eword_begin_p) { - strcpy(outp, p); + strncpy2(outp, p, outlen); return; } encoding_begin_p = strchr(eword_begin_p + 2, '?'); if (!encoding_begin_p) { - strcpy(outp, p); + strncpy2(outp, p, outlen); return; } text_begin_p = strchr(encoding_begin_p + 1, '?'); if (!text_begin_p) { - strcpy(outp, p); + strncpy2(outp, p, outlen); return; } eword_end_p = strstr(text_begin_p + 1, ENCODED_WORD_END); if (!eword_end_p) { - strcpy(outp, p); + strncpy2(outp, p, outlen); return; } if (p == str) { + if (eword_begin_p - p > outlen - 1) { + strncpy2(outp, p, outlen); + return; + } memcpy(outp, p, eword_begin_p - p); outp += eword_begin_p - p; + outlen -= eword_begin_p - p; p = eword_begin_p; } else { /* ignore spaces between encoded words */ @@ -79,8 +85,13 @@ void unmime_header(gchar *out, const gchar *str) for (sp = p; sp < eword_begin_p; sp++) { if (!isspace(*(const guchar *)sp)) { + if (eword_begin_p - p > outlen - 1) { + strncpy2(outp, p, outlen); + return; + } memcpy(outp, p, eword_begin_p - p); outp += eword_begin_p - p; + outlen -= eword_begin_p - p; p = eword_begin_p; break; } @@ -106,8 +117,13 @@ void unmime_header(gchar *out, const gchar *str) (decoded_text, text_begin_p + 1, eword_end_p - (text_begin_p + 1)); } else { + if (eword_end_p + 2 - p > outlen - 1) { + strncpy2(outp, p, outlen); + return; + } memcpy(outp, p, eword_end_p + 2 - p); outp += eword_end_p + 2 - p; + outlen -= eword_end_p + 2 - p; p = eword_end_p + 2; continue; } @@ -116,13 +132,25 @@ void unmime_header(gchar *out, const gchar *str) conv_str = conv_codeset_strdup(decoded_text, charset, NULL); if (conv_str) { len = strlen(conv_str); + if (len > outlen - 1) { + strncpy2(outp, conv_str, outlen); + g_free(conv_str); + g_free(decoded_text); + return; + } memcpy(outp, conv_str, len); g_free(conv_str); } else { len = strlen(decoded_text); + if (len > outlen - 1) { + conv_localetodisp(outp, outlen, decoded_text); + g_free(decoded_text); + return; + } conv_localetodisp(outp, len + 1, decoded_text); } outp += len; + outlen -= len; g_free(decoded_text); diff --git a/src/unmime.h b/src/unmime.h index 8e6d83979..6e5b64c9b 100644 --- a/src/unmime.h +++ b/src/unmime.h @@ -1,6 +1,6 @@ /* * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client - * Copyright (C) 1999-2002 Hiroyuki Yamamoto + * Copyright (C) 1999-2005 Hiroyuki Yamamoto * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -23,6 +23,7 @@ #include void unmime_header (gchar *out, + gint len, const gchar *str); gint unmime_quoted_printable_line (gchar *str); -- 2.25.1