--- test/request.c (.../tags/0.30.2) (revision 2045)
+++ test/request.c (.../branches/0.30.x) (revision 2045)
@@ -902,8 +902,6 @@
ONREQ(ne_request_dispatch(req));
while ((cursor = ne_response_header_iterate(req, cursor, &name, &value))) {
- n = -1;
-
ONV(strncmp(name, "x-", 2) || strncmp(value, "Y-", 2)
|| strcmp(name + 2, value + 2)
|| (n = atoi(name + 2)) >= MANY_HEADERS
@@ -2358,6 +2356,21 @@
return await_server();
}
+static int safe_flags(void)
+{
+ ne_session *sess = ne_session_create("http", "localhost", 80);
+ ne_request *req = ne_request_create(sess, "GET", "/");
+
+ ne_set_request_flag(req, NE_REQFLAG_LAST, 0xAAAAAAAA);
+
+ ONN("flags array bound check failed", ne_get_session(req) != sess);
+
+ ne_request_destroy(req);
+ ne_session_destroy(sess);
+
+ return OK;
+}
+
/* TODO: test that ne_set_notifier(, NULL, NULL) DTRT too. */
ne_test tests[] = {
@@ -2451,5 +2464,6 @@
T(socks_fail),
T(fail_lookup),
T(fail_double_lookup),
+ T(safe_flags),
T(NULL)
};
--- test/lock.c (.../tags/0.30.2) (revision 2045)
+++ test/lock.c (.../branches/0.30.x) (revision 2045)
@@ -73,11 +73,13 @@
const char *token_href)
{
static char buf[BUFSIZ];
- sprintf(buf,
- "\n"
- ""
- "%s\n",
- activelock(scope, depth, owner, timeout, token_href));
+
+ ne_snprintf(buf, sizeof buf,
+ "\n"
+ ""
+ "%s\n",
+ activelock(scope, depth, owner, timeout, token_href));
+
return buf;
}
--- test/string-tests.c (.../tags/0.30.2) (revision 2045)
+++ test/string-tests.c (.../branches/0.30.x) (revision 2045)
@@ -320,7 +320,7 @@
{
char expect[200], actual[200];
- strncpy(expect, strerror(ENOENT), sizeof(expect));
+ strncpy(expect, strerror(ENOENT), sizeof(expect)-1);
ONN("ne_strerror did not return passed-in buffer",
ne_strerror(ENOENT, actual, sizeof(actual)) != actual);
--- test/util-tests.c (.../tags/0.30.2) (revision 2045)
+++ test/util-tests.c (.../branches/0.30.x) (revision 2045)
@@ -203,18 +203,24 @@
return OK;
}
-/* trigger segfaults in ne_rfc1036_parse() in <=0.24.5. */
-static int regress_dates(void)
+#define BAD_DATE(format, result) \
+ ONN(format " date parse must fail", result != -1)
+
+/* Test for bad dates; trigger segfaults in ne_rfc1036_parse() in
+ * <=0.24.5. */
+static int bad_dates(void)
{
static const char *dates[] = {
- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+ "Friday, 08-Jun-01",
};
size_t n;
for (n = 0; n < sizeof(dates)/sizeof(dates[0]); n++) {
- ne_rfc1036_parse(dates[n]);
- ne_iso8601_parse(dates[n]);
- ne_rfc1123_parse(dates[n]);
+ BAD_DATE("rfc1036", ne_rfc1036_parse(dates[n]));
+ BAD_DATE("iso8601", ne_iso8601_parse(dates[n]));
+ BAD_DATE("rfc1123", ne_rfc1123_parse(dates[n]));
+ BAD_DATE("asctime", ne_asctime_parse(dates[n]));
}
return OK;
@@ -303,7 +309,7 @@
T(md5),
T(md5_alignment),
T(parse_dates),
- T(regress_dates),
+ T(bad_dates),
T(versioning),
T(version_string),
T(support),
--- src/ne_dates.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_dates.c (.../branches/0.30.x) (revision 2045)
@@ -171,11 +171,12 @@
int n;
time_t result;
-/* it goes: Sun, 06 Nov 1994 08:49:37 GMT */
- n = sscanf(date, RFC1123_FORMAT,
- wkday, &gmt.tm_mday, mon, &gmt.tm_year, &gmt.tm_hour,
- &gmt.tm_min, &gmt.tm_sec);
- /* Is it portable to check n==7 here? */
+ /* it goes: Sun, 06 Nov 1994 08:49:37 GMT */
+ if (sscanf(date, RFC1123_FORMAT,
+ wkday, &gmt.tm_mday, mon, &gmt.tm_year, &gmt.tm_hour,
+ &gmt.tm_min, &gmt.tm_sec) != 7)
+ return (time_t) -1;
+
gmt.tm_year -= 1900;
for (n=0; n<12; n++)
if (strcmp(mon, short_months[n]) == 0)
@@ -204,7 +205,6 @@
return (time_t)-1;
}
- /* portable to check n here? */
for (n=0; n<12; n++)
if (strcmp(mon, short_months[n]) == 0)
break;
@@ -232,11 +232,12 @@
char wkday[4], mon[4];
time_t result;
- n = sscanf(date, ASCTIME_FORMAT,
- wkday, mon, &gmt.tm_mday,
- &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec,
- &gmt.tm_year);
- /* portable to check n here? */
+ if (sscanf(date, ASCTIME_FORMAT,
+ wkday, mon, &gmt.tm_mday,
