Thank you for your patches. I've checked them in to cvs. Your use of origlen in these string.c snprintf's looks wrong, so I replaced the origlen's that you added with a variable that has the actual malloc length for origconvbuf:
+ origlen=snprintf(origconvbuf, origlen,"(buffer overflow) %s",string);
fumi_at_w3.org (Fumihiro Kato) writes:
>Hi,
>
>When we tried the latest CVS on Xeon 64bit system, it still had some 64 bit
>bugs and a markup broken issue. The patch is attached.
>
>--
>Fumihiro Kato <fumi_at_w3.org>
>
>diff -ru hypermail.cvsorig/src/parse.c hypermail/src/parse.c
>--- hypermail.cvsorig/src/parse.c 2007-09-11 19:35:49.000000000 +0900
>+++ hypermail/src/parse.c 2007-09-27 11:34:48.000000000 +0900
>_at_@ -914,11 +914,12 @@
> /* base64 decoding */
> int len;
> #ifdef HAVE_ICONV
>+ size_t tmplen;
> char *output2;
> base64Decode(ptr, output, &len);
>- output2=i18n_convstring(output,charset,"UTF-8",&len);
>- memcpy(output,output2,len);
>- output += len;
>+ output2=i18n_convstring(output,charset,"UTF-8",&tmplen);
>+ memcpy(output,output2,tmplen);
>+ output += tmplen;
> free(output2);
> memcpy(charsetsave,charset,strlen(charset)<255 ? strlen(charset) : 255 );
> #else
>diff -ru hypermail.cvsorig/src/print.c hypermail/src/print.c
>--- hypermail.cvsorig/src/print.c 2007-09-11 19:35:49.000000000 +0900
>+++ hypermail/src/print.c 2007-09-27 11:34:49.000000000 +0900
>_at_@ -264,7 +264,7 @@
> char *id= (pos == PAGE_TOP) ? "options2" : "options3";
>
> #ifdef HAVE_ICONV
>- int tmplen;
>+ size_t tmplen;
> char *tmpptr=i18n_convstring(email->subject,"UTF-8",email->charset,&tmplen);
> #endif
>
>_at_@ -766,7 +766,7 @@
> const char *endline;
> const char *subj_tag;
> const char *subj_end_tag;
>- static char date_str[DATESTRLEN+11]; /* made static for smaller stack */
>+ static char date_str[DATESTRLEN+40]; /* made static for smaller stack */
> static char *first_attributes = "<a accesskey=\"j\" name=\"first\" id=\"first\"></a>";
>
> if (hp != NULL) {
>_at_@ -796,7 +796,7 @@
> }
> else
> is_first = TRUE;
>- sprintf(date_str, "<li>%s<dfn>%s</dfn><ul>\n",
>+ snprintf(date_str, sizeof(date_str), "<li>%s<dfn>%s</dfn><ul>\n",
> (is_first) ? first_attributes : "", tmp);
> fprintf (fp, "%s", date_str);
> strcpy (prev_date_str, tmp);
>_at_@ -1035,7 +1035,7 @@
> char *c;
>
> #ifdef HAVE_ICONV
>- int tmplen;
>+ size_t tmplen;
> char *tmpptr=i18n_convstring(mailsubject,"UTF-8",charset,&tmplen);
> mailsubject=tmpptr;
> #endif
>_at_@ -1136,7 +1136,7 @@
> }
> else{
> #ifdef HAVE_ICONV
>- int tmplen;
>+ size_t tmplen;
> char *tmpptr=i18n_convstring(header_content,"UTF-8",email->charset,&tmplen);
> ConvURLs(fp, tmpptr, id, subject, email->charset);
> if (tmpptr)
>_at_@ -1580,7 +1580,7 @@
> if (set_mailcommand && set_hmail) {
> if ((email->msgid && email->msgid[0]) || (email->subject && email->subject[0])) {
> #ifdef HAVE_ICONV
>- int tmplen;
>+ size_t tmplen;
> char *tmpptr=i18n_convstring(email->subject,"UTF-8",email->charset,&tmplen);
> ptr = makemailcommand(set_replymsg_command, set_hmail, email->msgid,
