[Commits] addrbook.c 1.22.2.24 1.22.2.25 exportldif.c 1.1.4.22 1.1.4.23 jpilot.c 1.18.2.32 1.18.2.33 mutt.c 1.6.10.18 1.6.10.19 pine.c 1.6.2.17 1.6.2.18 procmsg.c 1.150.2.117 1.150.2.118 vcard.c 1.14.2.20 1.14.2.21

mones at claws-mail.org mones at claws-mail.org
Mon Oct 17 13:02:46 CEST 2011 

Update of /home/claws-mail/claws/src
In directory claws-mail:/tmp/cvs-serv25853/src

Modified Files:
      Tag: gtk2
	addrbook.c exportldif.c jpilot.c mutt.c pine.c procmsg.c 
	vcard.c 
Log Message:
2011-10-17 [mones]	3.7.10cvs34

	* src/addrbook.c
	* src/exportldif.c
	* src/jpilot.c
	* src/mutt.c
	* src/pine.c
	* src/procmsg.c
	* src/vcard.c
		Fix potential out-of-buffer writes 

Index: mutt.c
===================================================================
RCS file: /home/claws-mail/claws/src/mutt.c,v
retrieving revision 1.6.10.18
retrieving revision 1.6.10.19
diff -u -d -r1.6.10.18 -r1.6.10.19
--- mutt.c	16 Feb 2011 07:16:11 -0000	1.6.10.18
+++ mutt.c	17 Oct 2011 11:02:44 -0000	1.6.10.19
@@ -540,7 +540,7 @@
 	homedir = get_home_dir();
 	if( ! homedir ) return g_strdup( "" );
 
-	strcpy( str, homedir );
+	strncpy( str, homedir, WORK_BUFLEN );
 	len = strlen( str );
 	if( len > 0 ) {
 		if( str[ len-1 ] != G_DIR_SEPARATOR ) {
@@ -548,7 +548,7 @@
 			str[ ++len ] = '\0';
 		}
 	}
-	strcat( str, MUTT_HOME_FILE );
+	strncat( str, MUTT_HOME_FILE, WORK_BUFLEN );
 
 	/* Attempt to open */
 	if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {

Index: procmsg.c
===================================================================
RCS file: /home/claws-mail/claws/src/procmsg.c,v
retrieving revision 1.150.2.117
retrieving revision 1.150.2.118
diff -u -d -r1.150.2.117 -r1.150.2.118
--- procmsg.c	16 Feb 2011 07:16:15 -0000	1.150.2.117
+++ procmsg.c	17 Oct 2011 11:02:44 -0000	1.150.2.118
@@ -1135,7 +1135,7 @@
 	g_free(prtmp);
 
 	g_strchomp(buf);
-	if (buf[strlen(buf) - 1] != '&') strcat(buf, "&");
+	if (buf[strlen(buf) - 1] != '&') strncat(buf, "&", sizeof(buf));
 	if (system(buf) == -1)
 		g_warning("system(%s) failed.", buf);
 }

Index: pine.c
===================================================================
RCS file: /home/claws-mail/claws/src/pine.c,v
retrieving revision 1.6.2.17
retrieving revision 1.6.2.18
diff -u -d -r1.6.2.17 -r1.6.2.18
--- pine.c	16 Feb 2011 07:16:11 -0000	1.6.2.17
+++ pine.c	17 Oct 2011 11:02:44 -0000	1.6.2.18
@@ -642,7 +642,7 @@
 	homedir = get_home_dir();
 	if( ! homedir ) return g_strdup( "" );
 
-	strcpy( str, homedir );
+	strncpy( str, homedir, WORK_BUFLEN );
 	len = strlen( str );
 	if( len > 0 ) {
 		if( str[ len-1 ] != G_DIR_SEPARATOR ) {
@@ -650,7 +650,7 @@
 			str[ ++len ] = '\0';
 		}
 	}
-	strcat( str, PINE_HOME_FILE );
+	strncat( str, PINE_HOME_FILE, WORK_BUFLEN );
 
 	/* Attempt to open */
 	if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {

Index: vcard.c
===================================================================
RCS file: /home/claws-mail/claws/src/vcard.c,v
retrieving revision 1.14.2.20
retrieving revision 1.14.2.21
diff -u -d -r1.14.2.20 -r1.14.2.21
--- vcard.c	16 Feb 2011 07:16:17 -0000	1.14.2.20
+++ vcard.c	17 Oct 2011 11:02:44 -0000	1.14.2.21
@@ -569,7 +569,7 @@
 	homedir = get_home_dir();
 	if( ! homedir ) return NULL;
 
