Mercurial > ~mikael > mcabber > hg
comparison mcabber/src/commands.c @ 1443:0623d694a77f
Forbid NUL characters when using /say_to -f
(Reported by Myhailo Danylenko)
| author | Mikael Berthe <mikael@lilotux.net> |
|---|---|
| date | Fri, 29 Feb 2008 14:55:55 +0100 |
| parents | b49a1edba983 |
| children | 2b43d89a10bb |
comparison
equal
deleted
inserted
replaced
| 1442:b49a1edba983 | 1443:0623d694a77f |
|---|---|
| 1354 FILE *fd; | 1354 FILE *fd; |
| 1355 struct stat buf; | 1355 struct stat buf; |
| 1356 char *msgbuf, *msgbuf_utf8; | 1356 char *msgbuf, *msgbuf_utf8; |
| 1357 char *p; | 1357 char *p; |
| 1358 char *next_utf8_char; | 1358 char *next_utf8_char; |
| 1359 size_t len; | |
| 1359 | 1360 |
| 1360 fd = fopen(filename, "r"); | 1361 fd = fopen(filename, "r"); |
| 1361 | 1362 |
| 1362 if (!fd || fstat(fileno(fd), &buf)) { | 1363 if (!fd || fstat(fileno(fd), &buf)) { |
| 1363 scr_LogPrint(LPRINT_LOGNORM, "Cannot open message file (%s)", filename); | 1364 scr_LogPrint(LPRINT_LOGNORM, "Cannot open message file (%s)", filename); |
| 1371 fclose(fd); | 1372 fclose(fd); |
| 1372 return NULL; | 1373 return NULL; |
| 1373 } | 1374 } |
| 1374 | 1375 |
| 1375 msgbuf = g_new0(char, HBB_BLOCKSIZE); | 1376 msgbuf = g_new0(char, HBB_BLOCKSIZE); |
| 1376 fread(msgbuf, HBB_BLOCKSIZE-1, 1, fd); | 1377 len = fread(msgbuf, 1, HBB_BLOCKSIZE-1, fd); |
| 1377 fclose(fd); | 1378 fclose(fd); |
| 1378 | 1379 |
| 1379 next_utf8_char = msgbuf; | 1380 next_utf8_char = msgbuf; |
| 1380 | 1381 |
| 1381 // Strip trailing newlines | 1382 // Check there is no binary data. It must be a *message* file! |
| 1382 for (p = msgbuf ; *p ; p++) { | 1383 for (p = msgbuf ; *p ; p++) { |
| 1383 // Check there is no binary data. It must be a *message* file! | |
| 1384 if (utf8_mode) { | 1384 if (utf8_mode) { |
| 1385 if (p == next_utf8_char) { | 1385 if (p == next_utf8_char) { |
| 1386 if (!iswprint(get_char(p)) && *p != '\n') | 1386 if (!iswprint(get_char(p)) && *p != '\n') |
| 1387 break; | 1387 break; |
| 1388 next_utf8_char = next_char(p); | 1388 next_utf8_char = next_char(p); |
| 1392 if (!iswprint(sc) && sc != '\n') | 1392 if (!iswprint(sc) && sc != '\n') |
| 1393 break; | 1393 break; |
| 1394 } | 1394 } |
| 1395 } | 1395 } |
| 1396 | 1396 |
| 1397 if (*p) { // We're not at the End Of Line... | 1397 if (*p || (size_t)(p-msgbuf) != len) { // We're not at the End Of Line... |
| 1398 scr_LogPrint(LPRINT_LOGNORM, "Message file contains " | 1398 scr_LogPrint(LPRINT_LOGNORM, "Message file contains " |
| 1399 "invalid characters (%s)", filename); | 1399 "invalid characters (%s)", filename); |
| 1400 g_free(msgbuf); | 1400 g_free(msgbuf); |
| 1401 return NULL; | 1401 return NULL; |
| 1402 } | 1402 } |
| 1403 | 1403 |
| 1404 // p is now at the EOL | 1404 // p is now at the EOL |
| 1405 // Let's strip trailing newlines | |
| 1405 if (p > msgbuf) | 1406 if (p > msgbuf) |
| 1406 p--; | 1407 p--; |
| 1407 while (p > msgbuf && *p == '\n') | 1408 while (p > msgbuf && *p == '\n') |
| 1408 *p-- = 0; | 1409 *p-- = 0; |
| 1409 | 1410 |