mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Possible bugs fixed, all received strings now force NULL terminate.
This commit is contained in:
irungentoo
parent
b73ba8244a
commit
01365342fc
|
|
@ -808,18 +808,16 @@ void doFriends(Messenger *m)
|
||||||
}
|
}
|
||||||
|
|
||||||
case PACKET_ID_STATUSMESSAGE: {
|
case PACKET_ID_STATUSMESSAGE: {
|
||||||
if (data_length == 0)
|
if (data_length == 0 || data_length > MAX_STATUSMESSAGE_LENGTH)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
uint8_t *status = calloc(MIN(data_length, MAX_STATUSMESSAGE_LENGTH), 1);
|
data[data_length - 1] = 0; /* Make sure the NULL terminator is present. */
|
||||||
memcpy(status, data, MIN(data_length, MAX_STATUSMESSAGE_LENGTH));
|
|
||||||
|
|
||||||
if (m->friend_statusmessagechange)
|
if (m->friend_statusmessagechange)
|
||||||
m->friend_statusmessagechange(m, i, status, MIN(data_length, MAX_STATUSMESSAGE_LENGTH),
|
m->friend_statusmessagechange(m, i, data, data_length,
|
||||||
m->friend_statuschange_userdata);
|
m->friend_statuschange_userdata);
|
||||||
|
|
||||||
set_friend_statusmessage(m, i, status, MIN(data_length, MAX_STATUSMESSAGE_LENGTH));
|
set_friend_statusmessage(m, i, data, data_length);
|
||||||
free(status);
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -839,9 +837,15 @@ void doFriends(Messenger *m)
|
||||||
case PACKET_ID_MESSAGE: {
|
case PACKET_ID_MESSAGE: {
|
||||||
uint8_t *message_id = data;
|
uint8_t *message_id = data;
|
||||||
uint8_t message_id_length = 4;
|
uint8_t message_id_length = 4;
|
||||||
|
|
||||||
|
if (data_length <= message_id_length)
|
||||||
|
break;
|
||||||
|
|
||||||
uint8_t *message = data + message_id_length;
|
uint8_t *message = data + message_id_length;
|
||||||
uint16_t message_length = data_length - message_id_length;
|
uint16_t message_length = data_length - message_id_length;
|
||||||
|
|
||||||
|
message[message_length - 1] = 0;/* Make sure the NULL terminator is present. */
|
||||||
|
|
||||||
if (m->friendlist[i].receives_read_receipts) {
|
if (m->friendlist[i].receives_read_receipts) {
|
||||||
write_cryptpacket_id(m, i, PACKET_ID_RECEIPT, message_id, message_id_length);
|
write_cryptpacket_id(m, i, PACKET_ID_RECEIPT, message_id, message_id_length);
|
||||||
}
|
}
|
||||||
|
|
@ -853,6 +857,11 @@ void doFriends(Messenger *m)
|
||||||
}
|
}
|
||||||
|
|
||||||
case PACKET_ID_ACTION: {
|
case PACKET_ID_ACTION: {
|
||||||
|
if (data_length == 0)
|
||||||
|
break;
|
||||||
|
|
||||||
|
data[data_length - 1] = 0;/* Make sure the NULL terminator is present. */
|
||||||
|
|
||||||
if (m->friend_action)
|
if (m->friend_action)
|
||||||
(*m->friend_action)(m, i, data, data_length, m->friend_action_userdata);
|
(*m->friend_action)(m, i, data, data_length, m->friend_action_userdata);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user