[1294] in BarnOwl Developers


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[nelhage/barnowl] 841286: zcrypt.c: Fix an unsafe use of sprintf()

daemon@ATHENA.MIT.EDU (noreply@github.com)
Thu Oct 29 18:15:04 2009

Resent-From: nelhage@mit.edu
Resent-To: barnowl-dev-mtg@charon.mit.edu
X-Original-To: nelhage@lunatique.mit.edu
Date: Fri, 13 Feb 2009 09:09:00 -0800
To: dirty-owl-hackers@mit.edu
From: noreply@github.com

Branch: refs/heads/master
Home:   http://github.com/nelhage/barnowl

Commit: 8412869342784413be6107a419653629f690937d
    http://github.com/nelhage/barnowl/commit/8412869342784413be6107a419653629f690937d
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M zcrypt.c

Log Message:
-----------
zcrypt.c: Fix an unsafe use of sprintf()

Reported-By: Geoffrey Thomas <geofft@mit.edu>


Commit: 44a61ac15684e9f1582a2db5dc5e03ddfebc3b6a
    http://github.com/nelhage/barnowl/commit/44a61ac15684e9f1582a2db5dc5e03ddfebc3b6a
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M zwrite.c

Log Message:
-----------
zwrite.c: Fix an unsafe use of sprintf.

Reported-By: Geoffrey Thomas <geofft@mit.edu>


Commit: 2101a50abccf1b8aea7fb4a158a56c08358fe1d1
    http://github.com/nelhage/barnowl/commit/2101a50abccf1b8aea7fb4a158a56c08358fe1d1
Author: Geoffrey Thomas <geofft@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_about: suppress unsafe use of sprintf/strcat


Commit: 14903270d4a34ee12357613525f0870544bc6915
    http://github.com/nelhage/barnowl/commit/14903270d4a34ee12357613525f0870544bc6915
Author: Geoffrey Thomas <geofft@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M fmtext.c

Log Message:
-----------
fmtext.c: Add owl_fmtext_appendf_normal.


Commit: 28fa23c1162940f75a7e835c9c19de7eac3e33b5
    http://github.com/nelhage/barnowl/commit/28fa23c1162940f75a7e835c9c19de7eac3e33b5
Author: Geoffrey Thomas <geofft@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M owl.c

Log Message:
-----------
main: Avoid using strcpy/strcat/sprintf in the intro message


Commit: 57609b3f1199ff6617621004e3d4345b62d3bd37
    http://github.com/nelhage/barnowl/commit/57609b3f1199ff6617621004e3d4345b62d3bd37
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_info: Clean up code using owl_fmtext_appendf_normal

This replaces the awkward and potentially unsafe use of sprintf
previously present here.


Commit: c1d166bbcb08199f42be384498cdad0a6db5e98b
    http://github.com/nelhage/barnowl/commit/c1d166bbcb08199f42be384498cdad0a6db5e98b
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
functions.c: Remove some more sprintf()s

Fix owl_function_show_status and owl_function_show_term() this time.


Commit: a0e60820df0c850a172eae07d8e89c6172c55f16
    http://github.com/nelhage/barnowl/commit/a0e60820df0c850a172eae07d8e89c6172c55f16
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_classinstfilt: Replace sprintf with owl_sprintf.

The old code should be safe, but this is cleaner and more obviously
correct.


Commit: c894c15c0ffd1972f8214e7c8bb25629c61c2ea9
    http://github.com/nelhage/barnowl/commit/c894c15c0ffd1972f8214e7c8bb25629c61c2ea9
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_zpunt: Replace sprintf with owl_sprintf


Commit: 99b50a5e32e22a9d4f38cb502932d6091ae8a9a2
    http://github.com/nelhage/barnowl/commit/99b50a5e32e22a9d4f38cb502932d6091ae8a9a2
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_buddylist: Replace sprintf() usages.


Commit: 3538bc830c1df0c19db4822a5a80f2e421778b97
    http://github.com/nelhage/barnowl/commit/3538bc830c1df0c19db4822a5a80f2e421778b97
Author: Sam Hartman <hartmans@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M zwrite.c

Log Message:
-----------
zwrite.c: toline should not use sprintf

The construction of toline uses sprintf without bounds checking.
Use dynamic allocation.


Commit: 823671cd845781e426dcfdb50f582d386452c05e
    http://github.com/nelhage/barnowl/commit/823671cd845781e426dcfdb50f582d386452c05e
Author: Sam Hartman <hartmans@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M zwrite.c

Log Message:
-----------
owl_zwrite_send_message: avoid buffer overflow with to

The variable to was set up with sprintf without bounds checking; use
dynamic allocation.


Commit: f34dd65b3adbc2eedc045a674dd89b7e20257680
    http://github.com/nelhage/barnowl/commit/f34dd65b3adbc2eedc045a674dd89b7e20257680
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M commands.c
  M filter.c
  M functions.c
  M global.c
  M list.c
  M message.c
  M owl.h
  M popwin.c
  M text.c
  M util.c
  M zcrypt.c

Log Message:
-----------
Kill a whole bunch of unused code.

I generated a list of dead functions by building with
-ffunction-sections and linking with -Wl,--gc-sections
-Wl,--print-gc-sections

I kept a number of functions that seemed to be logical parts of an
existing API, as well as stuff in varstubs.c, since that file is
autogenerated.


Commit: 7980fb22b580a817071e84e4ebe943d3f9a1fdf4
    http://github.com/nelhage/barnowl/commit/7980fb22b580a817071e84e4ebe943d3f9a1fdf4
Author: Alejandro R. Sedeño <asedeno@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_zpunt: Actually populate recipexpr when recip isn't '*'


Commit: b4c270c6f471826e40ad97087ba3c912dcfad7fc
    http://github.com/nelhage/barnowl/commit/b4c270c6f471826e40ad97087ba3c912dcfad7fc
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M functions.c

Log Message:
-----------
owl_function_printallvars: Use a GString instead of a static buffer.


Commit: f2fc5ad1fa640c326b05815eb504138838c9c81b
    http://github.com/nelhage/barnowl/commit/f2fc5ad1fa640c326b05815eb504138838c9c81b
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M ChangeLog
  M owl.h

Log Message:
-----------
1.0.4.1


Commit: eef5b52cf6bbd5d69dc97ee6e40a0a8b42f910a9
    http://github.com/nelhage/barnowl/commit/eef5b52cf6bbd5d69dc97ee6e40a0a8b42f910a9
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-11 (Wed, 11 Feb 2009)

Changed paths:
  M ChangeLog
  M owl.h

Log Message:
-----------
BarnOwl 1.0.5


Commit: 308ace3446cf38b8bc0c2ef84d3539ef775c0456
    http://github.com/nelhage/barnowl/commit/308ace3446cf38b8bc0c2ef84d3539ef775c0456
Author: Nelson Elhage <nelhage@mit.edu>
Date:   2009-02-13 (Fri, 13 Feb 2009)

Changed paths:
  M ChangeLog
  M owl.h

Log Message:
-----------
Bump the version to 1.0.6 for development.

Doing the version bump now is probably a better practice than doing it
just before the relase.

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[1294] in BarnOwl Developers

[nelhage/barnowl] 841286: zcrypt.c: Fix an unsafe use of sprintf()

daemon@ATHENA.MIT.EDU (noreply@github.com)Thu Oct 29 18:15:04 2009

daemon@ATHENA.MIT.EDU (noreply@github.com)
Thu Oct 29 18:15:04 2009
