diff options
author | Tobias Weimer <wishmaster51@googlemail.com> | 2015-04-21 19:15:27 +0000 |
---|---|---|
committer | Tobias Weimer <wishmaster51@googlemail.com> | 2015-04-21 19:15:27 +0000 |
commit | 6bf05d34ba416ec14f651c22cba8710e52125907 (patch) | |
tree | 9dd23676b4752495c6174d109a09863f8bb5ad1c | |
parent | 7e90e784060b968201c296ef5d0691c234398679 (diff) |
New_GPG:
- Fixed some buffer overruns (char caps[0x10]; and strcpy(cap.caps, "GPG FileTransfer"); )
git-svn-id: http://svn.miranda-ng.org/main/trunk@13018 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c
-rwxr-xr-x | plugins/New_GPG/src/main.cpp | 18 | ||||
-rwxr-xr-x | plugins/New_GPG/src/messages.cpp | 7 | ||||
-rwxr-xr-x | plugins/New_GPG/src/options.cpp | 32 | ||||
-rwxr-xr-x | plugins/New_GPG/src/utilities.cpp | 16 |
4 files changed, 38 insertions, 35 deletions
diff --git a/plugins/New_GPG/src/main.cpp b/plugins/New_GPG/src/main.cpp index a29d698c53..e2981a0344 100755 --- a/plugins/New_GPG/src/main.cpp +++ b/plugins/New_GPG/src/main.cpp @@ -182,7 +182,7 @@ static INT_PTR CALLBACK DlgProcFirstRun(HWND hwndDlg,UINT msg,WPARAM wParam,LPAR p2 = out.find_first_not_of(" ", p+5); p = out.find("<", p2); p++; - p2 = out.find(">", p); + //p2 = out.find(">", p); // continue; //does not add to key list } @@ -1296,7 +1296,7 @@ static INT_PTR CALLBACK DlgProcNewKeyDialog(HWND hwndDlg, UINT msg, WPARAM wPara SetDlgItemText(hwndDlg, ID_IMPORT, tmp[0]?TranslateT("Replace"):TranslateT("Accept")); mir_free(tmp); tmp = new TCHAR [256]; - mir_sntprintf(tmp, SIZEOF(tmp),TranslateT("Received key from %s"), CallService(MS_CLIST_GETCONTACTDISPLAYNAME, hContact, (LPARAM)GCDNF_TCHAR)); + mir_sntprintf(tmp, 255,TranslateT("Received key from %s"), CallService(MS_CLIST_GETCONTACTDISPLAYNAME, hContact, GCDNF_TCHAR)); SetDlgItemText(hwndDlg, IDC_KEY_FROM, tmp); delete [] tmp; } @@ -2245,8 +2245,8 @@ void InitCheck() ICQ_CUSTOMCAP cap; cap.cbSize = sizeof(ICQ_CUSTOMCAP); cap.hIcon = 0; - strcpy(cap.name, "GPG Key AutoExchange"); - strcpy(cap.caps, "GPG AutoExchange"); + strncpy(cap.name, "GPG Key AutoExchange", MAX_CAPNAME-1); + strncpy(cap.caps, "GPGAutoExchange", sizeof(cap.caps)-1); for(int i = 0; i < count; i++) if( ProtoServiceExists(accounts[i]->szProtoName, PS_ICQ_ADDCAPABILITY)) @@ -2260,8 +2260,8 @@ void InitCheck() ICQ_CUSTOMCAP cap; cap.cbSize = sizeof(ICQ_CUSTOMCAP); cap.hIcon = 0; - strcpy(cap.name, "GPG Encrypted FileTransfers"); - strcpy(cap.caps, "GPG FileTransfer"); + strncpy(cap.name, "GPG Encrypted FileTransfers", MAX_CAPNAME-1); + strncpy(cap.caps, "GPGFileTransfer", sizeof(cap.caps)-1); for(int i = 0; i < count; i++) if( ProtoServiceExists(accounts[i]->szProtoName, PS_ICQ_ADDCAPABILITY)) @@ -2301,10 +2301,10 @@ void ImportKey() DWORD exitcode; { ptmp = UniGetContactSettingUtf(NULL, szGPGModuleName, "szHomePath", _T("")); - _tcscpy(tmp2, ptmp); + _tcsncpy(tmp2, ptmp, MAX_PATH-1); mir_free(ptmp); - _tcscat(tmp2, _T("\\")); - _tcscat(tmp2, _T("temporary_exported.asc")); + _tcsncat(tmp2, _T("\\"), MAX_PATH-1); + _tcsncat(tmp2, _T("temporary_exported.asc"), MAX_PATH-1); boost::filesystem::remove(tmp2); wfstream