+ &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec,
+ &gmt.tm_year) != 7)
+ return (time_t)-1;
+
for (n=0; n<12; n++)
if (strcmp(mon, short_months[n]) == 0)
break;
--- src/ne_locks.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_locks.c (.../branches/0.30.x) (revision 2045)
@@ -32,6 +32,7 @@
#ifdef HAVE_LIMITS_H
#include
#endif
+#include
#include /* for isdigit() */
@@ -332,6 +333,9 @@
for (item = store->locks; item != NULL; item = item->next)
if (item->lock == lock)
break;
+
+ /* API condition that lock is present in the store. */
+ assert(item);
if (item->prev != NULL) {
item->prev->next = item->next;
--- src/ne_session.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_session.c (.../branches/0.30.x) (revision 2045)
@@ -569,7 +569,8 @@
};
int n, flag = 0;
- strcpy(sess->error, _("Server certificate verification failed: "));
+ ne_strnzcpy(sess->error, _("Server certificate verification failed: "),
+ sizeof sess->error);
for (n = 0; reasons[n].bit; n++) {
if (failures & reasons[n].bit) {
--- src/ne_xml.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_xml.c (.../branches/0.30.x) (revision 2045)
@@ -576,7 +576,7 @@
if (p->bom_pos == 0) {
p->bom_pos = 3; /* no BOM */
} else if (p->bom_pos > 0 && p->bom_pos < 3) {
- strcpy(p->error, _("Invalid Byte Order Mark"));
+ ne_strnzcpy(p->error, _("Invalid Byte Order Mark"), sizeof p->error);
return p->failure = 1;
}
}
--- src/ne_request.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_request.c (.../branches/0.30.x) (revision 2045)
@@ -329,7 +329,7 @@
/* errno was set */
ne_strerror(errno, err, sizeof err);
} else {
- strcpy(err, _("offset invalid"));
+ ne_strnzcpy(err, _("offset invalid"), sizeof err);
}
ne_snprintf(offstr, sizeof offstr, "%" FMT_NE_OFF_T,
req->body.file.offset);
@@ -585,7 +585,7 @@
void ne_set_request_flag(ne_request *req, ne_request_flag flag, int value)
{
- if (flag < (ne_request_flag)NE_SESSFLAG_LAST) {
+ if (flag < (ne_request_flag)NE_REQFLAG_LAST) {
req->flags[flag] = value;
}
}
--- src/ne_socket.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_socket.c (.../branches/0.30.x) (revision 2045)
@@ -27,7 +27,7 @@
#include "config.h"
#include
-#ifdef HAVE_SYS_UIO_h
+#ifdef HAVE_SYS_UIO_H
#include /* writev(2) */
#endif
#ifdef HAVE_SYS_TIME_H
--- src/ne_openssl.c (.../tags/0.30.2) (revision 2045)
+++ src/ne_openssl.c (.../branches/0.30.x) (revision 2045)
@@ -1130,7 +1130,10 @@
return 0;
}
-#ifdef NE_HAVE_TS_SSL
+#if defined(NE_HAVE_TS_SSL) && OPENSSL_VERSION_NUMBER < 0x10101000L
+/* For OpenSSL 1.1.1 locking callbacks are no longer need at all. */
+#define WITH_OPENSSL_LOCKING (1)
+
/* Implementation of locking callbacks to make OpenSSL thread-safe.
* If the OpenSSL API was better designed, this wouldn't be necessary.
* In OpenSSL releases without CRYPTO_set_idptr_callback, it's not
@@ -1184,8 +1187,6 @@
}
}
-#endif
-
/* ID_CALLBACK_IS_{NEON,OTHER} evaluate as true if the currently
* registered OpenSSL ID callback is the neon function (_NEON), or has
* been overwritten by some other app (_OTHER). */
@@ -1196,6 +1197,8 @@
#define ID_CALLBACK_IS_OTHER (CRYPTO_get_id_callback() != NULL)
#define ID_CALLBACK_IS_NEON (CRYPTO_get_id_callback() == thread_id_neon)
#endif
+
+#endif /* NE_HAVE_TS_SSL && OPENSSL_VERSION_NUMBER < 1.1.1 */
int ne__ssl_init(void)
{
@@ -1205,7 +1208,7 @@
SSL_library_init();
OpenSSL_add_all_algorithms();
-#ifdef NE_HAVE_TS_SSL
+#ifdef WITH_OPENSSL_LOCKING
/* If some other library has already come along and set up the
* thread-safety callbacks, then it must be presumed that the
* other library will have a longer lifetime in the process than
@@ -1252,7 +1255,7 @@
/* Cannot call ERR_free_strings() etc here in case any other code
* in the process using OpenSSL. */
-#ifdef NE_HAVE_TS_SSL
+#ifdef WITH_OPENSSL_LOCKING
/* Only unregister the callbacks if some *other* library has not
* come along in the mean-time and trampled over the callbacks
* installed by neon. */