icheck path truncation - stagit-gopher - A git gopher frontend. (mirror) Err bitreich.org 70 hgit clone git://bitreich.org/stagit-gopher/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/stagit-gopher/ URL:git://bitreich.org/stagit-gopher/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/stagit-gopher/ bitreich.org 70 1Log /scm/stagit-gopher/log.gph bitreich.org 70 1Files /scm/stagit-gopher/files.gph bitreich.org 70 1Refs /scm/stagit-gopher/refs.gph bitreich.org 70 1Tags /scm/stagit-gopher/tag bitreich.org 70 1README /scm/stagit-gopher/file/README.gph bitreich.org 70 1LICENSE /scm/stagit-gopher/file/LICENSE.gph bitreich.org 70 i--- Err bitreich.org 70 1commit ad22404903d25e126d97635b01cecb7be33bfd69 /scm/stagit-gopher/commit/ad22404903d25e126d97635b01cecb7be33bfd69.gph bitreich.org 70 1parent f4f53c577eb86d4e65494270a9cf259b27ea22b9 /scm/stagit-gopher/commit/f4f53c577eb86d4e65494270a9cf259b27ea22b9.gph bitreich.org 70 hAuthor: Hiltjo Posthuma URL:mailto:hiltjo@codemadness.org bitreich.org 70 iDate: Wed, 24 Feb 2016 14:47:20 +0100 Err bitreich.org 70 i Err bitreich.org 70 icheck path truncation Err bitreich.org 70 i Err bitreich.org 70 ibe strict about it Err bitreich.org 70 i Err bitreich.org 70 iDiffstat: Err bitreich.org 70 i M TODO | 2 -- Err bitreich.org 70 i M stagit-index.c | 24 ++++++++++++++++++------ Err bitreich.org 70 i M stagit.c | 55 +++++++++++++++++++++---------- Err bitreich.org 70 i Err bitreich.org 70 i3 files changed, 56 insertions(+), 25 deletions(-) Err bitreich.org 70 i--- Err bitreich.org 70 1diff --git a/TODO b/TODO /scm/stagit-gopher/file/TODO.gph bitreich.org 70 i@@ -1,5 +1,3 @@ Err bitreich.org 70 i-check path truncation? snprintf(), strlcpy. Err bitreich.org 70 i- Err bitreich.org 70 i performance: Err bitreich.org 70 i - optimize git_diff_get_stats. Err bitreich.org 70 i - speed up generating files. Err bitreich.org 70 1diff --git a/stagit-index.c b/stagit-index.c /scm/stagit-gopher/file/stagit-index.c.gph bitreich.org 70 i@@ -178,7 +178,7 @@ main(int argc, char *argv[]) Err bitreich.org 70 i const git_error *e = NULL; Err bitreich.org 70 i FILE *fp; Err bitreich.org 70 i char path[PATH_MAX], *p; Err bitreich.org 70 i- int i, ret = 0; Err bitreich.org 70 i+ int i, r, ret = 0; Err bitreich.org 70 i Err bitreich.org 70 i if (argc < 2) { Err bitreich.org 70 i fprintf(stderr, "%s [repodir...]\n", argv[0]); Err bitreich.org 70 i@@ -199,18 +199,24 @@ main(int argc, char *argv[]) Err bitreich.org 70 i continue; Err bitreich.org 70 i } Err bitreich.org 70 i Err bitreich.org 70 i- /* use directory name as name */ Err bitreich.org 70 i+ /* use directory name as name, truncation of name is no problem. */ Err bitreich.org 70 i p = xbasename(repodir); Err bitreich.org 70 i snprintf(name, sizeof(name), "%s", p); Err bitreich.org 70 i free(p); Err bitreich.org 70 i Err bitreich.org 70 i /* read description or .git/description */ Err bitreich.org 70 i description[0] = '\0'; Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "description"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "description"); Err bitreich.org 70 i if (!(fp = fopen(path, "r"))) { Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/description"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/description"); Err bitreich.org 70 i fp = fopen(path, "r"); Err bitreich.org 70 i } Err bitreich.org 70 i if (fp) { Err bitreich.org 70 i@@ -221,11 +227,17 @@ main(int argc, char *argv[]) Err bitreich.org 70 i Err bitreich.org 70 i /* read owner or .git/owner */ Err bitreich.org 70 i owner[0] = '\0'; Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "owner"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "owner"); Err bitreich.org 70 i if (!