1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
$NetBSD: patch-az,v 1.1 2007/07/19 00:43:43 lkundrak Exp $
Part of a fix for CVE-2007-3713.
--- src/hooks/yahoohook.cc.orig 2007-07-19 02:24:38.000000000 +0200
+++ src/hooks/yahoohook.cc
@@ -47,6 +47,8 @@
#define PERIOD_REFRESH 60
#define PERIOD_CLOSE 6
+#define NOTIFBUF 512
+
int yahoohook::yfd::connection_tags = 0;
char pager_host[255], pager_port[255], filetransfer_host[255],
@@ -844,7 +846,7 @@ void yahoohook::got_conf_invite(int id,
icqconf::imaccount acc = conf.getourid(yahoo);
string confname = (string) "#" + room, inviter, text;
vector<string>::iterator ic;
- char buf[1024];
+ char buf[NOTIFBUF];
int i;
imcontact cont(confname, yahoo);
@@ -856,10 +858,11 @@ void yahoohook::got_conf_invite(int id,
inviter.erase(i);
}
- sprintf(buf, _("The user %s has invited you to the %s conference, the topic there is: %s"),
+ snprintf(buf, NOTIFBUF, _("The user %s has invited you to the %s conference, the topic there is: %s"),
yhook.rusconv("wk", inviter).c_str(),
yhook.rusconv("wk", room).c_str(),
yhook.rusconv("wk", msg).c_str());
+ buf[NOTIFBUF-1] = '\0';
text = (string) buf + "\n\n" + _("Current conference members are: ");
yhook.confmembers[room].push_back(inviter);
@@ -888,20 +891,22 @@ void yahoohook::got_conf_invite(int id,
void yahoohook::conf_userdecline(int id, char *who, char *room, char *msg) {
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
- char buf[512];
+ char buf[NOTIFBUF];
if(c) {
- sprintf(buf, _("The user %s has declined your invitation to join the conference"), who);
+ snprintf(buf, NOTIFBUF, _("The user %s has declined your invitation to join the conference"), who);
+ buf[NOTIFBUF-1] = '\0';
em.store(imnotification(c, buf));
}
}
void yahoohook::conf_userjoin(int id, char *who, char *room) {
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
- char buf[512];
+ char buf[NOTIFBUF];
if(c) {
- sprintf(buf, _("The user %s has joined the conference"), who);
+ snprintf(buf, NOTIFBUF, _("The user %s has joined the conference"), who);
+ buf[NOTIFBUF-1] = '\0';
if(find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who) == yhook.confmembers[room].end())
yhook.confmembers[room].push_back(who);
@@ -912,11 +917,12 @@ void yahoohook::conf_userjoin(int id, ch
void yahoohook::conf_userleave(int id, char *who, char *room) {
icqcontact *c = clist.get(imcontact((string) "#" + room, yahoo));
- char buf[512];
+ char buf[NOTIFBUF];
vector<string>::iterator im;
if(c) {
- sprintf(buf, _("The user %s has left the conference"), who);
+ snprintf(buf, NOTIFBUF, _("The user %s has left the conference"), who);
+ buf[NOTIFBUF-1] = '\0';
em.store(imnotification(c, buf));
im = find(yhook.confmembers[room].begin(), yhook.confmembers[room].end(), who);
@@ -981,10 +987,11 @@ void yahoohook::game_notify(int id, char
}
void yahoohook::mail_notify(int id, char *from, char *subj, int cnt) {
- char buf[1024];
+ char buf[NOTIFBUF];
if(from && subj) {
- sprintf(buf, _("+ [yahoo] e-mail from %s, %s"), from, subj);
+ snprintf(buf, NOTIFBUF, _("+ [yahoo] e-mail from %s, %s"), from, subj);
+ buf[NOTIFBUF-1] = '\0';
face.log(buf);
clist.get(contactroot)->playsound(imevent::email);
}
@@ -1138,11 +1145,12 @@ void yahoohook::webcam_data_request(int
int yahoohook::ylog(char *fmt, ...) {
if(conf.getdebug()) {
- char buf[512];
+ char buf[NOTIFBUF];
va_list ap;
va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
+ vsnprintf(buf, NOTIFBUF, fmt, ap);
+ buf[NOTIFBUF-1] = '\0';
va_end(ap);
face.log(buf);
|
