[prev in list] [next in list] [prev in thread] [next in thread]
List: privoxy-commits
Subject: [privoxy-commits] current gateway.c,1.19,1.20
From: noreply () sourceforge ! net
Date: 2007-05-14 10:23:52
Message-ID: E1HnXia-0003dG-7e () mail ! sourceforge ! net
[Download RAW message or body]
Update of /cvsroot/ijbswa/current
In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv31303
Modified Files:
gateway.c
Log Message:
- Use strlcpy() instead of strcpy().
- Use the same buffer for socks requests and socks responses.
- Fix bogus warning about web_server_addr being used uninitialized.
Index: gateway.c
===================================================================
RCS file: /cvsroot/ijbswa/current/gateway.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20
--- gateway.c 25 Jan 2007 14:09:45 -0000 1.19
+++ gateway.c 14 May 2007 10:23:48 -0000 1.20
@@ -34,6 +34,11 @@
*
* Revisions :
* $Log$
+ * Revision 1.20 2007/05/14 10:23:48 fabiankeil
+ * - Use strlcpy() instead of strcpy().
+ * - Use the same buffer for socks requests and socks responses.
+ * - Fix bogus warning about web_server_addr being used uninitialized.
+ *
* Revision 1.19 2007/01/25 14:09:45 fabiankeil
* - Save errors in socks4_connect() to csp->error_message.
* - Silence some gcc43 warnings, hopefully the right way.
@@ -139,6 +144,7 @@
#include <errno.h>
#include <string.h>
+#include "assert.h"
#ifdef _WIN32
#include <winsock2.h>
@@ -157,6 +163,7 @@
#include "errlog.h"
#include "jbsockets.h"
#include "gateway.h"
+#include "miscutil.h"
const char gateway_h_rcs[] = GATEWAY_H_VERSION;
@@ -177,7 +184,7 @@
unsigned char cd; /* command code */
unsigned char dstport[2]; /* destination port */
unsigned char dstip[4]; /* destination address */
- unsigned char userid; /* first byte of userid */
+ char userid; /* first byte of userid */
/* more bytes of the userid follow, terminated by a NULL */
};
@@ -276,10 +283,9 @@
struct client_state *csp)
{
int web_server_addr;
- char cbuf[BUFFER_SIZE];
- char sbuf[BUFFER_SIZE];
- struct socks_op *c = (struct socks_op *)cbuf;
- struct socks_reply *s = (struct socks_reply *)sbuf;
+ char buf[BUFFER_SIZE];
+ struct socks_op *c = (struct socks_op *)buf;
+ struct socks_reply *s = (struct socks_reply *)buf;
size_t n;
size_t csiz;
jb_socket sfd;
@@ -309,7 +315,7 @@
/* build a socks request for connection to the web server */
- strcpy((char *)&(c->userid), socks_userid);
+ strlcpy(&(c->userid), socks_userid, sizeof(buf) - sizeof(struct socks_op));
csiz = sizeof(*c) + sizeof(socks_userid) - 1;
@@ -327,7 +333,7 @@
case SOCKS_4A:
web_server_addr = 0x00000001;
n = csiz + strlen(target_host) + 1;
- if (n > sizeof(cbuf))
+ if (n > sizeof(buf))
{
errno = EINVAL;
errstr = "buffer cbuf too small.";
@@ -336,7 +342,17 @@
}
else
{
- strcpy(cbuf + csiz, target_host);
+ strlcpy(buf + csiz, target_host, sizeof(buf) - sizeof(struct socks_op) - csiz);
+ /*
+ * What we forward to the socks4a server should have the
+ * size of socks_op, plus the length of the userid plus
+ * its \0 byte (which we don't have to add because the
+ * first byte of the userid is counted twice as it's also
+ * part of sock_op), plus the length of the target_host
+ * (which is stored csiz bytes after the beginning of the buffer),
+ * plus another \0 byte.
+ */
+ assert(n == sizeof(struct socks_op) + strlen(&(c->userid)) + strlen(buf + csiz) + 1);
csiz = n;
}
break;
@@ -345,6 +361,7 @@
log_error(LOG_LEVEL_FATAL,
"socks4_connect: SOCKS4 impossible internal error - bad SOCKS type.");
/* Not reached */
+ return(JB_INVALID_SOCKET);
}
if (err)
@@ -355,7 +372,6 @@
c->vn = 4;
c->cd = 1;
- /* XXX: these casts surpress gcc43 warnings, but are they correct? */
c->dstport[0] = (unsigned char)((target_port >> 8 ) & 0xff);
c->dstport[1] = (unsigned char)((target_port ) & 0xff);
c->dstip[0] = (unsigned char)((web_server_addr >> 24 ) & 0xff);
@@ -369,7 +385,7 @@
if (sfd == JB_INVALID_SOCKET)
{
/*
- * XXX: connect_to could fill in the exact reason.
+ * XXX: connect_to should fill in the exact reason.
* Most likely resolving the IP of the forwarder failed.
*/
errstr = "connect_to failed: see logfile for details";
@@ -382,7 +398,7 @@
err = 1;
close_socket(sfd);
}
- else if (read_socket(sfd, sbuf, sizeof(sbuf)) != sizeof(*s))
+ else if (read_socket(sfd, buf, sizeof(buf)) != sizeof(*s))
{
errstr = "SOCKS4 negotiation read failed.";
log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
@@ -418,9 +434,9 @@
break;
default:
errno = ENOENT;
- snprintf(cbuf, sizeof(cbuf),
- "SOCKS request rejected for reason code %d.", s->cd);
- errstr = cbuf;
+ snprintf(buf, sizeof(buf),
+ "SOCKS request rejected for reason code %d.", s->cd);
+ errstr = buf;
}
log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ijbswa-commits mailing list
ijbswa-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ijbswa-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic