Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
weechat.7308
weechat-CVE-2017-14727.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File weechat-CVE-2017-14727.patch of Package weechat.7308
From f105c6f0b56fb5687b2d2aedf37cb1d1b434d556 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= <flashcode@flashtux.org> Date: Sat, 23 Sep 2017 09:36:09 +0200 Subject: [PATCH] logger: call strftime before replacing buffer local variables --- src/plugins/logger/logger.c | 88 ++++++++++++++++++++++----------------------- 2 files changed, 51 insertions(+), 44 deletions(-) Index: weechat-1.5/src/plugins/logger/logger.c =================================================================== --- weechat-1.5.orig/src/plugins/logger/logger.c +++ weechat-1.5/src/plugins/logger/logger.c @@ -296,71 +296,71 @@ logger_get_mask_for_buffer (struct t_gui char * logger_get_mask_expanded (struct t_gui_buffer *buffer, const char *mask) { - char *mask2, *mask_decoded, *mask_decoded2, *mask_decoded3, *mask_decoded4; - char *mask_decoded5; + char *mask2, *mask3, *mask4, *mask5, *mask6, *mask7; const char *dir_separator; int length; time_t seconds; struct tm *date_tmp; mask2 = NULL; - mask_decoded = NULL; - mask_decoded2 = NULL; - mask_decoded3 = NULL; - mask_decoded4 = NULL; - mask_decoded5 = NULL; + mask3 = NULL; + mask4 = NULL; + mask5 = NULL; + mask6 = NULL; + mask7 = NULL; dir_separator = weechat_info_get ("dir_separator", ""); if (!dir_separator) return NULL; + /* replace date/time specifiers in mask */ + length = strlen (mask) + 256 + 1; + mask2 = malloc (length); + if (!mask2) + goto end; + seconds = time (NULL); + date_tmp = localtime (&seconds); + mask2[0] = '\0'; + if (strftime (mask2, length - 1, mask, date_tmp) == 0) + mask2[0] = '\0'; + /* * we first replace directory separator (commonly '/') by \01 because * buffer mask can contain this char, and will be replaced by replacement * char ('_' by default) */ - mask2 = weechat_string_replace (mask, dir_separator, "\01"); - if (!mask2) + mask3 = weechat_string_replace (mask2, dir_separator, "\01"); + if (!mask3) goto end; - mask_decoded = weechat_buffer_string_replace_local_var (buffer, mask2); - if (!mask_decoded) + mask4 = weechat_buffer_string_replace_local_var (buffer, mask3); + if (!mask4) goto end; - mask_decoded2 = weechat_string_replace (mask_decoded, - dir_separator, - weechat_config_string (logger_config_file_replacement_char)); - if (!mask_decoded2) + mask5 = weechat_string_replace (mask4, + dir_separator, + weechat_config_string (logger_config_file_replacement_char)); + if (!mask5) goto end; #ifdef __CYGWIN__ - mask_decoded3 = weechat_string_replace (mask_decoded2, "\\", - weechat_config_string (logger_config_file_replacement_char)); + mask6 = weechat_string_replace (mask5, "\\", + weechat_config_string (logger_config_file_replacement_char)); #else - mask_decoded3 = strdup (mask_decoded2); + mask6 = strdup (mask5); #endif /* __CYGWIN__ */ - if (!mask_decoded3) + if (!mask6) goto end; /* restore directory separator */ - mask_decoded4 = weechat_string_replace (mask_decoded3, - "\01", dir_separator); - if (!mask_decoded4) - goto end; - - /* replace date/time specifiers in mask */ - length = strlen (mask_decoded4) + 256 + 1; - mask_decoded5 = malloc (length); - if (!mask_decoded5) + mask7 = weechat_string_replace (mask6, + "\01", dir_separator); + if (!mask7) goto end; - seconds = time (NULL); - date_tmp = localtime (&seconds); - mask_decoded5[0] = '\0'; - strftime (mask_decoded5, length - 1, mask_decoded4, date_tmp); /* convert to lower case? */ if (weechat_config_boolean (logger_config_file_name_lower_case)) - weechat_string_tolower (mask_decoded5); + weechat_string_tolower (mask7); if (weechat_logger_plugin->debug) { @@ -370,22 +370,22 @@ logger_get_mask_expanded (struct t_gui_b "decoded mask = \"%s\"", LOGGER_PLUGIN_NAME, weechat_buffer_get_string (buffer, "name"), - mask, mask_decoded5); + mask, mask7); } end: if (mask2) free (mask2); - if (mask_decoded) - free (mask_decoded); - if (mask_decoded2) - free (mask_decoded2); - if (mask_decoded3) - free (mask_decoded3); - if (mask_decoded4) - free (mask_decoded4); + if (mask3) + free (mask3); + if (mask4) + free (mask4); + if (mask5) + free (mask5); + if (mask6) + free (mask6); - return mask_decoded5; + return mask7; } /*
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