-	strcpy( str, homedir );
+	strncpy( str, homedir, WORK_BUFLEN );
 	len = strlen( str );
 	if( len > 0 ) {
 		if( str[ len-1 ] != G_DIR_SEPARATOR ) {
@@ -577,9 +577,9 @@
 			str[ ++len ] = '\0';
 		}
 	}
-	strcat( str, GNOMECARD_DIR );
-	strcat( str, G_DIR_SEPARATOR_S );
-	strcat( str, GNOMECARD_FILE );
+	strncat( str, GNOMECARD_DIR, WORK_BUFLEN );
+	strncat( str, G_DIR_SEPARATOR_S, WORK_BUFLEN );
+	strncat( str, GNOMECARD_FILE, WORK_BUFLEN );
 
 	fileSpec = NULL;
 	if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {

Index: addrbook.c
===================================================================
RCS file: /home/claws-mail/claws/src/addrbook.c,v
retrieving revision 1.22.2.24
retrieving revision 1.22.2.25
diff -u -d -r1.22.2.24 -r1.22.2.25
--- addrbook.c	16 Feb 2011 07:15:55 -0000	1.22.2.24
+++ addrbook.c	17 Oct 2011 11:02:44 -0000	1.22.2.25
@@ -1817,7 +1817,7 @@
 		return NULL;
 	}
 
-	strcpy(buf, book->path);
+	strncpy(buf, book->path, WORK_BUFLEN);
 	len = strlen(buf);
 	if (len > 0) {
 		if (buf[len-1] != G_DIR_SEPARATOR) {
@@ -1827,7 +1827,7 @@
 	}
 
 	adbookdir = g_strdup(buf);
-	strcat(buf, ADDRBOOK_PREFIX);
+	strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN);
 
 	if( ( dir = g_dir_open( adbookdir, 0, NULL ) ) == NULL ) {
 		book->retVal = MGU_OPEN_DIRECTORY;
@@ -1845,8 +1845,8 @@
 		gint i;
 		gboolean flg;
 
-		strcpy(buf, adbookdir);
-		strcat( buf, dir_name );
+		strncpy(buf, adbookdir, WORK_BUFLEN);
+		strncat(buf, dir_name, WORK_BUFLEN);
 		g_stat(buf, &statbuf);
 		if (S_ISREG(statbuf.st_mode)) {
 			if (strncmp(

Index: exportldif.c
===================================================================
RCS file: /home/claws-mail/claws/src/exportldif.c,v
retrieving revision 1.1.4.22
retrieving revision 1.1.4.23
diff -u -d -r1.1.4.22 -r1.1.4.23
--- exportldif.c	16 Feb 2011 07:15:58 -0000	1.1.4.22
+++ exportldif.c	17 Oct 2011 11:02:44 -0000	1.1.4.23
@@ -231,23 +231,23 @@
 	if( attr ) {
 		if( value ) {
 			if( strlen( value ) > 0 ) {
-				strcat( buf, attr );
-				strcat( buf, "=" );
+				strncat( buf, attr, FMT_BUFSIZE );
+				strncat( buf, "=", FMT_BUFSIZE );
 				if( dupval ) {
 					/* Format and free duplicated value */
-					strcat( buf, dupval );
+					strncat( buf, dupval, FMT_BUFSIZE );
 					g_free( dupval );
 				}
 				else {
 					/* Use original value */
-					strcat( buf, value );
+					strncat( buf, value, FMT_BUFSIZE );
 				}
 
 				/* Append suffix */
 				if( ctl->suffix ) {
 					if( strlen( ctl->suffix ) > 0 ) {
-						strcat( buf, "," );
-						strcat( buf, ctl->suffix );
+						strncat( buf, ",", FMT_BUFSIZE );
+						strncat( buf, ctl->suffix, FMT_BUFSIZE );
 					}
 				}
 

Index: jpilot.c
===================================================================
RCS file: /home/claws-mail/claws/src/jpilot.c,v
retrieving revision 1.18.2.32
retrieving revision 1.18.2.33
diff -u -d -r1.18.2.32 -r1.18.2.33
--- jpilot.c	16 Feb 2011 07:16:04 -0000	1.18.2.32
+++ jpilot.c	17 Oct 2011 11:02:44 -0000	1.18.2.33
@@ -1610,9 +1610,9 @@
 			str[ ++len ] = '\0';
 		}
 	}
-	strcat( str, JPILOT_DBHOME_DIR );
-	strcat( str, G_DIR_SEPARATOR_S );
-	strcat( str, JPILOT_DBHOME_FILE );
+	strncat( str, JPILOT_DBHOME_DIR, WORK_BUFLEN );
+	strncat( str, G_DIR_SEPARATOR_S, WORK_BUFLEN );
+	strncat( str, JPILOT_DBHOME_FILE, WORK_BUFLEN );
 
 	/* Attempt to open */
 	if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {

More information about the Commits mailing list