> tmpptr);
>_at_@ -2332,7 +2332,7 @@
> int newfile;
> char *filename;
> FILE *fp;
>- char prev_date_str[DATESTRLEN];
>+ char prev_date_str[DATESTRLEN + 40];
> char *datename = index_name[email && email->subdir != NULL][DATE_INDEX];
> time_t start_date_num = email && email->subdir ? email->subdir->first_email->date : firstdatenum;
> time_t end_date_num = email && email->subdir ? email->subdir->last_email->date : lastdatenum;
>_at_@ -2586,7 +2586,7 @@
> const char *startline;
> const char *break_str;
> const char *endline;
>- static char date_str[DATESTRLEN+11]; /* made static for smaller stack */
>+ static char date_str[DATESTRLEN+40]; /* made static for smaller stack */
> static char *first_attributes = "<a accesskey=\"j\" name=\"first\" id=\"first\"></a>";
>
> if (hp != NULL) {
>_at_@ -2626,7 +2626,7 @@
> else {
> startline = "<li>";
> break_str = "";
>- sprintf(date_str, "<em>(%s)</em>", getindexdatestr(hp->data->date));
>+ snprintf(date_str, sizeof(date_str), "<em>(%s)</em>", getindexdatestr(hp->data->date));
> endline = "</li>";
> }
> fprintf(fp,
>_at_@ -2733,7 +2733,7 @@
> const char *startline;
> const char *break_str;
> const char *endline;
>- static char date_str[DATESTRLEN+11]; /* made static for smaller stack */
>+ static char date_str[DATESTRLEN+40]; /* made static for smaller stack */
> static char *first_attributes = "<a accesskey=\"j\" name=\"first\" id=\"first\"></a>";
>
> if (hp != NULL) {
>_at_@ -2781,7 +2781,7 @@
> else {
> startline = "<li>";
> break_str = " ";
>- sprintf(date_str, "<em>(%s)</em>", getindexdatestr(hp->data->date));
>+ snprintf(date_str, sizeof(date_str), "<em>(%s)</em>", getindexdatestr(hp->data->date));
> endline = "</li>";
> }
> fprintf(fp,"%s%s%s</a>%s<a name=\"%d\" id=\"%d\">%s</a>%s\n",
>_at_@ -3055,7 +3055,7 @@
> switch (j) {
> case DATE_INDEX:
> {
>- char prev_date_str[DATESTRLEN];
>+ char prev_date_str[DATESTRLEN + 40];
> prev_date_str[0] = '\0';
> printdates(fp1, datelist, y, m, NULL, prev_date_str);
> if (*prev_date_str) /* close the previous date item */
>diff -ru hypermail.cvsorig/src/printfile.c hypermail/src/printfile.c
>--- hypermail.cvsorig/src/printfile.c 2007-09-11 19:35:49.000000000 +0900
>+++ hypermail/src/printfile.c 2007-09-27 11:34:51.000000000 +0900
>_at_@ -46,7 +46,7 @@
> register char *aptr;
> char c;
> char *ptr,*tmpptr=NULL;
>- int tmplen;
>+ size_t tmplen;
>
> aptr = format;
>
>diff -ru hypermail.cvsorig/src/string.c hypermail/src/string.c
>--- hypermail.cvsorig/src/string.c 2007-09-11 19:35:49.000000000 +0900
>+++ hypermail/src/string.c 2007-09-27 11:53:48.000000000 +0900
>_at_@ -103,6 +103,7 @@
> char *convbuf,*origconvbuf;
> iconv_t iconvfd;
> size_t ret;
>+ int error;
>
> if (string){
> strleft=origlen=strlen(string);
>_at_@ -130,7 +131,7 @@
> printf("I18N: libiconv open error.\n");
> }
> }
>- origlen=sprintf(origconvbuf,"(unknown charset) %s",string);
>+ origlen=snprintf(origconvbuf,origlen, "(unknown charset) %s",string);
> origconvbuf[origlen]=0x0;