f(tmp2, std::ios::out); if(db_mc_isMeta(hContact)) diff --git a/plugins/New_GPG/src/messages.cpp b/plugins/New_GPG/src/messages.cpp index 8e0103d9c4..0971b32335 100755 --- a/plugins/New_GPG/src/messages.cpp +++ b/plugins/New_GPG/src/messages.cpp @@ -538,7 +538,7 @@ INT_PTR RecvMsgSvc(WPARAM w, LPARAM l) if(uin) { if( ProtoServiceExists(proto, PS_ICQ_CHECKCAPABILITY)) { ICQ_CUSTOMCAP cap = {0}; - strcpy(cap.caps, "GPG AutoExchange"); + strncpy(cap.caps, "GPGAutoExchange", sizeof(cap.caps)-1); if(ProtoCallService(proto, PS_ICQ_CHECKCAPABILITY, (WPARAM)ccs->hContact, (LPARAM)&cap)) { CallContactService(ccs->hContact, PSS_MESSAGE, PREF_UTF, (LPARAM)"-----PGP KEY REQUEST-----"); return 0; @@ -846,7 +846,7 @@ int HookSendMsg(WPARAM w, LPARAM l) if(bDebugLog) debuglog<<std::string(time_str()+": info(autoexchange, icq): checking for autoexchange icq capability, name: "+toUTF8((TCHAR*)CallService(MS_CLIST_GETCONTACTDISPLAYNAME, hContact, GCDNF_TCHAR))); ICQ_CUSTOMCAP cap = {0}; - strcpy(cap.caps, "GPG AutoExchange"); + strncpy(cap.caps, "GPGAutoExchange", sizeof(cap.caps)-1); if( ProtoCallService(proto, PS_ICQ_CHECKCAPABILITY, hContact, (LPARAM)&cap)) { if(bDebugLog) debuglog<<std::string(time_str()+": info(autoexchange, icq): sending key requiest, name: "+toUTF8((TCHAR*)CallService(MS_CLIST_GETCONTACTDISPLAYNAME, hContact, GCDNF_TCHAR))); @@ -905,7 +905,7 @@ int HookSendMsg(WPARAM w, LPARAM l) } if(isContactSecured(hContact) && (dbei->flags & DBEF_SENT)) //aggressive outgoing events filtering { - DWORD flags; + DWORD flags = 0; if((dbei->flags & DBEF_UTF) == DBEF_UTF) flags |= PREF_UTF; SendMsgSvc_func(hContact, (char*)dbei->pBlob, flags); @@ -1004,6 +1004,7 @@ static INT_PTR CALLBACK DlgProcKeyPassword(HWND hwndDlg, UINT msg, WPARAM wParam extern TCHAR *password; if(IsDlgButtonChecked(hwndDlg, IDC_SAVE_PASSWORD)) { + inkeyid = UniGetContactSettingUtf(new_key_hcnt, szGPGModuleName, "InKeyID", ""); if(inkeyid && inkeyid[0] && BST_UNCHECKED == IsDlgButtonChecked(hwndDlg, IDC_DEFAULT_PASSWORD)) { string dbsetting = "szKey_"; diff --git a/plugins/New_GPG/src/options.cpp b/plugins/New_GPG/src/options.cpp index 59c21f0a43..85665d22cb 100755 --- a/plugins/New_GPG/src/options.cpp +++ b/plugins/New_GPG/src/options.cpp @@ -360,19 +360,21 @@ static INT_PTR CALLBACK DlgProcGpgOpts(HWND hwndDlg, UINT msg, WPARAM wParam, LP MessageBox(0, msg, TranslateT("Error"), MB_OK);
GlobalFree(hMem);
}
- memcpy(szKey, str.c_str(), str.size());
- szKey[str.size()] = '\0';
- str.clear();
- EmptyClipboard();
- GlobalUnlock(hMem);
- if(!SetClipboardData(CF_OEMTEXT, hMem))
- {
- GlobalFree(hMem);
- TCHAR msg[64];
- mir_sntprintf(msg, SIZEOF(msg), TranslateT("Failed write to clipboard with error %d"), GetLastError());
- MessageBox(0, msg, TranslateT("Error"), MB_OK);
+ else {
+ memcpy(szKey, str.c_str(), str.size());
+ szKey[str.size()] = '\0';
+ str.clear();
+ EmptyClipboard();
+ GlobalUnlock(hMem);
+ if(!SetClipboardData(CF_OEMTEXT, hMem))
+ {
+ GlobalFree(hMem);
+ TCHAR msg[64];