(fp = fopen(path, "r"))) { Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/owner"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/owner"); Err bitreich.org 70 i fp = fopen(path, "r"); Err bitreich.org 70 i } Err bitreich.org 70 i if (fp) { Err bitreich.org 70 1diff --git a/stagit.c b/stagit.c /scm/stagit-gopher/file/stagit.c.gph bitreich.org 70 i@@ -188,7 +188,8 @@ mkdirp(const char *path) Err bitreich.org 70 i { Err bitreich.org 70 i char tmp[PATH_MAX], *p; Err bitreich.org 70 i Err bitreich.org 70 i- strlcpy(tmp, path, sizeof(tmp)); Err bitreich.org 70 i+ if (strlcpy(tmp, path, sizeof(tmp)) >= sizeof(tmp)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s'", path); Err bitreich.org 70 i for (p = tmp + (tmp[0] == '/'); *p; p++) { Err bitreich.org 70 i if (*p != '/') Err bitreich.org 70 i continue; Err bitreich.org 70 i@@ -426,6 +427,7 @@ writelog(FILE *fp, const git_oid *oid) Err bitreich.org 70 i size_t len; Err bitreich.org 70 i char path[PATH_MAX]; Err bitreich.org 70 i FILE *fpfile; Err bitreich.org 70 i+ int r; Err bitreich.org 70 i Err bitreich.org 70 i git_revwalk_new(&w, repo); Err bitreich.org 70 i git_revwalk_push(w, oid); Err bitreich.org 70 i@@ -469,7 +471,10 @@ writelog(FILE *fp, const git_oid *oid) Err bitreich.org 70 i Err bitreich.org 70 i relpath = "../"; Err bitreich.org 70 i Err bitreich.org 70 i- snprintf(path, sizeof(path), "commit/%s.html", ci->oid); Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "commit/%s.html", ci->oid); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: 'commit/%s.html'", ci->oid); Err bitreich.org 70 i+ Err bitreich.org 70 i /* check if file exists if so skip it */ Err bitreich.org 70 i if (access(path, F_OK)) { Err bitreich.org 70 i fpfile = efopen(path, "w"); Err bitreich.org 70 i@@ -591,8 +596,8 @@ writeblob(git_object *obj, const char *fpath, const char *filename, git_off_t fi Err bitreich.org 70 i Err bitreich.org 70 i p = fpath; Err bitreich.org 70 i while (*p) { Err bitreich.org 70 i- if (*p == '/') Err bitreich.org 70 i- strlcat(tmp, "../", sizeof(tmp)); Err bitreich.org 70 i+ if (*p == '/' && strlcat(tmp, "../", sizeof(tmp)) >= sizeof(tmp)) Err bitreich.org 70 i+ errx(1, "path truncated: '../%s'", tmp); Err bitreich.org 70 i p++; Err bitreich.org 70 i } Err bitreich.org 70 i relpath = tmp; Err bitreich.org 70 i@@ -670,7 +675,7 @@ writefilestree(FILE *fp, git_tree *tree, const char *branch, const char *path) Err bitreich.org 70 i git_object *obj = NULL; Err bitreich.org 70 i git_off_t filesize; Err bitreich.org 70 i size_t count, i; Err bitreich.org 70 i- int lc, ret; Err bitreich.org 70 i+ int lc, r, ret; Err bitreich.org 70 i Err bitreich.org 70 i count = git_tree_entrycount(tree); Err bitreich.org 70 i for (i = 0; i < count; i++) { Err bitreich.org 70 i@@ -678,8 +683,11 @@ writefilestree(FILE *fp, git_tree *tree, const char *branch, const char *path) Err bitreich.org 70 i git_tree_entry_to_object(&obj, repo, entry)) Err bitreich.org 70 i return -1; Err bitreich.org 70 i entryname = git_tree_entry_name(entry); Err bitreich.org 70 