[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cvs-cvs] ccvs/src ChangeLog client.c [cvs1-11-x-branch]
|
From: |
Derek Robert Price |
|
Subject: |
[Cvs-cvs] ccvs/src ChangeLog client.c [cvs1-11-x-branch] |
|
Date: |
Fri, 07 Apr 2006 14:51:59 +0000 |
CVSROOT: /cvsroot/cvs
Module name: ccvs
Branch: cvs1-11-x-branch
Changes by: Derek Robert Price <address@hidden> 06/04/07 14:51:58
Modified files:
src : ChangeLog client.c
Log message:
* client.c (read_counted_file, update_entries, handle_mbinary): Check
for errors when parsing protocol input. Remove FIXME.
(Thanks to a report from Brendan Harrison
<address@hidden>.)
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/cvs/ccvs/src/ChangeLog.diff?only_with_tag=cvs1-11-x-branch&tr1=1.2336.2.435&tr2=1.2336.2.436&r1=text&r2=text
http://cvs.savannah.gnu.org/viewcvs/cvs/ccvs/src/client.c.diff?only_with_tag=cvs1-11-x-branch&tr1=1.318.4.34&tr2=1.318.4.35&r1=text&r2=text
Patches:
Index: ccvs/src/ChangeLog
diff -u ccvs/src/ChangeLog:1.2336.2.435 ccvs/src/ChangeLog:1.2336.2.436
--- ccvs/src/ChangeLog:1.2336.2.435 Fri Apr 7 14:42:50 2006
+++ ccvs/src/ChangeLog Fri Apr 7 14:51:58 2006
@@ -1,5 +1,10 @@
2006-04-07 Derek Price <address@hidden>
+ * client.c (read_counted_file, update_entries, handle_mbinary): Check
+ for errors when parsing protocol input. Remove FIXME.
+ (Thanks to a report from Brendan Harrison
+ <address@hidden>.)
+
* client.c (send_a_repository): Add assertion.
(Thanks to an incorrect report from Brendan Harrison
<address@hidden>.)
Index: ccvs/src/client.c
diff -u ccvs/src/client.c:1.318.4.34 ccvs/src/client.c:1.318.4.35
--- ccvs/src/client.c:1.318.4.34 Fri Apr 7 14:42:50 2006
+++ ccvs/src/client.c Fri Apr 7 14:51:58 2006
@@ -1490,9 +1490,22 @@
if (size_string[0] == 'z')
error (1, 0, "\
protocol error: compressed files not supported for that operation");
- /* FIXME: should be doing more error checking, probably. Like using
- strtoul and making sure we used up the whole line. */
- size = atoi (size_string);
+
+ {
+ long tmp;
+ char *endptr;
+ tmp = strtoul (size_string, &endptr, 0);
+ if (tmp == ULONG_MAX || endptr == size_string)
+ error (1, tmp == ULONG_MAX ? errno : 0,
+ "Server sent invalid file size `%s'", size_string);
+ if (*endptr != '\0')
+ error (1, 0,
+ "Server sent trailing characters in file size `%s'",
+ endptr);
+ if (tmp > SIZE_MAX)
+ error (1, 0, "Server sent file size exceeding client max.");
+ size = (size_t)tmp;
+ }
free (size_string);
/* A more sophisticated implementation would use only a limited amount
@@ -1774,11 +1787,12 @@
{
char *size_string;
char *mode_string;
- int size;
+ size_t size;
char *buf;
char *temp_filename;
int use_gzip;
int patch_failed;
+ char *s;
read_line (&mode_string);
@@ -1786,12 +1800,27 @@
if (size_string[0] == 'z')
{
use_gzip = 1;
- size = atoi (size_string+1);
+ s = size_string + 1;
}
else
{
use_gzip = 0;
- size = atoi (size_string);
+ s = size_string;
+ }
+ {
+ long tmp;
+ char *endptr;
+ tmp = strtoul (s, &endptr, 0);
+ if (tmp == ULONG_MAX || endptr == s)
+ error (1, tmp == ULONG_MAX ? errno : 0,
+ "Server sent invalid file size `%s'", size_string);
+ if (*endptr != '\0')
+ error (1, 0,
+ "Server sent trailing characters in file size `%s'",
+ endptr);
+ if (tmp > SIZE_MAX)
+ error (1, 0, "Server sent file size exceeding client max.");
+ size = (size_t)tmp;
}
free (size_string);
@@ -3067,7 +3096,21 @@
/* Get the size. */
read_line (&size_string);
- size = atoi (size_string);
+ {
+ long tmp;
+ char *endptr;
+ tmp = strtoul (size_string, &endptr, 0);
+ if (tmp == ULONG_MAX || endptr == size_string)
+ error (1, tmp == ULONG_MAX ? errno : 0,
+ "Server sent invalid file size `%s'", size_string);
+ if (*endptr != '\0')
+ error (1, 0,
+ "Server sent trailing characters in file size `%s'",
+ endptr);
+ if (tmp > SIZE_MAX)
+ error (1, 0, "Server sent file size exceeding client max.");
+ size = (size_t)tmp;
+ }
free (size_string);
/* OK, now get all the data. The algorithm here is that we read