pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-12 14:14:48 +02:00
Code Activity

relay: fix integer overflow in loops (issue #2178)

Browse Source
This commit is contained in:
Sébastien Helleu
2024-09-05 21:39:25 +02:00
parent 62d0347d4b
commit 970f20af31
2 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/plugins/relay/api/remote/relay-remote-event.c
+3 -4
View File
@@ -267,9 +267,8 @@ relay_remote_event_search_line_by_id (struct t_gui_buffer *buffer, int id)
struct t_gui_lines *ptr_lines;
struct t_gui_line *ptr_line;
struct t_gui_line_data *ptr_line_data;
const char **tags;
const char **tags, **ptr_tag;
char str_tag_id[512];
int i;
if (!buffer)
return NULL;
@@ -292,9 +291,9 @@ relay_remote_event_search_line_by_id (struct t_gui_buffer *buffer, int id)
tags = weechat_hdata_pointer (relay_hdata_line_data, ptr_line_data, "tags_array");
if (tags)
{
for (i = 0; tags[i]; i++)
for (ptr_tag = tags; *ptr_tag; ptr_tag++)
{
if (weechat_strcmp (tags[i], str_tag_id) == 0)
if (weechat_strcmp (*ptr_tag, str_tag_id) == 0)
return ptr_line;
}
}
src/plugins/relay/weechat/relay-weechat-protocol.c
+20 -19
View File
@@ -219,8 +219,9 @@ relay_weechat_protocol_handshake_reply (struct t_relay_client *client,
RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
{
char **options, **auths, **compressions, *pos;
int i, j, index_hash_algo, hash_algo_found, auth_allowed, compression;
char **options, **auths, **compressions, *pos, **ptr_option, **ptr_auth;
char **ptr_comp;
int index_hash_algo, hash_algo_found, auth_allowed, compression;
int password_received, plain_text_password;
RELAY_WEECHAT_PROTOCOL_MIN_ARGS(0);
@@ -242,14 +243,14 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
weechat_string_split_command (argv_eol[0], ',') : NULL;
if (options)
{
for (i = 0; options[i]; i++)
for (ptr_option = options; *ptr_option; ptr_option++)
{
pos = strchr (options[i], '=');
pos = strchr (*ptr_option, '=');
if (pos)
{
pos[0] = '\0';
pos++;
if (strcmp (options[i], "password_hash_algo") == 0)
if (strcmp (*ptr_option, "password_hash_algo") == 0)
{
password_received = 1;
auths = weechat_string_split (
@@ -263,10 +264,9 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
NULL);
if (auths)
{
for (j = 0; auths[j]; j++)
for (ptr_auth = auths; *ptr_auth; ptr_auth++)
{
index_hash_algo = relay_auth_password_hash_algo_search (
auths[j]);
index_hash_algo = relay_auth_password_hash_algo_search (*ptr_auth);
if ((index_hash_algo >= 0) && (index_hash_algo > hash_algo_found))
{
auth_allowed = weechat_string_match_list (
@@ -280,7 +280,7 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
weechat_string_free_split (auths);
}
}
else if (strcmp (options[i], "compression") == 0)
else if (strcmp (*ptr_option, "compression") == 0)
{
compressions = weechat_string_split (
pos,
@@ -293,9 +293,9 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
NULL);
if (compressions)
{
for (j = 0; compressions[j]; j++)
for (ptr_comp = compressions; *ptr_comp; ptr_comp++)
{
compression = relay_weechat_compression_search (compressions[j]);
compression = relay_weechat_compression_search (*ptr_comp);
if (compression >= 0)
{
RELAY_WEECHAT_DATA(client, compression) = compression;
@@ -305,7 +305,7 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
weechat_string_free_split (compressions);
}
}
else if (strcmp (options[i], "escape_commands") == 0)
else if (strcmp (*ptr_option, "escape_commands") == 0)
{
RELAY_WEECHAT_DATA(client, escape_commands) =
(weechat_strcmp (pos, "on") == 0) ?
@@ -361,8 +361,9 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(handshake)
RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
{
char **options, *pos, *relay_password, *totp_secret, *info_totp_args, *info_totp;
int i, length, password_received, totp_received;
char **options, *pos, *relay_password, *totp_secret;
char *info_totp_args, *info_totp, **ptr_option;
int length, password_received, totp_received;
RELAY_WEECHAT_PROTOCOL_MIN_ARGS(0);
@@ -380,14 +381,14 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
weechat_string_split_command (argv_eol[0], ',') : NULL;
if (options)
{
for (i = 0; options[i]; i++)
for (ptr_option = options; *ptr_option; ptr_option++)
{
pos = strchr (options[i], '=');
pos = strchr (*ptr_option, '=');
if (pos)
{
pos[0] = '\0';
pos++;
if (strcmp (options[i], "password") == 0)
if (strcmp (*ptr_option, "password") == 0)
{
password_received = 1;
if ((client->password_hash_algo == RELAY_AUTH_PASSWORD_HASH_PLAIN)
@@ -396,13 +397,13 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
RELAY_WEECHAT_DATA(client, password_ok) = 1;
}
}
else if (strcmp (options[i], "password_hash") == 0)
else if (strcmp (*ptr_option, "password_hash") == 0)
{
password_received = 1;
if (relay_auth_password_hash (client, pos, relay_password) == 0)
RELAY_WEECHAT_DATA(client, password_ok) = 1;
}
else if (strcmp (options[i], "totp") == 0)
else if (strcmp (*ptr_option, "totp") == 0)
{
totp_received = 1;
if (totp_secret)