> *len=origlen;
> return origconvbuf;
>_at_@ -140,38 +141,51 @@
> iconv_close(iconvfd);
>
> if (ret==(size_t)-1){
>+ error = 1;
> switch (errno){
> case E2BIG:
> if(set_showprogress){
> printf("I18N: buffer overflow.\n");
> }
>+ origlen=snprintf(origconvbuf, origlen,"(buffer overflow) %s",string);
>+ error = 1;
> break;
> case EILSEQ:
> if(set_showprogress){
> printf("I18N: invalid multibyte sequence, from %s to %s: %s.\n",fromcharset,tocharset,string);
> }
>- origlen=sprintf(origconvbuf,"(wrong string) %s",string);
>+ origlen=snprintf(origconvbuf, origlen,"(wrong string) %s",string);
>+ error = 1;
> break;
> case EINVAL:
> if(set_showprogress){
>- printf("I18N: incomplete multibyte sqeuence, from %s to %s: %s.\n",fromcharset,tocharset,string);
>+ printf("I18N: incomplete multibyte sequence, from %s to %s: %s.\n",fromcharset,tocharset,string);
> }
>- origlen=sprintf(origconvbuf,"(wrong string) %s",string);
>+ origlen=snprintf(origconvbuf, origlen,"(wrong string) %s",string);
>+ error = 1;
> break;
> }
>+ } else {
>+ error = 0;
> }
>
>- /* hmm... do we really need to do this? (daigo) */
>- if (strncasecmp(tocharset,"ISO-2022-JP",11)==0){
>- *len=origlen*7-bufleft;
>- *(origconvbuf+*len)=0x1b;
>- *(origconvbuf+*len+1)=0x28;
>- *(origconvbuf+*len+2)=0x42;
>- *len+=3;
>- }else{
>- *len=origlen*7-bufleft;
>+ if (error) {
>+ origconvbuf[origlen]=0x0;
>+ *len=origlen;
>+ } else {
>+ /* hmm... do we really need to do this? (daigo) */
>+ if (strncasecmp(tocharset,"ISO-2022-JP",11)==0){
>+ *len=origlen*7-bufleft;
>+ *(origconvbuf+*len)=0x1b;
>+ *(origconvbuf+*len+1)=0x28;
>+ *(origconvbuf+*len+2)=0x42;
>+ *len+=3;
>+ }else{
>+ *len=origlen*7-bufleft;
>+ }
>+
>+ *(origconvbuf+*len)=0x0;
> }
>- *(origconvbuf+*len)=0x0;
>
> return origconvbuf;
> }
>_at_@ -182,7 +196,7 @@
> char *i18n_utf2numref(char *instr,int escape){
>
> char *ucs,*headofucs;
>- int len;
>+ size_t len;
> struct Push buff;
> char strbuf[10];
>
>_at_@ -196,7 +210,8 @@
> headofucs=ucs=i18n_convstring(instr, "UTF-8", "UCS-2BE", &len);
>
> unsigned int p;
>- for(;len>0; len-=2){
>+ int i = (int) len;
>+ for(; i > 0; i-=2){
> p=(unsigned char)*ucs*256+(unsigned char)*(ucs+1);
> if (p<128){
> /* keep ASCII characters human readable */
>diff -ru hypermail.cvsorig/src/uudecode.c hypermail/src/uudecode.c
>--- hypermail.cvsorig/src/uudecode.c 2007-09-11 19:35:49.000000000 +0900
>+++ hypermail/src/uudecode.c 2007-09-27 11:13:18.000000000 +0900
>_at_@ -103,7 +103,7 @@
> }
>
> n = DEC(*p);
>- for (++p; n > 0; p += 4, n -= 3) {
>+ for (++p; (n > 0) && (outlen < 80); p += 4, n -= 3) {
> if (n >= 3) {
>
> if (!(IS_DEC(*p) && IS_DEC(*(p + 1)) && IS_DEC(*(p + 2)) && IS_DEC(*(p + 3))))
-- ------------------------------------------------------------------------------ Peter McCluskey | The road to hell is paved with overconfidence www.bayesianinvestor.com| in your good intentions. - Stuart ArmstrongReceived on Tue 02 Oct 2007 06:07:00 AM GMT
This archive was generated by hypermail 2.3.0 : Sat 13 Mar 2010 03:46:13 AM GMT GMT