i- snprintf(entrypath, sizeof(entrypath), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(entrypath, sizeof(entrypath), "%s%s%s", Err bitreich.org 70 i path, path[0] ? "/" : "", entryname); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(entrypath)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ path, path[0] ? "/" : "", entryname); Err bitreich.org 70 i switch (git_object_type(obj)) { Err bitreich.org 70 i case GIT_OBJ_BLOB: Err bitreich.org 70 i break; Err bitreich.org 70 i@@ -695,12 +703,13 @@ writefilestree(FILE *fp, git_tree *tree, const char *branch, const char *path) Err bitreich.org 70 i git_object_free(obj); Err bitreich.org 70 i continue; Err bitreich.org 70 i } Err bitreich.org 70 i- if (path[0]) Err bitreich.org 70 i- snprintf(filepath, sizeof(filepath), "file/%s/%s.html", Err bitreich.org 70 i- path, entryname); Err bitreich.org 70 i- else Err bitreich.org 70 i- snprintf(filepath, sizeof(filepath), "file/%s.html", Err bitreich.org 70 i- entryname); Err bitreich.org 70 i+ Err bitreich.org 70 i+ r = snprintf(filepath, sizeof(filepath), "file/%s%s%s.html", Err bitreich.org 70 i+ path, path[0] ? "/" : "", entryname); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(filepath)) Err bitreich.org 70 i+ errx(1, "path truncated: 'file/%s%s%s.html'", Err bitreich.org 70 i+ path, path[0] ? "/" : "", entryname); Err bitreich.org 70 i+ Err bitreich.org 70 i filesize = git_blob_rawsize((git_blob *)obj); Err bitreich.org 70 i Err bitreich.org 70 i lc = writeblob(obj, filepath, entryname, filesize); Err bitreich.org 70 i@@ -868,7 +877,7 @@ main(int argc, char *argv[]) Err bitreich.org 70 i const git_error *e = NULL; Err bitreich.org 70 i FILE *fp, *fpread; Err bitreich.org 70 i char path[PATH_MAX], *p; Err bitreich.org 70 i- int status; Err bitreich.org 70 i+ int r, status; Err bitreich.org 70 i Err bitreich.org 70 i if (argc != 2) { Err bitreich.org 70 i fprintf(stderr, "%s \n", argv[0]); Err bitreich.org 70 i@@ -902,11 +911,17 @@ main(int argc, char *argv[]) Err bitreich.org 70 i *p = '\0'; Err bitreich.org 70 i Err bitreich.org 70 i /* read description or .git/description */ Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "description"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "description"); Err bitreich.org 70 i if (!(fpread = fopen(path, "r"))) { Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/description"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/description"); Err bitreich.org 70 i fpread = fopen(path, "r"); Err bitreich.org 70 i } Err bitreich.org 70 i if (fpread) { Err bitreich.org 70 i@@ -916,11 +931,17 @@ main(int argc, char *argv[]) Err bitreich.org 70 i } Err bitreich.org 70 i Err bitreich.org 70 i /* read url or .git/url */ Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "url"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", "url"); Err bitreich.org 70 i if (!(fpread = fopen(path, "r"))) { Err bitreich.org 70 i- snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i+ r = snprintf(path, sizeof(path), "%s%s%s", Err bitreich.org 70 i repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/url"); Err bitreich.org 70 i+ if (r == -1 || (size_t)r >= sizeof(path)) Err bitreich.org 70 i+ errx(1, "path truncated: '%s%s%s'", Err bitreich.org 70 i+ repodir, repodir[strlen(repodir)] == '/' ? "" : "/", ".git/url"); Err bitreich.org 70 i fpread = fopen(path, "r"); Err bitreich.org 70 i } Err bitreich.org 70 i if (fpread) { Err bitreich.org 70 .