+ mir_sntprintf(msg, SIZEOF(msg), TranslateT("Failed write to clipboard with error %d"), GetLastError());
+ MessageBox(0, msg, TranslateT("Error"), MB_OK);
+ }
+ CloseClipboard();
}
- CloseClipboard();
}
else
{
@@ -901,10 +903,10 @@ static INT_PTR CALLBACK DlgProcLoadPublicKey(HWND hwndDlg,UINT msg,WPARAM wParam {
MCONTACT hcnt = db_mc_tryMeta(hContact);
ptmp = UniGetContactSettingUtf(NULL, szGPGModuleName, "szHomePath", _T(""));
- _tcscpy(tmp2, ptmp);
+ _tcsncpy(tmp2, ptmp, MAX_PATH-1);
mir_free(ptmp);
- _tcscat(tmp2, _T("\\"));
- _tcscat(tmp2, _T("temporary_exported.asc"));
+ _tcsncat(tmp2, _T("\\"), MAX_PATH-1);
+ _tcsncat(tmp2, _T("temporary_exported.asc"), MAX_PATH-1);
boost::filesystem::remove(tmp2);
wfstream f(tmp2, std::ios::out);
ptmp = UniGetContactSettingUtf(hcnt, szGPGModuleName, "GPGPubKey", _T(""));
diff --git a/plugins/New_GPG/src/utilities.cpp b/plugins/New_GPG/src/utilities.cpp index 6fddc89a2e..ece87a569c 100755 --- a/plugins/New_GPG/src/utilities.cpp +++ b/plugins/New_GPG/src/utilities.cpp @@ -61,14 +61,14 @@ void GetFilePath(TCHAR *WindowTittle, char *szSetting, TCHAR *szExt, TCHAR *szEx ofn.lStructSize=CDSIZEOF_STRUCT(OPENFILENAME,lpTemplateName); ofn.Flags=OFN_EXPLORER; ofn.lpstrTitle=TranslateW(WindowTittle); - _tcscpy(filter,TranslateW(szExtDesc)); + _tcsncpy(filter,TranslateW(szExtDesc), SIZEOF(filter)-1); pfilter=filter+_tcslen(filter)+1; _tcscpy(pfilter, szExt); pfilter[_tcslen(pfilter)+1] = '\0'; pfilter[_tcslen(pfilter)+2] = '\0'; ofn.lpstrFilter=filter; tmp = UniGetContactSettingUtf(0, szGPGModuleName, szSetting, _T("")); - _tcscpy(str, tmp); + _tcsncpy(str, tmp, SIZEOF(str)-1); mir_free(tmp); if(_tcslen(str)< 2) str[0] = '\0'; @@ -439,6 +439,7 @@ int onProtoAck(WPARAM w, LPARAM l) boost::filesystem::remove(filename); mir_free(filename); } + mir_free(filename); } } break; @@ -544,7 +545,7 @@ INT_PTR onSendFile(WPARAM w, LPARAM l) if( ProtoServiceExists(proto, PS_ICQ_CHECKCAPABILITY)) { supported_proto = true; ICQ_CUSTOMCAP cap = {0}; - strcpy(cap.caps, "GPG FileTransfer"); + strncpy(cap.caps, "GPGFileTransfer",sizeof(cap.caps)-1); if( ProtoCallService(proto, PS_ICQ_CHECKCAPABILITY, (WPARAM)ccs->hContact, (LPARAM)&cap)) cap_found = true; } @@ -778,8 +779,7 @@ static JABBER_HANDLER_FUNC SendHandler(IJabberInterface *ji, HXML node, void *pU { char *proto = ji->GetModuleName(); char setting[64]; - strcpy(setting, proto); - strcat(setting, "_KeyID"); + mir_snprintf(setting, sizeof(setting)-1,"%s_KeyID",proto); inkeyid = UniGetContactSettingUtf(NULL, szGPGModuleName, setting, ""); if(!inkeyid[0]) { @@ -1860,10 +1860,10 @@ INT_PTR ImportGpGKeys(WPARAM w, LPARAM l) DWORD exitcode; { ptmp = UniGetContactSettingUtf(NULL, szGPGModuleName, "szHomePath", _T("")); - _tcscpy(tmp2, ptmp); + _tcsncpy(tmp2, ptmp, MAX_PATH-1); mir_free(ptmp); - _tcscat(tmp2, _T("\\")); - _tcscat(tmp2, _T("temporary_exported.asc")); + _tcsncat(tmp2, _T("\\"), MAX_PATH-1); + _tcsncat(tmp2, _T("temporary_exported.asc"), MAX_PATH-1); boost::filesystem::remove(tmp2); wfstream f(tmp2, std::ios::out); f<<toUTF16(key).c_str(); |